To allow the LDAP users to log into vRealize Network Insight, you must configure the LDAP service in the vRealize Network Insight platform.


You must have the Administrator privilege.


  1. Log in to vRealize Network Insight and click Settings.
  2. Under Identity & Access Management, select LDAP.
  3. Click Configure.
  4. Provide the following information.
    Field Description
    Domain Enter the domain name. This is typically the last part of the user email address after the '@' sign. Example: For a user logging in as, this field is
    LDAP Host URLs Enter the host name. You can specify multiple LDAP Host URLs separated by commas.
    Group based access control Select this option to configure a group and provide a role to the members of that group.
    1. UnderBase DN, type the Base DN, the point from which the server starts searching for users.
    2. Provide the search attribute.
    3. Under Group DN, select the role of the user for each group.

      If you select the administrator role for a particular group, then all the members of that group have the administrator privilege. Similarly, if you select the member role for a particular group, then all the members of that group have the member privilege. If this option is not selected, then the group setting is used to assign the privileges. But other valid LDAP users who do not belong to the groups that you have added can log in to the product.

    4. Click Add more to add groups in the inclusion list.
    5. Select the Restrict access to members of the above groups only option to allow access to the users only from the LDAP groups (direct or inherited membership) that you have added.
    Username User with the necessary rights to log in using the settings provided.
    Password Password of the user.

  5. Click SUBMIT.
    After configuration, you see the LDAP details you have configured.