You can integrate your enterprise directory with VMware Workspace ONE Access to sync users and groups to the VMware Workspace ONE Access service. Updates made in the directory configuration from vRealize Suite Lifecycle Manager are reflected in VMware Workspace ONE Access.

You can create, read, update, and delete directories in VMware Workspace ONE Access.

Options available under the directory management.
  • Directories - You can create and manage Active Directories on vRealize Suite Lifecycle Manager. You can create one or more directories and sync them with their enterprise directories. With view directory, you can check sync logs and sync alerts apart from showing basic directory metadata. The directory edit allows an update for the mapped attributes, user, and group DNs. You can delete a directory configuration from vRealize Suite Lifecycle Manager.
  • User Attribute Definitions - The user attributes lists the default user attributes that sync in the directory and you can add other attributes that you can map to Active Directory attributes.
Note: Directory Management is managed by the default vRealize Suite Lifecycle Manager admin user - admin@local.

Supported directories

  • Active Directory over LDAP - If you plan to connect to a single Active Directory domain environment, create this directory type
  • Active Directory, Integrated Windows Authentication - Create this directory type if you plan to connect to a multi-domain or multi-forest Active Directory environment.
  • Secure LDAP
    Note: For a FIPS-enabled VMware Workspace ONE Access, the bind password must be of fourteen characters.
To configure your enterprise directory, you perform the following tasks.
  • Create a directory of the same type as your enterprise directory and specify the connection details.
  • Map the VMware Workspace ONE Access attributes to attributes used in your Active Directory or LDAP directory.
  • Specify the users and groups to sync.
  • Sync users and groups.

After you integrate your enterprise directory and perform the initial sync, you can update the configuration and resync at any time.