You can allow the users and groups in your Microsoft Active Directory (AD) domain to use their credentials to log in to the SDDC Manager Dashboard as well as the vCenter Server instances that are deployed in your Cloud Foundation system.

You provided a password for the superuser account (user name vcf) in the deployment parameter workbook before bring-up. After Cloud Foundation is deployed, you can log in with the superuser credentials and then add vCenter Server or AD users or groups to Cloud Foundation. Authentication to the SDDC Manager Dashboard uses the VMware vCenter® Single Sign-On authentication service that is installed during the bring-up process for your Cloud Foundation system.

Users and groups can be assigned roles to determine what tasks they can perform from the UI and API.