New in vRealize Operation Manager 6.2 is the ability to add and authorize new users by importing them from a Single Sign-On source. The following guide will show you how to setup the SSO authentication source and then show you how to import users from it. In the example we imported the email@example.com user. In our setup we are importing from an external vCenter 6 PSC.
Step 1: Setting up the SSO Authentication Sources
Click on Administration > Authentication Sources > + Sign
Configure the following
- Enter a Display name
- For the Host enter the PSC DNS name, if the PSC is embedded then enter the vCenter server name, if you are using a PSC HA configuration you would enter the VIP here.
- Enter the SSO username name (example firstname.lastname@example.org)
- Enter the SSO password
- Grant access to Administrator
Click on Test to verify
Accept the certificate and click on OK
Make sure the Test Connection was Successful and click on OK twice to save.
- Next select the Users Groups we want to import and click on Next
- Assign the Role to the Group and click on Finish
Step 2: Importing Users from the SSO Authentication Source
Now if want to be able to be able to login as Administrator@vsphere.local account we will need to import it by going to Administration > Access Control >
Change Import From to the SSO Authentication Source we created earlier and search for the email@example.com account. Select it and click on Next
Assign groups to the SSO account, notice that it can only be assigned to local groups
Click on Objects and select Role and objects to assign to it. Click on Finish when done
- You should now be able to login using Administrator@vsphere.local account under All vCenter Servers Authentication Source