In the vCenter Single Sign-On, groups listed on the Groups tab are internal to vCenter Single Sign-On. A group lets you create a container for a collection of group members (principals).

When you add a vCenter Single Sign-On group from the vSphere Web Client administration interface, the group is added to the vsphere.local domain.


Log in to the vSphere Web Client as administrator@vsphere.local or as another user with vCenter Single Sign-On administrator privileges.

Users with vCenter Single Sign-On administrator privileges are in the Administrators group in the vsphere.local domain.


Click Home, and browse to Administration > Single Sign-On > Users and Groups.


Select the Groups tab and click the New Group icon.


Enter a name and description for the group.

You cannot change the group name after you create the group.


Click OK.

Add members to the group.