You can use identity federation to import admin groups and users. Using identity federation makes setting up groups and users faster, and it allows users to sign in to their accounts using familiar credentials.
About this task
The identity source you configure for the
Grid Manager allows you to import the following types of federated groups:
- Administration (or "admin") groups. The users in these groups can sign in to the Grid Manager and perform tasks, based on the management permissions assigned to the group. See "About administration user groups."
- Tenant account groups, assuming that the tenant is not using its own identity source (that is, assuming the Uses Own Identity Source checkbox is unchecked for the tenant account). Users in tenant account groups can sign in to the Tenant Manager and perform tasks, based on the permissions assigned to the group. See the information about using tenant accounts.
Note: When using identity federation, be aware that users who only belong to a primary group on Active Directory are not allowed to sign in to the Grid Manager or the Tenant Manager. To allow these users to sign in, grant them membership in a user-created group.