Jvassev,
How have others worked around this issue in the past (before SSO) for long executing lifecycle workflows?
Currently using the SSO server is not an option (unless we setup an SSO server just for Orchestrator, we are currently running vSphere 5.0) as we discovered an issue (later verified by VMware) with the way the SSO server serially handles authentication requests which allowed for search queries to cause the SSO server to stop responding until a search query completes (basically a DoS as repeated queries prevent any logons and many vSphere Web Client activities). Normally this wouldn't be an issue to for many environments, but in our AD, we have hundreds of thousands of objects. We can narrow the search scope down by specifying the User and Group OUs, but the problem we have is that we need to authenticate users from multiple OUs which only share the root of the AD forest as a common point. Thus, our searches were being executed across every object in AD and would cause the SSO server to stop responding for up to 15 minutes every time a search query was executed. A SR was opened with GSS that was quickly escalated to a senior technical support engineer and to product engineering/developers, but the final response after a few months was that the issue would require large changes in the code base and that there wouldn't be any solution in the next minor release of 5.1 or the next major release (currently in beta).