To add tenants to VMware Workspace ONE Access, use VMware Aria Suite Lifecycle. You can also create a tenant admin, add directories to the new tenant, and associate tenant-aware products to the tenant.

When you add a tenant, the process also contains a pre-check step which validates all the given inputs and selected environments to make sure tenant creation and product associations work seamlessly.

Prerequisites

  • Verify that you have DNS configured in both VMware Aria Automation and VMware Workspace ONE Access. To access a tenant, the DNS server must be configured correctly before starting the VMware Aria Suite Lifecycle flow Add Tenant procedure.
  • Ensure that the A-type DNS record is added for the new tenant FQDN. For a multi-SAN environment, ensure that VMware Workspace ONE Access certificate is updated with the new tenant FQDN that is to be created. For more details, see Multi-tenancy model for VMware Aria Suite Lifecycle products. For all the VMware Aria Automation instances that are to be associated with the new tenant ensure that the CNAME type DNS records are added and certificate requirements are met.
  • For all the VMware Aria Automation instances that are to be associated with the new tenant ensure that the CNAME type DNS records are added and certificate requirements are entered.

Procedure

  1. On the My Services dashboard, click Identity and Tenant Management.
  2. Navigate to Tenant Management, click ADD TENANT.
  3. Enter a tenant name and under the Administrator Details, enter Username, First Name, Last name, Email ID, and Password of the Tenant Admin.
  4. Click Next.
  5. (Optional) On the Directory Details tab, choose the directories from primary tenant that are to be migrated to the new tenant being created.
    You can find the existing directory names listed in the directory column.
  6. You can select any directories and click Next.
    1. Opt-in for migrate directories lists all the existing directories from the primary tenant. Only AD Over LDAP and AD with IWA directories is listed.
    2. To migrate, select the directories.
    3. Enter the passwords that are required for validation
    4. Click Validate. When validation is successful, click Save and Next.
  7. Select that products that are should be associated with the new tenant, such as VMware Aria Suite Lifecycle and VMware Aria Automation.
    Note: Verify that you have considered the recommendation given for both certificate and DNS.
  8. Click Save and Next.
  9. Click Run a Precheck to the validate the tenant details and certificate details.
    • Tenant Name validation Check – To validate the entered tenant name matches criteria.
    • Tenant Name Existence Check – To validate a tenant already exists.
    • VMware Workspace ONE Access Tenant FQDN Reachability and Resolvability Check
    • VMware Workspace ONE AccessTenant FQDN Certificate Check
    • VMware Aria Automation Tenant FQDN Reachability and Resolvability Check
    • VMware Aria Automation Tenant FQDN Certificate Check
    1. If the validations are not successful and if you want to make some changes, and resume the tenant creation operation, click Save and Exit. The same wizard can be opened anytime to re-run the precheck to complete and proceed.
    2. If the pre-check validations are green, click Save and Next. A summary of the whole selection appears.
  10. Click Next and Create Tenant changes after reading the summary.
    You can view the tenant creation under the Request Details page. Both VMware Workspace ONE Access and VMware Aria Automation tenants can be accessed through its tenant FQDNs. For more information, see Tenant management in VMware Aria Suite Lifecycle. You can log in to both VMware Workspace ONE Access tenant FQDN and VMware Aria Automation tenant FQDN with the tenant admin credentials. The VMware Workspace ONE Access tenant admin is also made the organization owner in new tenant VMware Aria Automation.