Starting with version 1.6, you can add users from an existing LDAP or Active Directory group to VMware Cloud Provider Lifecycle Manager. You can grant these users appropriate permissions to determine what rights a user has within VMware Cloud Provider Lifecycle Manager.
You can also assign roles to imported LDAP and Active Directory groups that a user is a member of.
VMware Cloud Provider Lifecycle Manager uses roles to determine what actions a user can perform in the appliance. VMware Cloud Provider Lifecycle Manager includes a number of predefined roles with specific rights.
Managing Users and Groups in VMware Cloud Provider Lifecycle Manager
If you assign a specific role to an imported user, and the same user is a member of an imported LDAP or Active Directory group that is assigned with a different set of roles, VMware Cloud Provider Lifecycle Manager merges the group and user-specific roles for this user.