An identity source is a collection of user and group data. The user and group data is stored in a repository, such as Active Directory, LDAP, or a database that is internal to vCenter Single Sign On or local to an operating system.

vCenter Server versions earlier than version 5.1 supported Active Directory and local operating system users as user repositories. vCenter Server 5.1 supports the following types of user repositories as identity sources.

OpenLDAP versions 2.4 and later.

Active Directory versions 2003 and later.

Local operating system users.

Local operating system users are local to the operating system where the Single Sign On server is running (for example, Windows). Only one local operating system identity source is allowed. The local operating system identity source exists only in basic Single Sign On server deployments.

A fourth type of user repository is Single Sign On system users (System-Domain). Exactly one system identity source is always associated with an installation of Single Sign On. These users are contained in a database that is internal to the Single Sign On server. System users are not the same as local operating system users.

You can attach multiple identity sources from each type to a Single Sign On server.