You import user groups from a single sign-on server, VMware Identity Manager, Active Directory, or an LDAP database on another machine so that you can use those groups in vRealize Operations.

Where You Import User Groups

  1. To import a user group, from the left menu, click Administration, and then click the Access Control tile.
  2. Select User Groups tab, click the horizontal ellipsis next to ADD button and select Import
    Note: You can edit the imported group to assign Roles and Scopes.

    The options displayed in the Import User Groups page depend upon the authentication source you select.

    Table 1. Import User Groups Page - LDAP, Active Directory, and Others Sources
    Option Description

    Import From

    Host machine configured as the source to import the user groups. These options are displayed when the host machine of an LDAP, Active Directory, or Other source is selected.

    User Name

    User name of the source credential to import user groups to the vRealize Operations instance.

    Password

    Password for the source credential to import user groups to the vRealize Operations instance.

    Search String

    Invoke the search for user groups.

    Basic

    Use the basic import setting with search option to look for user groups.

    Advanced

    Displays the advanced import settings.

    • Group Search Criteria. Search criteria to find LDAP groups. If not included, vRealize Operations uses the default search parameters: (|(objectClass=group)(objectClass=groupOfNames))
    • Member Attribute. Name of the attribute for a group object that contains the list of members. If not included, vRealize Operations uses member by default.
    • User Search Criteria. Search criteria to use the member field to find and cache LDAP users. You enter sets of key=value pairs in the form (|(key1=value1)(key2=value2)). If not included, vRealize Operations searches for each user separately. This operation might take extra time.
    • Member Match Field. Name of the attribute for a user object to match with the member entry from a group object. If not included, vRealize Operations treats the member entry as a distinguished name.
    • LDAP Context Attributes. Attributes that vRealize Operations applies to the LDAP context environment. You enter sets of key=value pairs separated by commas, such as java.naming.referral=ignore,java.naming.ldap.deleteRDNfalse.

    Group Name

    Displays a list of user groups. Select the Group Name check box to import all the displayed user groups, or select the check box next to each user group that you want to import.

    Table 2. Import User Groups Page - Single Sign On Source
    Option Description

    Import From

    Host machine configured as the source to import the user groups.

    Domain Name

    User name of the source credential to import user groups to the vRealize Operations instance.

    Result Limit

    Determines the number of groups displayed.

    Search Prefix

    Enter a search prefix to narrow your search.

    Group Name

    Displays a list of user groups. Select the Group Name check box to import all the displayed user groups, or select the check box next to each user group that you want to import.

    Table 3. Import User Groups from a VMware Identity Manager Source
    User Details Options Description

    Import From

    VMware Identity Manager configured as the source to import user groups.

    Domain Name

    Enter the domain name for import.

    Search Prefix

    Enter a search string, and click Search to start the search for user groups.

    Group Name Summary grid

    Lists the users available for import. Select the check box for each user group to import, or select the Group Name check box to import all groups. User groups that are already imported to vRealize Operations do not appear in the list.

  3. After you enter the import user group details, click Next.
  4. Click Finish.