You can add, edit, or remove vRealize Operations Manager user accounts, and import user accounts from an external LDAP database. With access control, you manage user roles, the membership in user groups, and the objects associated with the user accounts.

To manage user accounts, select Administration and click Access Control. The User Accounts tab displays the user account information.

To view and edit details for the user roles, user groups, and objects associated with the user account, select a user in the summary grid and click the pencil icons in the panes of the Details grid.

Access Control User Accounts Summary Grid

Summary Grid Options

Description

User Accounts toolbar

To manage user accounts, use the toolbar icons.

Plus sign. Add a user account, and provide the details for the user account in the Add User Account workspace.

Pencil. Edit the selected user account, and modify the details for the user group in the Edit User Account workspace.

Red X. Delete a user account.

Gear. Import a user account from an LDAP import source that was configured in the LDAP Import Sources Add Source for User and Group Import dialog box, and provide the details to import the user account in the Import User Accounts workspace.

First Name

User's first name, created when you create the user account.

Last Name

User's last name, created when you create the user account.

User Name

User name, without spaces, that will log in to vRealize Operations Manager.

Email

User's email address, created when you create the user account.

Description

Description of the user account, defined when you create the user account. This information can identify the type of user and a summary of their access privileges.

Source Type

Indicates whether the user account is a local user, or an external user who is integrated through an external source, such as from LDAP, AD, OpenLDAP, or vCenter Server.

User accounts that exist in two user sources, such as vCenter and AD are distinguished as two separate users.

Enabled

Indicates whether the user account is enabled to use vRealize Operations Manager features. An administrator can edit a user account to manually enable it, or disable it to prevent user access to vRealize Operations Manager.

Locked

Indicates whether vRealize Operations Manager has locked the user account. For example, a user account could become locked based on the password lockout policy, or if the user enters an incorrect password three times in the span of five minutes.

Access All Objects

Indicates whether the user account is allowed to access all of the objects that are imported into the vRealize Operations Manager instance. This setting appears on the Objects tab of the Assign Groups, Role, and Objects workspace when you add or edit a user account.

When you view and edit details for the user roles, user groups, and objects associated with the user account, after you select a user in the summary grid, click the pencil icons in the panes of the Details grid.

Access Control User Accounts Details Grid

Details Grid Options

Description

Roles

Assigned roles appear when you click a user in the summary grid. You can then view and edit the roles associated with the user account.

Role Name. Identifies the user account. To change the roles applied to the user account, click the Edit icon and select the roles.

Description. Description of the user account, such as a summary of the type of access.

User Groups

Assigned user groups appear when you click a user in the summary grid. You can then view and edit the user groups and members associated with the user account.

User Group Name. Identifies the user group. To change the user groups associated with the user account, click the Edit icon and select the groups.

Description. Description of the user group, such as a summary of the type of user group.

Associated Objects

Associated objects appear when you click a user in the summary grid. You can then view and edit the objects associated with the user account.

In this view, you can allow the user to access all objects imported to the vRealize Operations Manager instance.

Object Path. Indicates the traversal tree of objects that is assigned to the user account, such as vSphere Hosts and Clusters.

# of Objects. Indicates the number of objects that the user can access.