vRealize Automation uses identity stores to authenticate users. Each tenant is associated with at least one identity store when it is created, but you can add new ones if necessary.

About this task

When you delete an identity store, this removes the roles assigned to users from this store, the roles assigned to users from custom groups, and the information about which services are available to this user. Entries for entitlements and business groups are not affected.


Log in to the vRealize Automation console as a tenant administrator.


  1. Select Administration > Directories Management > Directories.
  2. Click the Add icon (Add).
  3. Enter a name in the Name text box.
  4. Select the type of the identity store from the Type drop-down menu.
  5. Enter the following Identify Store configuration options.




    Enter the URL for the identity store. For example, ldap://


    Enter the domain for the identity store.

    (Optional) Domain Alias

    Enter the domain alias.

    Login User DN

    Enter the login user Distinguished Name. For example, cn=demoadmin,ou=demo,dc=dev,dc=mycompany,dc=com.


    Enter the password for the identity store login user.

    Group Search Base DN

    Enter the group search base Distinguished Name. For example, ou=demo,dc=dev,dc=mycompany,dc=com.

    User Search Base DN

    Enter the user search base Distinguished Name.

  6. Click Test Connection.
  7. Click Add.

What to do next

Assign Roles to Directory Users or Groups.