Install vCloud Automation Center 6 (vCAC 6) – part 5 – Initial Configuration – Tenant Configuration

In this section we will configure user accounts and the default tenant. The default tenant has been created during installation and it can be reached at the address https://vcac-appliance-hostname.domain.name/shell-ui-app; it can be accessed using the administrator@vsphere.local SSO account.

Single or Multi-Tenant configuration

vCAC 6 can be configured as Single or Multi-Tenant application. A tenant is an organizational unit within a vCloud Automation Center deployment. A tenant can represent a business unit within an enterprise or a company that subscribes to cloud services from a service provider. Each tenant has a unique URL to the vCloud Automation Center console where the default has been specified above, while multi-tenant resources will be given a URL such as https://vcac-appliance-hostname.domain.name/shell-ui-app/org/MyTenant. The default tenant is the only tenant that supports native Active Directory authentication; all other tenants must use Active Directory over LDAP or OpenLDAP

In a single tenant configuration, everything is handled at the default instance. This includes system wide configurations. Tenant administrators can manage users and groups, configure tenant-specific branding, notifications, business policies, and catalog offerings. The system administrator account is always administrator@vsphere.local, while the tenant administrator must be a user in one of the tenant identity stores, such as username@mydomain.com.

In a multi-tenant environment, the system administrator creates new tenants for each organization that uses the same vCloud Automation Center instance. Tenant users log in to the vCAC console using their specific tenant URL.

vCAC 6 Roles

Before proceeding to configure users and tenant, I think it could be useful understand differences between Tenant and Infrastructure Administrator Roles:

Tenant Administrator
The tenant administrator is a line-of-business administrator, business manager, or IT administrator who is responsible for a tenant. Tenant administrators configure vCloud Automation Center for the needs of their organizations. They are responsible for user and group management, tenant branding and notifications, and business policies such as approvals and entitlements. They also track resource usage by all users within the tenant and initiate reclamation requests for virtual machines.

Infrastructure Administrator
Infrastructure administrators manage endpoints and endpoint credentials, create fabric groups, and configure virtualization proxy agents. They also manage cloud service accounts as well as physical machines and storage devices. They also monitor logs that are specific to IaaS.

Configuring Default Tenant

  • Go to the Default Tenant address (https://vcac-appliance-hostname.domain.name/shell-ui-app) and log in using the SSO users administrator@vsphere.local
  • Click on Configure system then go to Tenants and, at this point, click on vsphere.localvcac-tenant-01
  •  Go to the identity stores tab and click the green plus 1
  • Provide the required information, click on Test Connection to verify your configuration and then click Add button2
  • Go the Administrator tab and add users and groups you want to have Tenant Administrator access as well as Infrastructure Administrator rights 3
  • At this point you have completed the initial configuration and you will be able to log in using your domain credentials (Remember to login with the users FQDN).

Create a new Tenanat

My deployment is Single Tenant, but if you need to create more Tenants you can follow these steps:

  • On tenants tab click on green plus to add new tenant
  • Give the tenant a name and also provide a name for tenant URL vcac-tenant-02
  • Repeat the configuration steps described above
  • Now  you can access your new tenant  using this URL: https://my-vcloud-suite.local/shell-ui-app/org/your_url_name

Leave a Reply

Your email address will not be published. Required fields are marked *