Caution: Articles written for technical not grammatical accuracy, If poor grammar offends you proceed with caution ;-)
After vCAC 6 is initially installed you have only the default tenant that was created during the configuration of the Identity Appliance. The administrator user for the default tenant will allow you to login to the vCAC UI and created additional tenants and configure default branding.
It is highly recommended that you do not utilize the default tenant for anything other than tenant management. You can add a directory service such as AD to the default tenant to assign other administrators, however beyond that it is not recommended that you utilize the default tenant to provide any additional service. This post will walk you through creating a new tenant in vCAC 6.0 that can be used to publish services.
Creating a new tenant
1. First we need to log in to vCAC by going to https://{FQDN of your vCAC VA}/shell-ui-app. Once you are on the login page login as administrator@vsphere.local with the password you created during the vCAC 6 IA configuration.
2. Once logged in you will see a tab named administrator and you will be on the tenants menu item. You will also see your default tenant vsphere.local in the list. At the top you an select Tenants+ to begin adding a new tenant.
3. On the add tenant screen give your tenant a Name and URL Name. The URL Name will be appended to the default url like so https://{FQDN}/shell-ui-app/org/{tenant url} so choose wisely. Click Submit and Next.
4. Next we need to add an Identity Store for authentication to the Tenant. Click Identity Store+ at the top.
5. Once the Add Identity Store dialog box appears give your Identity Store a Name, choose the type (I’m using AD), input the URL to your identity server, the domain that will be utilized, and optionally a domain alias. The domain aliases are handy to lessen typing in my example I can login using user@home instead of user@dailyhypervisor.local using the alias. Then i the Login user DN specify a user that will be used that has read permission to your authorization domain and the password. Then specify the group and user DN that should be searched for users and groups. Test the connection and click add.
6. You will then see your authorization store in the list and you can click Next.
7. Now we need to add a user or group to the Tenant Administrator and Infrastructure Administrator roles. Type the name in the search box and it will populate with valid choices. When complete clock Update.
8. That completes the basics of creating a tenant in vCAC 6.0. Next you will need to go to https://{FQDN}/shell-ui-app/org/{tenant url} to login to your new tenant and complete the configuration.
One Reply to “vCloud Automation Center – vCAC 6.0 – Adding Tenants”