VMware Cloud Foundation 4.5

5.2 5.1 5.0 4.5
Deutsch Français Italiano 日本語 English

User and Group Management

You can add users and groups to
VMware Cloud Foundation
 to provide users with access to the
SDDC Manager UI
 as well as the vCenter Server instances that are deployed in your
VMware Cloud Foundation
 system. Users can log in and perform tasks based on their assigned role.
Before you can add users and groups to
VMware Cloud Foundation
, you must configure an identity provider that has access to user and group data.
VMware Cloud Foundation
 supports the following identity providers:
  • vCenter Single Sign-On is
    vCenter Server
    's built-in identity provider. By default, it uses the system domain (for example,
    vsphere.local
    ) as its identity source. You can add Active Directory over LDAP and OpenLDAP as identity sources for vCenter Single Sign-On.
  • Active Directory Federation Services (AD FS) is supported as an external identity provider that can be used instead of vCenter Single Sign-On.
Once you have configured an identity provider, you can add users and groups, and assign roles to determine what tasks they can perform from the
SDDC Manager UI
 and
VMware Cloud Foundation
 API.
In addition to user accounts,
VMware Cloud Foundation
 includes the following accounts:
  • Automation accounts for accessing
    VMware Cloud Foundation
     APIs. You can use these accounts in automation scripts.
  • Local account for accessing
    VMware Cloud Foundation
     APIs when vCenter Server is down.
  • Service accounts are automatically created by
    VMware Cloud Foundation
     for inter-product interaction. These are for system use only.

Content feedback and comments