You can add an existing VMware Identity Manager or deploy new VMware Identity Manager through vRealize Suite Lifecycle Manager.

Adding vIDM is an optional step and by configuring vIDM, single sign on experience across vRealize Suite Lifecycle Manager and products can be achieved.

Prerequisites

Verify that you have an existing VMware Identity Manager version 2.9.2, 3.2.0, 3.2.0.1, 3.3.0 as vRealize Suite Lifecycle Manager supports only these versions.

Procedure

  1. Click Settings and click the User Management tab.
  2. Under Authentication Source, select whether to add an existing identity manager or install a new identity manager.

    Option

    Description

    Add Existing Identity Manager

    1. Click the vIDM Host name, username and password.

    2. Click ADD ACTIVE DIRECTORY at the bottom of the page and provide active directory details.

    3. Enter the Active Directory Domain Name, Base DN, Bind DN username and password as provided in the Identity manager Directory.

    4. Enter the User DN and Group DN which will be appended to the existing User and Group DN's.

    5. Enter the host name for the identity manager in the form of a fully qualified domain name.

    6. Enter the admin user name, Admin Group name, and password for the identity manager, and click Update.

    7. Select the Sync Nested Group Members option and enter the Suite Administrator.

    8. Click Submit.

    Install New Identity Manager

    1. Click ADD ACTIVE DIRECTORY at the bottom of the page and provide active directory details.

    2. Select an existing data center or click + to add a new data center.

      For information on adding a new data center, see Add a Data Center to vRealize Suite Lifecycle Manager.

    3. Click Install.

    4. Accept the EULA and provide the Infra and network details.

    5. Enter host and IP details, and passwords for root and SSH user.

    6. Click Submit and click SAVE to close the wizard.

    When you register an existing identity manager to update, a duplicate catalog entry is created.

    Note:

    After vIDM configuration in vRealize Suite Lifecycle Manager, the vIDM server does not sync with users who does not have a email address in the user account.

    Note:

    vRealize Identity Manager 3.2 or later does not automatically sync users under a corresponding groups that are synced through group DN unless they are manually synced or entitled to an application. For more information, see KB article 55737 and KB article 55727.

  3. Under Access Control, after configuring VMware Identity Manager, click Add User/Group to add existing Active Directory users and assign roles to manage vRealize Suite Lifecycle Manager.
  4. To remove an existing user from the list of users, click Remove.

    With 1.3 onwards, when you remove a user, it means you are removing the role mapping for that selected user. Hence the user is not available from vRealize Suite Lifecycle Manager access control.

Results

After vRealize Suite Lifecycle Manager is registered to the identity manager, vRealize Suite Lifecycle Manager is visible in the VMware Identity Manager app catalog. You should have at least one role attached to that user.

What to do next

You can view install progress for a new VMware Identity Manager on the Requests tab. When the request shows a status of COMPLETED, vRealize Suite Lifecycle Manager is registered to VMware Identity Manager.