You can allow active directory users (AD) to log in to vRealize Log Insight by using their domain credentials.
About this task
When you enable AD support in vRealize Log Insight, you configure a domain name and provide a binding user that belongs to the domain. vRealize Log Insight uses the binding user to verify the connection to the AD domain, and to verify the existence of AD users and groups.
The AD users that you add to vRealize Log Insight must either belong to the domain of the binding user, or to a domain that trusts the domain of the binding user.
Verify that you are logged in to the vRealize Log Insight web user interface as a user with the Edit Admin permission. The URL format is https://log-insight-host, where log-insight-host is the IP address or host name of the vRealize Log Insight virtual appliance.
Verify that you configured AD support. See Enable User Authentication Through Active Directory
- Click the configuration drop-down menu icon and select Administration.
- Under Management, click Access Control.
- Click New User.
- From the Authentication Method drop-down menu, select Active Directory.
The default domain name that you specified when you configured AD support appears in the Domain text box. If you are adding users from the default domain, do not modify the domain name.
- (Optional) If you want to add a user from a domain that trusts the default domain, type the name of the trusting domain in the Domain text box.
- Type the name of a domain user.
- From the Roles list on the right, select one or more predefined or custom user roles.
Users can access the full functionality of vRealize Log Insight to view log events, run queries to search and filter logs, import content packs into their own user space, add alert queries, and manage their own user accounts to change their password or email address. Users do not have access to the administration options, cannot share content with other users, cannot modify the accounts of other users, and cannot install a content pack from the Marketplace. However, you can import a content pack into your own user space which is visible only to you.
Dashboard users can only use the Dashboards page of vRealize Log Insight.
View Only Admin
View Admin users can view Admin information, have full User access and can edit Shared content.
Super Admin users can access the full functionality of vRealize Log Insight, can administer vRealize Log Insight, and can manage the accounts of all other users.
- Click Save.
vRealize Log Insight verifies whether the user exists in the domain that you specified or in its trusted domains. If the user does not exist, a dialog box informs you that vRealize Log Insight cannot verify that user. You can save the user without verification or cancel and correct the user name.
AD users that you add can use their domain credentials to log in to vRealize Log Insight.