ViPR 2.2 - Create ViPR Tenants
Table of Contents
This article provides the basic steps for creating a tenant from the ViPR UI as part of the initial ViPR installation sequence. If you want to add multi-tenant support to an existing ViPR VDC you should refer to Understanding ViPR Multi-Tenant Configuration to ensure that you understand what multiple tenant configuration offers, and to plan your configuration, and use Add ViPR Tenant to Existing VDC to perform the configuration steps.Back to Top
Before you begin
- You must have the Tenant Administrator role for the provider tenant.
- An authentication provider must have been registered with ViPR and must be for the domain from which you want to map users.
- Your AD administrator must have set up AD groups and/or attribute mappings in accordance with your tenant plan.
- At the ViPR UI, select .
- You can add a tenant by choosing Add, or to edit an existing tenant, click on the tenant name.
- Type a name and a description for the tenant.
- Optionally, specify a quota for the tenant. This is the total storage that users in the tenant can create.
- Select the domain to which the tenant users belong.
Your configuration could have a separate domain for each tenant, or you can use the same domain to provide users for more than one tenant. To use the same domain, you must configure the user mappings to identify the specific set of users that will belong to the tenant and to ensure that a user is mapped into only a single tenant.
- To specify the way users will be mapped from the selected domain, select
Add User Mapping Rule.
A user mapping rule is added to the tenant. You can add more than one user mapping to achieve finer grained control over the selection of users for the tenant.
- Specify any groups that you want to use to map users into the tenant.
The group or groups that you specify must exist in AD.A group associated with a domain can be used by more than one tenant, and the selection of users from the domain group can be based on attributes associated with the user.
- To use attributes to map users into the tenant, click the
Add Attribute button and enter the name of the attribute and the value or values for the attribute.
For users to be mapped into the domain, the attribute value set for the user must match the attribute value specified in ViPR. An example of setting user mappings at the Create Tenant page is shown below. In the example, users from the selected domain for whom the AD Department attribute has been set to "Accounts" are mapped into the tenant.
- Click Save.
After you finish
Any sub-tenant that you created requires a Tenant Administrator to perform day-to-day administration of the tenant: configuration of the service catalog, creation of projects, assignment of users to tenant roles. Sub-tenants can be managed by the Tenant Administrator of the provider tenant or a user that belongs to the tenant can be assigned as the Tenant Administrator.Back to Top