Working with the Identity and Tenant Management service in VMware Aria Suite Lifecycle

Use user and identity management options to map users in VMware Workspace ONE Access to roles that are available in VMware Aria Suite Lifecycle.

Note that the VMware Identity Manager and Workspace ONE Access terms are used interchangeably in VMware Aria Suite Lifecycle product documentation.

Configuring VMware Workspace ONE Access is a mandatory process before you install any VMware Aria Suite products. If you have not installed VMware Workspace ONE Access when installing VMware Aria Suite Lifecycle, you are prompted to configure and proceed.

Deployment of an identity manager through VMware Aria Suite Lifecycle is performed either through a single node or a cluster with an internal PostgreSQL database embedded in the appliance and does not support an external database like Microsoft SQL. VMware Aria Suite Lifecycle supports scale-out of VMware Workspace ONE Access. For more information, see Scale out Workspace ONE Access for high availability in VMware Aria Suite Lifecycle.

After you deploy a global environment successfully, you can view the following options in the VMware Aria Suite Lifecycle > Identity and Tenant Management service.

Directory Management
User Management
Tenant Management

Identity and Tenant management screen displaying the 3 cited options.

The following roles are available and visible on the User Management page:

LCM Cloud Admin
Content Developer
Content Release Manager
Certificate Administrator

Although the VMware Aria Suite Lifecycle Cloud Admin has access to the VMware Workspace ONE Access service, only a few services in the VMware Aria Suite Lifecycle > Lifecycle Operations > Settings tab (for example, NTP Server Setting, SNMP, DNS, My VMware, and Binary Mapping) are accessed.

Only the LCM Cloud Admin role and the admin@local user have access rights to all the settings in the Identity and Tenant Management service. The default admin@local user is the only application administrator who can modify the User Management service, which in turn handles the Directory Management and Identity Management services.

Note: With migration from earlier versions of VMware Aria Suite Lifecycle to the current VMware Aria Suite Lifecycle version, the VMware Workspace ONE Access Admin and VMware Workspace ONE Access Cloud Admin roles are converged into VMware Workspace ONE Access Cloud Admin. All users who were part of VMware Workspace ONE Access Admin in the previous versions of VMware Aria Suite Lifecycle would now become VMware Workspace ONE Access Cloud Admin in VMware Aria Suite Lifecycle.

Adding VMware Workspace ONE Access is an optional step and by configuring VMware Workspace ONE Access with single sign-on across VMware Aria Suite Lifecycle and products can be achieved.

Note: When VMware Workspace ONE Access is used with VMware Aria Suite Lifecycle, only Active Directory over LDAP and Active Directory with IWA are used to sync users and groups to the VMware Workspace ONE Access service. Active Directory over LDAP and Active Directory with IWA are the only supported directory integration.