The preferred method for managing users and groups that will receive specific permissions through the roles in vCenter is to use Active Directory Users and Computers (ADUC). By using ADUC, users and groups are subjected to the same provisioning and de-provisioning policies and procedures that are applied to other objects in the Enterprise directory. In addition, the Enterprise password policy will also be applied to user accounts that are used for administrative purposes in the virtual management environment.

As previously mentioned, the use of groups is preferred over assigning individual accounts to roles within vCenter. In this example, we'll be creating a group and adding users to perform a specific ...