Hi cdecanini_,

I believe the vCAC plug-in extensibility workflows you are referring to are under Library / vCloud Automation Center / Infrastructure Administration / Extensibility in vCO 5.5.2 build 1946710, correct? I understand that your solution allows me to approve from a vCO workflow. However, I also want to allow users to approve from the vCAC interface and avoid two-interface complexity. Do you know if there is a way to do this?

Thank you for taking the time to help me!

Yes this is correct.

If you do not want to auto approve in vCO you can : use a vCO user interaction where you can show in the presentation a particular value / information you get from custom properties and add a Boolean to approve or not.This user interaction will trigger a work item in the vCAC side. Once the work item has been answered the vCO workflow can resume and approve.

I have been told this is working. What I am not sure of is how you set who answer the work item.

Hi cdecanin_,

We are working on the approach you spoke about hoping that it might work. There is one thing that is biting us quite badly. Hope you can provide me some clarity on this:

We are making use the Web Operator for the Approver to login to approve his request. Approver is unique for every request I mean to say Approver is Users Manager (which we are pulling from AD)

When the Approver logs in to vCO Web Operator we want him to see only his requests. As of now, we login with a user who has Admistrator Rights. Hence we see all the User Interaction Approval Requests.

Is there any customization that can be done so that Approver views only his Users request and approves? Or if we configure Approvers in a AD group and give the required rights in vCO for them to login and approve, will they be able to see only their request?

Thanks,

SK

You can set the user interaction with a given security group.

If after this you can still see / reply as a vCO admin then you need to log as an user who is not in vCO admin.

Thanks cdecanini_. I am aware of the secuirty group. But I am just curious to know if that security groups will really solve my issue or not. The Approvers will not have the admin rights for sure. If the Approvers don't have Admin rights, I hope they can only see thier Requests. But is there any intelligence in vCO that can show only your requests?! Just curious

It should be the case. At the very least you cannot answer it as a user not belonging to the specified security group.

Hi cdecanini_,

Thanks for your response. I was able to implement the approach you suggested. The user interaction did trigger a work item on the vCAC side as a “Manual User Action” task waiting for an approver to respond. This solution was very promising, but we ran into a problem.

It seems as though the security group assigned in the user interaction element is being ignored and automatically assigns the task to the requestor instead. According to another VMWare employee responding to this same issue in the forum post here, it is currently not possible to assign specific users or groups to handle manual user interaction tasks. Do you happen to know if there has been any progress on this feature since the post was made (back in January 2014)?

Since I am not sure if this was updated I emailed him for more information. I will update the thread when I get an answer.

Hi cdecanini_,

I just wanted to follow up and see if you have received a response from your colleague?