In User or Identity Management, you can map users present in VMware Identity Manager to roles available in vRealize Suite Lifecycle Manager. Configuring VMware Identity Manager is a mandatory process before you install any suite products. If you have not installed when installing vRealize Suite Lifecycle Manager, you will still be prompted to configure and then proceed.

Deployment of an identity manager through vRealize Suite Lifecycle Manager is either through a single node or a cluster with an Internal PostgreSQL database embedded in the appliance and does not support an external database like Microsoft SQL. vRealize Suite Lifecycle Manager supports scale-out of the VMware Identity Manager. For more information, see Scale-Out VMware Identity Manager.

After you deploy a global environment successfully, under Identity and Tenant Management Service you can view.
  • Directory Management
  • User Management
  • Tenant Management
Following are the available roles.
  • LCM Cloud Admin
  • Content Developer
  • Content Release Manager
  • Certificate Administrator

Even though the vRealize Suite Lifecycle Manager Cloud Admin has access to the Lifecycle Operations service, only a few services in Settings tab like NTP Server Setting, SNMP, DNS, My VMware, and Binary Mapping are accessed. Only LCM Admin, the admin@local has the privilege to access all the settings in the Lifecycle Operations service. The default admin@local user is the only application admin who can access the User Management service, where Directory Management and Identity Management are handled.

Note: With migration from earlier versions of vRealize Suite Lifecycle Manager to the current vRealize Suite Lifecycle Manager version, the LCM Admin and LCM Cloud Admin roles are converged into LCM Cloud Admin. All users who were part of LCM Admin in the previous versions of vRealize Suite Lifecycle Manager would now become LCM Cloud Admin in vRealize Suite Lifecycle Manager.
Adding VMware Identity Manager is an optional step and by configuring VMware Identity Manager with single sign-on across vRealize Suite Lifecycle Manager and products can be achieved.
Note: When VMware Identity Manager is used with vRealize Suite Lifecycle Manager, only Active Directory over LDAP and Active Directory with IWA are used to sync users and groups to the VMware Identity Manager service. Active Directory over LDAP and Active Directory with IWA are the only supported directory integration.