Users listed on the Users tab in the vSphere Client are internal to vCenter Single Sign-On and belong to the vsphere.local domain. You add users to that domain from one of the vCenter Single Sign-On management interfaces.
You can select other domains and view information about the users in those domains, but you cannot add users to other domains from a vCenter Single Sign-On management interface.
Procedure
- Log in with the vSphere Client to the vCenter Server.
- Specify the user name and password for administrator@vsphere.local or another member of the vCenter Single Sign-On Administrators group.
If you specified a different domain during installation, log in as administrator@
mydomain.
- Navigate to the vCenter Single Sign-On user configuration UI.
- From the Home menu, select Administration.
- Under Single Sign On, click Users and Groups.
- If vsphere.local is not the currently selected domain, select it from the drop-down menu.
You cannot add users to other domains.
- On the Users tab, click Add.
- Enter a user name and password for the new user.
The maximum number of characters allowed for the user name is 300.
You cannot change the user name after you create a user. The password must meet the password policy requirements for the system.
- (Optional) Enter the first name and the last name of the new user.
- (Optional) Enter an email address and description for the user.
- Click Add.
Results
When you add a user, that user initially has no privileges to perform management operations.
What to do next
Add the user to a group in the vsphere.local domain, for example, to the group of users who can administer VMCA (CAAdmins) or to the group of users who can administer vCenter Single Sign-On (Administrators). See Add Members to a vCenter Single Sign-On Group.