If you're a Windows shop and use Active Directory, you can use the latest vMA 4.1 which supports AD authentication, this will allow you to utlize your existing directory services without having to manually manage individual user accounts, as long as the users can access the logs from their account or perform a sudo, you should be fine.
You can also have your vMA authenticate other directory services such as NIS/Kerberos/etc. if you use those, it's a standard CentOS distro and you may need to configure some addtional packages.
Generally speaking, VMware has recommened ~100 targets per vMA, you may want to further isolate it down per your internal requirements or access control requirements.