You can add, edit, or remove vRealize Operations Manager user accounts, and import user accounts from an external LDAP database. With access control, you manage roles, the objects a user can access while assigned a specific role, and the membership in user groups.

Where You Manage User Accounts

You can manage user accounts by selecting Administration, and clicking Access Control.

Table 1. Access Control User Accounts Summary Grid

Summary Grid Options

Description

User Accounts toolbar

To manage user accounts, use the toolbar icons.

  • Add icon. Add a user account, and provide the details for the user account in the Add User Account workspace.

  • Edit icon. Edit the selected user account, and modify the details for the user group in the Edit User Account workspace.

  • Delete icon. Delete a user account.

  • Import Users icon. Import a user account from an authentication source.

First Name

User's first name, created when you create the user account.

Last Name

User's last name, created when you create the user account.

User Name

User name, without spaces, that will log in to vRealize Operations Manager.

Email

User's email address, created when you create the user account.

Description

Description of the user account, defined when you create the user account. This information can identify the type of user and a summary of their access privileges.

Source Type

Indicates whether the user account is a local user, or an external user who is integrated through an external authentication source, such as from LDAP, SSO, AD, OpenLDAP, vCenter Server.

Enabled

Indicates whether the user account is enabled to use vRealize Operations Manager features. An administrator can edit a user account to manually enable it, or disable it to prevent user access to vRealize Operations Manager.

Locked

Indicates whether vRealize Operations Manager has locked the user account. For example, a user account could become locked based on the password lockout policy, or if the user enters an incorrect password three times in the span of five minutes.

Access All Objects

Indicates whether the user account is allowed to access all of the objects that are imported into the vRealize Operations Manager instance.

After you add a user account, use the Details grid to view and edit which user accounts are assigned to user groups, and view the permissions assigned to the user account.

Table 2. Access Control User Accounts Details Grid

Details Grid Options

Description

User Groups

Assigned user groups appear when you click a user in the summary grid. You can then view and modify which user groups the user is associated with.

  • Group Name: Identifies the user group. To change the user groups associated with the user account, click the Edit icon.

  • Members: Displays the number of users that are assigned to the user group.

Permissions

Permissions appear when you click a user in the summary grid, and click the Permissions tab in the Details grid. You can then view the roles assigned to the user, and object hierarchy details.

  • Role: Indicates the name of the role or roles assigned to the user.

  • Role Description: Displays the description entered for the role.

  • Object Hierarchy: Displays the name of the object hierarchy assigned to the user while holding this role.

  • Objects: Displays the number of objects included in the hierarchy that the user can access.

  • Association: Indicates if the role and objects are assigned to the selected user, or assigned to a user group to which the user belongs.