To configure support for multi-tenancy, use vRealize Suite Lifecycle Manager.

Prerequisites

  • Verify that you have a VMware Workspace ONE Access global environment.
  • Verify if the inventories are synchronized for all the environments in vRealize Suite Lifecycle Manager and all environments and products are up to date. This is to discover all the VMware Workspace ONE Access-product integrations required for VMware Workspace ONE Access re-register.
  • Verify if the VMware Workspace ONE Access global environment certificate is managed through the vRealize Suite Lifecycle Manager Locker service.
  • Ensure to take a snapshot of VMware Workspace ONE Access. It is recommended, since enabling multi-tenancy transforms VMware Workspace ONE Access to be accessed through tenant FQDNs and existing VMware Workspace ONE Access URLs will not be accessible.
  • For a clustered VMware Workspace ONE Access, verify VMware Workspace ONE Access cluster health status is green by triggering cluster health. For more information, Day 2 operations with other products in vRealize Suite Lifecycle Manager
  • Verify the VMware Workspace ONE Access certificate is updated with the primary tenant alias FQDN. Also ensure that the A-type DNS record is added mapping the primary tenant alias FQDN. For more information about Mandatory Certificate and DNS requirements, see Multi-tenancy model.

Procedure

  1. Click Identity and Tenant Management and navigate to Tenant Management.
  2. Read the Opt-in message and click Enable Tenancy.
  3. Enter the primary tenant Alias name.
    Ensure that the hostname or FQDN does not already exist. While enabling multi-tenancy, this FQDN is assigned to the primary tenant.
    Ensure all products currently integrated with global environment VMware Workspace ONE Access are already listed and selected for re-registration against the new primary tenant alias FQDN in the Product Re-registration table. For more information on Product References, see Product references for vRealize Suite Lifecycle Manager.
  4. Click Submit, after you validate the entries.
    After you enable multi-tenancy on the VMware Workspace ONE Access, it can only be accessed through its tenant FQDNs, and at this point as the primary tenant is the only available tenant, primary tenant alias FQDN is the only endpoint through which VMware Workspace ONE Access can be accessed. When the vRealize Suite Lifecycle Manager enable multi-tenancy request is completed, create tenants by using the Tenant Management tab.