I have a couple of TKGs clusters setup with vSphere with Tanzu. Everything seems to be working with the cluster itself. I am using our Active Directory SSO integration to sign in. I have an administrative user and I'm able to login to the cluster just fine and use the kubectl CLI to interact with it. This is the same user that created the namespaces/TKGs clusters. Within the namespace in vSphere, I have granted my non-admin user "edit" access to the TKGs clusters so I don't have to use my admin user to interact with the TKGs clusters via kubectl. When trying to sign in with my regular user, however, it gives me the following error during the sign in process with the kubectl vsphere login command.
FATA[0012] Failed to get available workloads, response from the server was invalid.
As I mentioned before, it is working fine for my admin user, so I know the SSO integration is working fine. Is there any additional rights within vSphere that I have to grant my regular user to allow it to login with kubectl?
I'm attempting to login with this command
kubectl vsphere login --server <cluster ip> --tanzu-kubernetes-cluster-namespace <namespace> --tanzu-kubernetes-cluster-name <tkg cluster name>
I also provisioned a new vsphere local user within the vsphere.local domain, and that user is able to login as well. I'm not sure why my non-admin active directory user is failing.
