Access Control: User Accounts Tab

You can add, edit, or remove vRealize Operations user accounts, and import user accounts from an external LDAP database. With access control, you manage roles, the objects a user can access while assigned a specific role, and the membership in user groups.

Where You Manage User Accounts

From the left menu, click Administration, and then click the Access Control tile.

Table 1. Access Control User Accounts Summary Grid
Summary Grid Options	Description
User Accounts toolbar	To manage user accounts, use the toolbar icons. Click the Add icon to add a user account, and provide the details for the user account in the Add User Account dialog box. Click the Vertical Ellipses to perform any one of the following actions: Edit. Edit the selected user account, and modify the details for the user group in the Edit User Account dialog box. Delete. Delete a user account. Export. Click Export User Accounts to export a user account, and provide the details to export the user account in the Export Authentication Source dialog box. Click the Horizontal Ellipses and select Delete. Delete a user account. Export. Click export to export a user account, and provide the details to export the user account in the Export Authentication Source dialog box. Click Import to import a user account, and provide the details to import the user account in the Import User Accounts dialog box. Click Import from source to import a user account, and provide the details to import the user group in the Import User dialog box.
First Name	User's first name, created when you create the user account.
Last Name	User's last name, created when you create the user account.
User Name	User name, without spaces, that will log in to vRealize Operations
Email	User's email address, created when you create the user account.
Description	Description of the user account, defined when you create the user account. This information can identify the type of user and a summary of their access privileges.
Imported	Indicates whether the user account is imported or not.
Source Type	Indicates whether the user account is a local user, or an external user who is integrated through an external authentication source, such as from LDAP, SSO, AD, OpenLDAP, vCenter Server.
Enabled	Indicates whether the user account is enabled to use vRealize Operations features. An administrator can edit a user account to manually enable it, or disable it to prevent user access to vRealize Operations.
Locked	Indicates whether vRealize Operations has locked the user account. For example, a user account can get locked based on the password lockout policy, or if the user enters an incorrect password three times in the span of five minutes.
Access All Objects	Indicates whether the user account is allowed to access all the objects that are imported into the vRealize Operations instance.
Modified By	Indicates the last person to update the user account.
Last Modified	Indicates the last time the user account was updated.
Last Login Time	Indicates the last time the user logged in.

After you add a user account, use the Details grid to view and edit which user accounts are assigned to user groups, and view the permissions assigned to the user account.

Table 2. Access Control User Accounts Details Grid
Details Grid Options	Description
User Groups	Assigned user groups appear when you click a user in the summary grid. You can then view and modify which user groups the user is associated with. User Name: Identifies the user account. To change the user groups associated with the user account, click the Edit icon. The Choose Groups Membership dialog box opens. Click the All tab to view all the available groups. Click the Selected tab to view the groups that the user account is part of. Click the Unselected tab to view the groups that the user account is not a part of. Use the Search field to search for specific groups. Members: Displays the number of users that are assigned to the user group.
Permissions	Permissions appear when you click a user in the summary grid, and click the Permissions tab in the Details grid. You can then view the roles assigned to the user, and object hierarchy details. Role: Indicates the name of the role or roles assigned to the user. Role Description: Displays the description entered for the role. Object Hierarchy: Displays the name of the object hierarchy assigned to the user while holding this role. Objects: Displays the number of objects included in the hierarchy that the user can access. Association: Indicates if the role and objects are assigned to the selected user, or assigned to a user group to which the user belongs.