3 Replies Latest reply on Oct 12, 2017 9:38 AM by rstoker13

    Limit redirect to vRA to specific users

    rstoker13 Enthusiast
    VMware Employees

      In our dev/test environments, we noticed that ALL users redirect to vRA for authentication. This includes users who have no ability to manage VMs or request services. Is it possible to limit the redirection for specific groups of users. We have nearly 80,000 users that can log into ServiceNow, but a maximum of 500 of those users will need vRA services. Thanks in advance

        • 1. Re: Limit redirect to vRA to specific users
          daphnissov Guru
          Community WarriorsvExpert

          Why don't you just configure vRA with the groups that need to login there only? It sounds like you're using the ITSM plug-in or something else. So is ADFS in the mix?

          • 2. Re: Limit redirect to vRA to specific users
            rstoker13 Enthusiast
            VMware Employees

            We are currently using ADFS. The problem is that upon logging into SNOW via ADFS, all sessions are redirected temporarily to vRA. This adds between 3 and 15 seconds to the logon process and is unnecessary for the vast majority of our users. We would like to know if it is possible to limit the redirection to a specific set of groups.

             

            vRA is properly configured and the redirected users would not be granted access if they did not hold appropriate privilege. If I login with a user that doesn't hold privilege, it seems to force a logout action. The user is then stuck in a loop and cannot get to SNOW.

            • 3. Re: Limit redirect to vRA to specific users
              rstoker13 Enthusiast
              VMware Employees

              Our TAM was able to get an answer from the product team. Please see below:

               

              Users with VRA_USER role in ServiceNow will only be redirected to VRA. If this role is not assigned to the ServiceNow user then they will be not having access to VRA catalogue item