Before we really start to dig into the fun stuff we need to dig a footing and lay a foundation to build on. In this article I’m going to create an “Enterprise Group“, a few “Machine Prefixes“, and create a “Provisioning Group“. For those not familiar with these let me explain:
Enterprise Groups contain “Enterprise Administrators” and “Compute Resources”. When you create an “Enterprise Group” you will give it a name, assign those that will be the “Enterprise Administrators” and select the “Compute Resources” that they manage. The general concept of the “Enterprise Groups” is let’s say you have a group of administrators that is responsible for managing infrastructure in North America, but you also have a separate group of administrators that is responsible for managing infrastructure in Europe. You can create (2) “Enterprise Groups” one for NA and one for EMEA and in the groups you can map the appropriate administrators to the “Compute Resources” they manage. This allows you to separate access to the infrastructure to the appropriate admins.
Provisioning groups contain your users of the infrastructure. These are the users that will make requests for servers or applications and consume resources that are provided by the ‘Enterprise Groups” Provisioning Groups have a few roles that make them up. The roles are:
- Group Manager Role – The PGMs oversea the group, can access all the machines in the group, can publish blueprints to the groups, can work on behalf of the group users, approve requests made by their users and other groups based administration functions.
- Support User Role- This role is intended for your help desk organization. The role allows the assigned user(s) to work on behalf of the groups users to aid in troubleshooting machine issues.
- User Role – These are the consumers. The users are the consumers of the servers, applications, and resources in your environment. They can only gain access to what has been provided to the group(s) that they belong to.
Machine Prefixes are a way for you to automatically assign hostnames to your machines that are provisioned through vCAC. Machine prefixes have (3) parts. The Prefix itself, a number of digits, and the next number to be used. Typically machine prefixes are useful in lab or test/dev environments, but in my experience a more elegant solution is generally needed for production naming conventions. For now we will use the standard machine prefixes, but I will cover how to generate more complex hostnames in a future article.
Creating an Enterprise Group
The first thing we are going to do is create an ‘Enterprise Group”. Now typically you may want to add some resources to vCAC before you create an ‘Enterprise Group”, but I’ve decided to do a few things before we add resources just because it’s cleaner for building the articles. Below are the steps for creating an “Enterprise Group”
1. Under vCAC Administrator select “Enterprise Groups” and then in the upper “Right” corner choose “New Enterprise Group”
Edit Enterprise Group
2. Provide a “Name” for your group, and then add an “Active Directory” user is “domain\user” format. Enter the user in the filed above the box and press “Return” then select “Ok” Note: For now it’s recommended that you add the user you are logged in as to the “Enterprise Administrator” role.
3. After you click “Ok” you will see your new group listed on the “Enterprise Groups” tab. You will also see a new “Menu” item on the left names “Enterprise Administrators” if you are logged in as the user you added to the “Enterprise Administrator” role in your “Enterprise Group“.
4. Click on the “Enterprise Administrators” menu item and then click “Machine Prefixes“. The click “New machine Prefix” in the upper “Right” corner.
Create Machine Prefixes
5. Input your “Machine Prefix“, the “Number of Digits” you want to use, and the “Next Number” and click the “Green” check to the left.
6. You will now see your “Machine Prefix” listed under “Machine Prefixes“. Next click on “Provisioning Groups”
New Provisioning Group
7. Click on “New Provisioning Group” in the upper “Right” corner.
Edit Provisioning Group
8. Provide a “Name” for your group, input the “Email Address” for the “Group Manager“, Select the “Default Machine Prefix” using the “Picker“, set the “Active Directory Container” (only used when leveraging WIM provisioning), then assign “Active Directory Users or Groups” to the “Manager, User, and optionally the Support” roles and click “Ok”
9. You will now see your new group listed in the “Provisioning Groups” list.