Solved: Re: Limit redirect to vRA to specific users

rstoker13 · ‎09-26-2017

In our dev/test environments, we noticed that ALL users redirect to vRA for authentication. This includes users who have no ability to manage VMs or request services. Is it possible to limit the redirection for specific groups of users. We have nearly 80,000 users that can log into ServiceNow, but a maximum of 500 of those users will need vRA services. Thanks in advance

rstoker13 · ‎10-12-2017

Our TAM was able to get an answer from the product team. Please see below:

Users with VRA_USER role in ServiceNow will only be redirected to VRA. If this role is not assigned to the ServiceNow user then they will be not having access to VRA catalogue item

View solution in original post

daphnissov · ‎09-26-2017

Why don't you just configure vRA with the groups that need to login there only? It sounds like you're using the ITSM plug-in or something else. So is ADFS in the mix?

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

rstoker13 · ‎09-26-2017

We are currently using ADFS. The problem is that upon logging into SNOW via ADFS, all sessions are redirected temporarily to vRA. This adds between 3 and 15 seconds to the logon process and is unnecessary for the vast majority of our users. We would like to know if it is possible to limit the redirection to a specific set of groups.

vRA is properly configured and the redirected users would not be granted access if they did not hold appropriate privilege. If I login with a user that doesn't hold privilege, it seems to force a logout action. The user is then stuck in a loop and cannot get to SNOW.

rstoker13 · ‎10-12-2017

Our TAM was able to get an answer from the product team. Please see below:

Users with VRA_USER role in ServiceNow will only be redirected to VRA. If this role is not assigned to the ServiceNow user then they will be not having access to VRA catalogue item

All

Limit redirect to vRA to specific users