3 Replies Latest reply on Oct 12, 2017 9:38 AM by rstoker13

Limit redirect to vRA to specific users

rstoker13 Sep 26, 2017 4:48 AM

In our dev/test environments, we noticed that ALL users redirect to vRA for authentication. This includes users who have no ability to manage VMs or request services. Is it possible to limit the redirection for specific groups of users. We have nearly 80,000 users that can log into ServiceNow, but a maximum of 500 of those users will need vRA services. Thanks in advance

1. Re: Limit redirect to vRA to specific users

daphnissov Sep 26, 2017 5:34 AM (in response to rstoker13)

Why don't you just configure vRA with the groups that need to login there only? It sounds like you're using the ITSM plug-in or something else. So is ADFS in the mix?
Like Show 0 Likes(0)

Actions
2. Re: Limit redirect to vRA to specific users

rstoker13 Sep 26, 2017 7:35 AM (in response to daphnissov)

We are currently using ADFS. The problem is that upon logging into SNOW via ADFS, all sessions are redirected temporarily to vRA. This adds between 3 and 15 seconds to the logon process and is unnecessary for the vast majority of our users. We would like to know if it is possible to limit the redirection to a specific set of groups.

vRA is properly configured and the redirected users would not be granted access if they did not hold appropriate privilege. If I login with a user that doesn't hold privilege, it seems to force a logout action. The user is then stuck in a loop and cannot get to SNOW.
Like Show 0 Likes(0)

Actions
3. Re: Limit redirect to vRA to specific users

rstoker13 Oct 12, 2017 9:38 AM (in response to rstoker13)

Our TAM was able to get an answer from the product team. Please see below:

Users with VRA_USER role in ServiceNow will only be redirected to VRA. If this role is not assigned to the ServiceNow user then they will be not having access to VRA catalogue item
Like Show 0 Likes(0)

Actions