You can assign permissions on user accounts to access objects so that you can control which objects the users can access in vRealize Operations Manager.

When a user has permission to take action on an object, such as to delete a virtual machine, that user has the permission to perform the same action on any virtual machine that the user can access. For example, a user cannot have read-only permission on one virtual machine, and have read and write permission on another virtual machine.

In this procedure, you set the permissions for the new user accounts, named Tom User and Sam User, to access specific objects in the environment. You test the user accounts to confirm that these users can only access the vRealize Operations Manager objects, named Cluster 1 and Cluster 2, that you associated with their accounts.

Assign permissions to the new role to view dashboards. See Provide access control by assigning permissions on views.

1

Log in to vRealize Operations Manager as a system administrator.

2

Click Administration and click Access Control.

The User Accounts tab displays the user account information.

3

Click the user account named Tom User.

To change the objects associated with the user account, you can either click the pencil icon on the User Accounts toolbar, or click the pencil icon in the Associated Objects details pane below.

4

Click the pencil icon in the Associated Objects details pane.

The Associated Objects dialog box appears.

5

In the Object View, click the drop-down arrow and select vRealize Operations Manager Clusters.

The list of available clusters appears. To view the objects in a cluster, you can expand the navigation tree, and view objects such as Analytics, Controller, Collector, and so on. This object view contains vRealize Operations Manager internal objects only.

6

Select the check box for Cluster 1 and click OK.

This action associates the user account named Tom User with Cluster1 and all of the objects in this cluster.

7

Repeat Step 3 through Step 6 to associate the user account named Sam User with Cluster 2 and all of the objects in that cluster.

8

Log out of vRealize Operations Manager.

9

Log in to vRealize Operations Manager as Tom User, and verify that this user account can only access Cluster 1 objects and dashboards.

10

Log out of vRealize Operations Manager.

11

Log in to vRealize Operations Manager again as Sam User, and verify that this user account can only access Cluster 2 objects and dashboards.

You associated specific objects to each of the user accounts and verified that these users can only access these objects in the environment, and the dashboards that you assigned to them earlier.

Import a user account from an external LDAP user database that resides on another machine, and assign permissions to the user account.