vCenter 5.1 XenDesktop 5.6FP1 and Host Connections

We recently upgrade to vCenter Server 5.1 and had an issue with our XenDesktop Desktop Controllers. Version 5.1 significantly changes the authentication method with vCenter by breaking out authentication to a separate service called the vCenter Single Sign On service.

When viewing the information in the XD Desktop Studio the host connection to our vCenter server had a red X indicating there was an issue connecting to the host. The XD Host Service was started so that wasn't the problem.

As is our security practice we limit service accounts to only be able to login to certain servers. It appears that the vCenter SSO services just validates an Active Directory user's password by attempting a login to an AD Global Catalog server (or a Domain Controller). Since we weren't allowing our XenDesktop service account to login to our domain controllers the password validation was failing.

After adding our domain controllers to the allowable logon computers in the properties for the service account in AD then the host service could login properly and the host connection in the Desktop Studio returned to the green check mark.

Hope this helps someone,