If you have federated with VMware Cloud services, you can select groups from your corporate source domain and assign them roles in your organization. These groups are called enterprise groups.

Note: See: Setting Up Enterprise Federation with VMware Cloud Services
Enterprise groups are groups synced from your corporate domain. You can assign roles to more than one enterprise group at a time, and view the members in a selected group. For more information, see: Learn more about how to sync groups and set up federation for your domain.
The members of the group you assign can hold several roles:
  • Organization role: A role within the organization - organization owner or organization member. To see the privileges assigned to each of these roles, see Organizational Roles and VMware Cloud Services.
  • Service role: A role within one or more VMware Cloud services. For more information, see Predefined User Roles.
  • A custom role configured by the organization owner to have specific permissions for the VMware Carbon Black Cloud or other services. For more information, see How do I work with custom roles.

Procedure

  1. From the Carbon Black Cloud console, click the VMware Cloud Services Application Menu in the top-right corner and select Identity & Access Management.
  2. From the left menu, select Groups.
  3. Click Select groups from your source domain and click Continue.
  4. Search for the enterprise groups to which you want to assign roles.
  5. Assign the group an organization role.
    Refer to the link above to see the permissions of each role.
  6. Assign the group access to the VMware Carbon Black Cloud service by clicking Add service access and selecting VMware Carbon Black Cloud along with the Predefined User Roles you want to assign to the group.
  7. To give the group access to another service, click Add Service Access, and assign a role.
  8. Optionally, assign a Custom Role to the group by clicking Add Custom Role Access.
  9. Click Add.
    To send an email to users with the organization member role, select the check box. Users with the organization owner role are automatically sent an email.

What to do next

To return to the Carbon Black Cloud console, click Services and then launch the Carbon Black Cloud service.