You can configure the default tenant identity store for Native Active Directory if you joined the Identity Appliance to your Active Directory domain.

About this task

You can configure an Active Directory in native mode for the default tenant only.

Migration Note:

For migration, you must configure your identity store to use Native Active Directory. Migration is supported only to the default tenant, vsphere.local, in the target system and only if the default tenant is configured for Native Active Directory.


Verify that your Identity Appliance is joined to your Native Active Directory domain. See Configure the Identity Appliance.


  1. Log in to the vRealize Automation console as the system administrator of the default tenant.
    1. Navigate to the vRealize Automation console.



      If you are using a load balancer

      With no load balancer

    2. Log in with the user name administrator@vsphere.local and the password you defined for this user when you configured SSO.
  2. Select Administration > Tenants.
  3. Click the name of the default tenant, vsphere.local.
  4. Click the Identity Stores tab.
  5. Click the Add icon (Add).
  6. Select Native Active Directory from the Type drop-down menu.
  7. Enter the domain for the identity store in the Domain text box.
  8. Click Add.
  9. Click Update.


Your new identity store is saved and associated with the tenant. You are directed to the Administrators tab for the next step in the process.

What to do next

Appoint Administrators.