New in vRealize Operation Manager 6.2 is the ability to add and authorize new users by importing them from a Single Sign-On source. The following guide will show you how to setup the SSO authentication source and then show you how to import users from it. In the example we imported the administrator@vsphere.local user. In our setup we are importing from an external vCenter 6 PSC.
Step 1: Setting up the SSO Authentication Sources
-
Click on Administration > Authentication Sources > + Sign
-
Configure the following
- Enter a Display name
- For the Host enter the PSC DNS name, if the PSC is embedded then enter the vCenter server name, if you are using a PSC HA configuration you would enter the VIP here.
- Enter the SSO username name (example administrator@vsphere.local)
- Enter the SSO password
- Grant access to Administrator
-
Click on Test to verify
-
Accept the certificate and click on OK
-
Make sure the Test Connection was Successful and click on OK twice to save.
- Next select the Users Groups we want to import and click on Next
- Assign the Role to the Group and click on Finish
Step 2: Importing Users from the SSO Authentication Source
-
Now if want to be able to be able to login as Administrator@vsphere.local account we will need to import it by going to Administration > Access Control >
-
Change Import From to the SSO Authentication Source we created earlier and search for the administrator@vsphere.local account. Select it and click on Next
-
Assign groups to the SSO account, notice that it can only be assigned to local groups
-
Click on Objects and select Role and objects to assign to it. Click on Finish when done
- You should now be able to login using Administrator@vsphere.local account under All vCenter Servers Authentication Source