Users listed on the Users tab in the vSphere Client are internal to vCenter Single Sign-On and belong to the vsphere.local domain. You add users to that domain from one of the vCenter Single Sign-On management interfaces.

You can select other domains and view information about the users in those domains, but you cannot add users to other domains from a vCenter Single Sign-On management interface.

Procedure

  1. Log in with the vSphere Client to the vCenter Server.
  2. Specify the user name and password for administrator@vsphere.local or another member of the vCenter Single Sign-On Administrators group.
    If you specified a different domain during installation, log in as administrator@ mydomain.
  3. Navigate to the vCenter Single Sign-On user configuration UI.
    1. From the Home menu, select Administration.
    2. Under Single Sign On, click Users and Groups.
  4. If vsphere.local is not the currently selected domain, select it from the drop-down menu.
    You cannot add users to other domains.
  5. On the Users tab, click Add.
  6. Enter a user name and password for the new user.
    The maximum number of characters allowed for the user name is 300.
    You cannot change the user name after you create a user. The password must meet the password policy requirements for the system.
  7. (Optional) Enter the first name and the last name of the new user.
  8. (Optional) Enter an email address and description for the user.
  9. Click Add.

Results

When you add a user, that user initially has no privileges to perform management operations.

What to do next

Add the user to a group in the vsphere.local domain, for example, to the group of users who can administer VMCA (CAAdmins) or to the group of users who can administer vCenter Single Sign-On (Administrators). See Add Members to a vCenter Single Sign-On Group.