Users can log into SDDC Manager only if they are granted access through the vCenter single sign-on process. Identity sources can be attached to one or more Cloud Foundation on VxRail domains to enable vCenter single sign-on. These users can be local users in the vCenter SSO domain, or domain users imported from Microsoft Active Directory or OpenLDAP into the associated vCenter SSO domain.
After VMware Cloud Foundation on VxRail is deployed, Active Directory users and groups can be added as identity sources in the Cloud Foundation on VxRail instance. Users and groups can be assigned roles to determine what tasks they can perform from the SDDC Manager user interface and API.