You can import user accounts so that users can access the features of vRealize Operations and the objects in the environment. After you import user accounts, you can add them to non-imported user groups, assign roles and scopes to them.
Where You Import User Accounts
- To import user accounts, from the left menu, click Administration, and then click the Access Control tile.
- Click the horizontal ellipsis next to Add and then, click Import from Source to import user from another source.
Table 1. Import Users from a LDAP Source User Details Options Description Import From
Select the authentication source from the drop-down menu, the options are LDAP host machine, VMware Identity Manager, Active Directory, or Other sources configured to import user accounts. To know more about authentication,see Authentication Sources.
User Name
Click Use alternate credentials to display the user name of the LDAP source credential used to import user accounts to the vRealize Operations instance. Password
Password for the LDAP source credential to import user accounts to the vRealize Operations instance.
Basic
Use the basic import setting with search option to look for user accounts.
Advanced
Displays the advanced import settings.
- Group Search Criteria. Search criteria to find LDAP groups. If not included, vRealize Operations uses the default search parameters:
(|(objectClass=group)(objectClass=groupOfNames))
- Member Attribute. Name of the attribute for a group object that contains the list of members. If not included, vRealize Operations uses member by default.
- User Search Criteria. Search criteria to use the member field to find and cache LDAP users. You enter sets of key=value pairs in the form
(|(key1=value1)(key2=value2))
. If not included, vRealize Operations searches for each user separately. This operation might take extra time. - Member Match Field. Name of the attribute for a user object to match with the member entry from a group object. If not included, vRealize Operations treats the member entry as a distinguished name.
- LDAP Context Attributes. Attributes that vRealize Operations applies to the LDAP context environment. You enter sets of key=value pairs separated by commas, such as
java.naming.referral=ignore,java.naming.ldap.deleteRDNfalse
.
Search String
Enter a search string, and click Search to start the search for user accounts.
User Name Summary grid
Lists the users available for import. Select the check box for each user to import, or select the User Name check box to import all users. User accounts that are already imported to vRealize Operations do not appear in the list.
Table 2. Import Users from a VMware Identity Manager Source User Details Options Description Import From
VMware Identity Manager configured as the source to import user accounts.
Search Option
Enter the search option, it can be a domain or search prefix.
Domain Name
Enter the domain name for import.
Search Prefix
Enter a search string, and click Search to start the search for user accounts.
User Name Summary grid
Lists the users available for import. Select the check box for each user to import, or select the User Name check box to import all users. To appear in the list, the user configuration must be set to primary group in the default domain user group. User accounts that are already imported to vRealize Operations do not appear in the list.
Table 3. Import Users from a Single Sign On Source User Details Options Description Import From
SSO source configured as the source to import user accounts.
Domain Name
Select the domain name for import from the drop-down menu.
Result Limit
Determines the number of users displayed.
Search Prefix
Enter a search prefix, and click Search to start the search for user accounts.
User Name Summary grid
Lists the users available for import. Select the check box for each user to import, or select the User Name check box to import all users. To appear in the list, the user configuration must be set to primary group in the default domain user group. User accounts that are already imported to vRealize Operations do not appear in the list.
- Group Search Criteria. Search criteria to find LDAP groups. If not included, vRealize Operations uses the default search parameters:
- After you enter the import users details, click Next
Table 4. Import Users Accounts- Assign Groups Page Assign Groups Description Assign Groups
Select or deselect the groups associated with the user account. To select or deselect all accounts, click the Group Name check box. You cannot add user accounts to groups imported from LDAP.
- Click Finish.