As you create user accounts and roles, you must understand users, user groups, and privileges so that you can effectively manage the users in your vRealize Operations Manager environment and their privileges to access objects.

Each user has an account to authenticate them when they log in to vRealize Operations Manager. Each user is assigned one or more roles, and is an authenticated member of one or more user groups. An individual user or a group of users is called a principal.

You assign privileges to users to give them individual rights to perform operations in vRealize Operations Manager. For example, privileges allow users to create a dashboard or add a host machine. Each privilege includes a set of access privileges. A collection of privileges that you can assign to a principal is called a role.

You give users privileges to view objects. The object view is a specification for a navigation tree template, which vRealize Operations Manager uses to search the object inventory and construct a navigation tree that contains the objects that match the corresponding properties of the individual tree nodes such as object type, adapter type, and so on. You can assign an object view instance to a user or a user group.