Intro
I’ve been meaning to put up this simple blog post for a while now as I run into this quite often and then find myself searching the web looking for the right URL to resolve it. Since the main purpose of my blog is as a reference tool for myself I figure it’s about time I post this.
Since way back in the 2.x days NSX-T was integrated with vIDM now known as Workspace One, this is most often used when the NSX deployment is part of VMware Cloud Foundation. It used to be much more common when a customer wanted LDAP authentication however for standalone NSX deployments LDAP is now directly supported from NSX as such I really only see the vIDM integration with VCF deployments.
Thie Issue
So whats the issue? Well what happens if the vIDM integration fails or its down or you simply don’t want to login via LDAP? You used to be able to select local vs remote authentication however now the system will always try and revert to the vIDM and so you can be caught in a loop whereby the normal URL say https://nsxtman01.lab.local now just redirects you to the WSA/vIDM appliance and sometimes won’t even give you a login page.
You may even just get an error such as .
An error occurred during OAuth2 operation. Please contact your administrator to resolve the issue.
{ “error”: “invalid_request”, “error_description”: “Must provide a matching redirect uri.” }
Forcing local login.
Luckily we can add to the URL of the NSX-T manager and force it to give us the local login screen simply by typing the URL as follows.
https://<NSX-T_FQDN/IP>/login.jsp?local=true