I already solved this problem, but I'm posting it here for future reference.
Scenario:
- You have two (or more) VMware vCenter servers in linked mode.
- You have the same permissions on all of them.
- You are not a local Administrator on the server themselves.
- You can successfully connect to each one of the vCenter servers using the vSphere Client.
Symptoms:
- When you connect to a vCenter server, you get an error about an authentication failure connecting to the other linked one(s), and you can't access it/them in the client.
- This happens when connecting to any one of the linked vCenter servers: you can only access the one you're connected to, not the other linked one(s).
Best Answer
Turned out that, in order to remotely access a linked vCenter server, you need the "log on as a batch job" Windows right on the server, which only local Administrators have by default.
If you grant your user account this right (directly or through a local or domain group) on all linked vCenter servers, you'll be able to successfully access all of them when connecting to one, which is the exact purpose of setting them up in linked mode in the first place; all VMware permissions continue to apply as usual, this additional right only enables you to connect to linked vCenter servers.
The right can be configured in the local security policy of the servers ("User rights assignment" section), or via AD Group Policies.
This is completely undocumented by VMware, BTW.
Update:
It finally got documented: http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1025991.