vSphere users are defined in an identity source. You can edit the details of an identity source that is associated with vCenter Single Sign-On.
- From a Web browser, connect to the vSphere Web Client or the Platform Services Controller.
Option Description vSphere Web Client https://vc_hostname_or_IP/vsphere-client Platform Services Controller https://psc_hostname_or_IP/psc
In an embedded deployment, the Platform Services Controller host name or IP address is the same as the vCenter Server host name or IP address.
- Specify the user name and password for email@example.com or another member of the vCenter Single Sign-On Administrators group.
If you specified a different domain during installation, log in as administrator@ mydomain.
- Navigate to the vCenter Single Sign-On configuration UI.
Option Description vSphere Web Client
- From the Home menu, select Administration.
- Under Single Sign-On, click Configuration.
Platform Services Controller Click Single Sign-On and click Configuration.
- Click the Identity Sources tab.
- Right-click the identity source in the table and select Edit Identity Source.
- Edit the identity source settings. The available options depend on the type of identity source you selected.
Option Description Active Directory (Integrated Windows Authentication) Use this option for native Active Directory implementations. The machine on which the vCenter Single Sign-On service is running must be in an Active Directory domain if you want to use this option. Active Directory as an LDAP Server This option is available for backward compatibility. It requires that you specify the domain controller and other information. See Active Directory LDAP Server and OpenLDAP Server Identity Source Settings. OpenLDAP Use this option for an OpenLDAP identity source. See Active Directory LDAP Server and OpenLDAP Server Identity Source Settings. LocalOS Use this option to add the local operating system as an identity source. You are prompted only for the name of the local operating system. If you select this option, all users on the specified machine are visible to vCenter Single Sign-On, even if those users are not part of another domain.
- Click Test Connection to ensure that you can connect to the identity source.
- Click OK.