What are Default Domains for vCenter Single Sign On
Each identity source known to vCenter Single Sign On is associated with a domain (not active directory domain). You can specify 1 or more default domains.
Why use or what is the benefit of it?
vCenter Single Sign On uses default domains to authenticate users when a user name is provided without a domain name. If a user name exists in more than one of the specified default domains, and you don’t use domainnameusername format or username@domainname format, SSO attempts to authenticate the user against each domain in the order listed. Authentication succeeds with the first domain that accepts the credentials that the user provided. By default, Single Sign On first validates the user against the local operating system identity source.