You can add an existing VMware Identity Manager or deploy new VMware Identity Manager through vRealize Suite Lifecycle Manager.

Adding VMware Identity Manager is an optional step and by configuring VMware Identity Manager with single sign-on across vRealize Suite Lifecycle Manager and products can be achieved.
Note: VMware Identity Manager acts as an identity provider and manages SSO for the vRealize Suite products and vRealize Suite Lifecycle Manager when integrated with vRealize Suite Lifecycle Manager. SSO provides a single set of credentials to access all vRealize Suite applications and vRealize Suite Lifecycle Manager. With SSO, you are only required to log in once, and then you can seamlessly access all vRealize Suite applications.

In vRealize Suite Lifecycle Manager, you can provide a suite administrator (in AD Settings) at the time of configuring VMware Identity Manager with vRealize Suite Lifecycle Manager. vRealize Suite products deployed after this configuration can be accessed with the suite administrator credentials with one time authentication.

Note: When VMware Identity Manager is used with vRealize Suite Lifecycle Manager, only Active Directory over LDAP and Active Directory with IWA are used to sync users and groups to the VMware Identity Manager service. Active Directory over LDAP and Active Directory with IWA are the only supported directory integration.

Deployment of an identity manager through vRealize Suite Lifecycle Manager is through a single node with an Internal PostgreSQL database embedded in the appliance and does not support an external database like Microsoft SQL. vRealize Suite Lifecycle Manager does not perform cluster-based installations of VMware Identity Manager.

Prerequisites

Verify that you have an existing VMware Identity Manager version 2.9.2, 3.2.0, 3.2.0.1, 3.3.0 as vRealize Suite Lifecycle Manager supports only these versions.

Procedure

  1. Click Settings and navigate to User Management > Authentication Source.
  2. You can either select Add an Existing Identity Manager or Install a New Identity Manager.
    1. If you want to add an existing identity manager then, enter the Host Name, User Name, Password and click Add.
    2. To replace certificate, click Replace Certificate.
    3. If you do not want to use the identity manager, then click Unregister. If you unregister, the associated roles and active directories from vRealize Suite Lifecycle Manager are also deleted. Therefore, read the warning message and then click Delete.
    When you register an existing identity manager to update, a duplicate catalog entry is created.
    Note: VMware Identity Manager 3.2 or later does not automatically sync users under a corresponding group that are synced through group DN unless they are manually synced or entitled to an application. For more information, see KB article 55737 and KB article 55727.
  3. Click Upgrade and select the required Repository Type.
    Option Description
    VMware Repository You can provide a online source.
    Repository URL You can provide an upgrade link.
    vRSLCM Repository You can upload a upgraded file and map them locally in vRealize Suite Lifecycle Manager.
  4. Select the version to which you want to upgrade the identity manager.
  5. Enter the SSH Password, vIDM Root Password and click Next.
  6. Click Run Precheck and click Upgrade.
  7. If you have selected to install a new existing identity manager.
    1. Select an existing data center or click + to add a data center.
    2. Select Identity Manager version from the drop-down menu.
    3. Click Install.
  8. Under Access Control, after configuring VMware Identity Manager, click Add User/Group to add existing Active Directory users and assign roles to manage vRealize Suite Lifecycle Manager.
    User Roles Permissions
    LCM Admin:vRealize Suite Lifecycle Manager administrator The user has full admin rights.
    LCM Cloud Admin: Cloud administrator for vRealize Suite Lifecycle Manager The user has admin rights without Settings page.
    Release Manager The user can review and approve the request related to Content Management. The user can release the content to Production.
    Content Developer A Content developer has the permission to create all the content in the product.
  9. To remove an existing user from the list of users, click Remove User.
    With 1.3 onwards, when you remove a user, it means that you are removing the role mapping for that selected user. Therefore, the user is not available from the vRealize Suite Lifecycle Manager access control.

Results

After vRealize Suite Lifecycle Manager is registered to the identity manager, vRealize Suite Lifecycle Manager is visible in the VMware Identity Manager app catalog. You should have at least one role attached to that user.

What to do next

You can view the installation progress for a new VMware Identity Manager on the Requests tab. When the request shows a status as COMPLETED, vRealize Suite Lifecycle Manager is registered to VMware Identity Manager.