You create one user at a time. When you add the user, you select the local directory that is configured with the local user attributes to use and the domain that the user signs in to.

In addition to adding user information, you select the user role, either as user or admin. The admin role allows the user to access the administration console to manage the VMware Identity Manager services.


  • Local directory created
  • Domain identified for local users
  • User attributes that are required selected in the local directory User Attributes page
  • Password policies configured
  • SMTP server configured in the Appliance Settings tab to send an email notification to newly created local users


  1. In the VMware Identity Manager console Users & Groups tab, click Add User.
  2. In the Add a user page, select the local directory for this user.
    The page expands to display the user attributes to configure.
  3. Select the domain that this user is assigned to and complete the required user information.
  4. If this user role is as an admin, in the User text box, select Admin.
  5. Click Add.


The local user is created. An email is sent to the user asking them to sign in to enable their account and create a password. The link in the email expires according to the value set in the Password Policy page. The default is seven days. If the link expires, you can click Rest Password to resend the email notification.

A user is added to existing groups based on the group attribute rules that are configured.

What to do next

Go the local user account to review the profile, add the user to groups, and entitle the user to the resources to use.

If you created an admin user in the system directory who is entitled to resources that are managed by a specific access policy, make sure that the application policy rules include Password (Local Directory) as a fallback authentication method. If Password (Local Directory) is not configured, the admin cannot sign in to the app.