vCenter Server 5.1 with vCenter Single Sign On adds support for several new types of user repository.

vCenter Server versions earlier than version 5.1 supported Active Directory and local operating system users as user repositories. vCenter Server 5.1 supports the following types of user repositories as identity sources.

Active Directory.


Local operating system.


vCenter Single Sign-On identity sources are managed by Single Sign-On administrator users. You can attach multiple identity sources from each type to a single Single Sign-On server.

Each identity source has a name that is unique within the scope of the corresponding Single Sign-On server instance. There is always exactly one System identity source, named System-Domain.

There can be at most one local operating system identity source. On Linux systems, the identity source label is localOS. On Windows systems, the identity source label is the system's host name. The local operating system identity source can exist only in non-clustered Single Sign-On server deployments.

You can attach remote identity sources to a Single Sign-On server instance. Remote identity sources are limited to any of Active Directory, and OpenLDAP server implementations.

During Single Sign On installation, the installer can automatically discover Active Directory identity sources, if your system meets the appropriate prerequisites. See the section "Network Prerequisites" in Prerequisites for Installing vCenter Single Sign-On, Inventory Service, and vCenter Server.

For more information about vCenter Single Sign On, see vSphere Security.