I have recently had a number of issues with SSO in my lab environment, to help me troubleshoot this I have had to get familiar with the SSO command line options.
First start a command prompt from “C:\Program Files\VMware\Infrastructure\SSOServer\utils”
To list your SSO identity sources fun the following command
manage-identity-sources -a list
This will display your identity sources as below
To delete a identity source run the following command
manage-identity-sources -a delete
This will ask you for the ID to delete, the ID can be found in the list output above
To create a new SSO identity source you are able to use the following command
manage-identity-sources -a create
Please note you can either use ldaps which utilises 3269 or ldap which uses 389. I have recently had an issue where my installation has previously worked, now has issues utilising ldaps even though I don’t have a PKI server or root CA on my domain and all of a sudden it now doesn’t work. I’m assuming this is an issue on my domain that I will look into further.