You must configure dual authentication in order to perform certain tasks, such as updating or rotating passwords and configuring NSX Manager backups.
You will use the vSphere Client to create a new SSO group (
Sddc_Secured_Access), add a user to the group, and assign a password to that user. The user is called the privileged user and will be required, along with its password, to perform certain tasks from the SDDC Manager UI or the VMware Cloud Foundation API.
To perform this operation, you need to log in to the management vCenter Server as the
firstname.lastname@example.org user or another user who has the administrator role.
- Log into management vCenter Server using the vSphere Client.
- Navigate to Administration > Single Sign On > Users and Groups.
- Click the Users tab and select the domain from the drop-down list.
- To create a new user in the selected domain, click Add User, enter the required information, and click Add.
- Click the Groups tab and click Add Group.
- Create a group named Sddc_Secured_Access, add the new or existing user to the group, and click Add.