As a system administrator or virtual infrastructure administrator, you use vRealize Operations Manager to manage user access control in your environment so that you can ensure the security of your objects. Your company just hired two new people, and you must create user accounts for them and assign roles to the accounts so that the new users have permission to access specific content and objects in vRealize Operations Manager.

As a system administrator who is responsible to monitor and maintain your environment, in this scenario you will learn how to create user accounts and roles, and set permissions for users to access views and objects. You will assign permissions to the new user accounts to limit access to certain features and objects, associate objects with the accounts, and demonstrate the intended behavior of the permissions on these accounts.

You will create two new user accounts, and a new role that can only access dashboards. You will apply the new role to a user account named Tom User, and change this account's permissions from having administrative ability to access all features, to be able to view only dashboards. You will then associate Tom's account with certain objects in the environment.

You will apply the new role to another user account named Sam User. You will then associate Sam's account with a different set of objects in the environment.

Finally, you will import a user account from an external LDAP user database that resides on another machine to vRealize Operations Manager, and assign a role to the imported user account to configure the user's privileges.

Verify that the following conditions are met:

vRealize Operations Manager is installed and operating properly, and contains objects such as clusters, hosts, and virtual machines.

One or more user groups are defined.

One or more roles are defined.


You can use roles to manage access control for user accounts in vRealize Operations Manager.


You use roles to assign specific privileges to user accounts so that you can limit the vRealize Operations Manager features that users can access.


You can assign permissions on user accounts to access objects so that you can control which objects the users can access in vRealize Operations Manager.


You can import user accounts from external sources, such as an LDAP database on another machine, so that you can give permission to those users to access certain features and objects in vRealize Operations Manager.

Create a new role and user accounts.