I am able to create tenants using SSO account ( administrator @vsphere.local). Is there a way to create additional users account or LDAP/AD groups for the System Administrator role
Unfortunately that won't work. I've been through a lot of testing on this and in the current builds there is no way to assign the System Administrator role to another user.
Grant
i guess you are referring to the SSO administrator account to create not Tenants. if so, i am afraid, administrator@vsphere.local is the super admin and can not be clubbed with any AD security group but if you are referring to the Tenant System Administrator group, you just have to set Identity source as Active Directory and then you can map AD security group as the Tenants System Administrators.
Hope this answers your query!!
Br,
MG
as i can guess......you can assign sso admin role to any other ad/ldap user like you can do at vcenter server level and then in vcac appliance web interface (vami) you can use this ad or ldap account and then that user can create additional tenants. you can try this solution.
Unfortunately that won't work. I've been through a lot of testing on this and in the current builds there is no way to assign the System Administrator role to another user.
Grant
yes that's true as i tested now. only administrator@vsphere.local can be system administrator.