Add Tenant allows you to add tenants to VMware Identity Manager along with creating a tenant admin and optionally add directories to the created tenant and associate tenant-aware products to the newly created tenant. The workflow also contains a pre-check step which validates all the given inputs and selected environments to ensure tenant creation and product associations work seamlessly.

You can add tenants to VMware Identity Manager, create a tenant admin, and optionally add directories to the created tenant and associate tenant-aware products to the newly created tenant. When you add tenant, the workflow also contains a pre-check step which validates all the given inputs and selected environments to make sure tenant creation and product associations work seamlessly.

Prerequisites

  • Verify that you have DNS configured in both vRealize Automation and VMware Identity Manager. To access a tenant, the DNS server must be configured correctly before starting the vRealize Suite Lifecycle Manager flow 'Add Tenant' flow.
  • Ensure that the A-type DNS record is added for the new tenant FQDN. For a multi-SAN environment, ensure that VMware Identity Manager certificate is updated with the new tenant FQDN that is to be created. For more details, see Multi-Tenancy Model. For all the vRealize Automation instances that are to be associated with the new tenant ensure that the CNAME type DNS records are added and certificate requirements are met.
  • For all the vRealize Automation instances that are to be associated with the new tenant ensure that the CNAME type DNS records are added and certificate requirements are entered.

Procedure

  1. On the My Services dashboard, click Identity and Tenant Management.
  2. Navigate to Tenant Management, click ADD TENANT.
  3. Enter a tenant name and under the Administrator Details, enter Username, First Name, Last name, Email ID, and Password of the Tenant Admin.
  4. Click Next.
  5. (Optional) On the Directory Details tab, choose the directories from primary tenant that are to be migrated to the new tenant being created.
    You can find the existing directory names listed in the directory column.
  6. You can select any directories and click Next.
    1. Opt-in for migrate directories lists all the existing directories from the primary tenant. Only AD Over LDAP and AD with IWA directories is listed.
    2. To migrate, select the directories.
    3. Enter the passwords that are required for validation
    4. Click Validate. Once validation is successful, click Save and Next.
  7. Select that products that are should be associated with the new tenant. For vRealize Suite Lifecycle Manager 8.1 and later releases, vRealize Automation 8.1 and later releases can be listed.
    Note: Verify that you have considered the recommendation given for both certificate and DNS.
  8. Click Save and Next.
  9. Click Run a Precheck to the validate the tenant details and certificate details.
    • Tenant Name validation Check – To validate the entered tenant name matches criteria.
    • Tenant Name Existence Check – To validate a tenant already exists.
    • VMware Identity Manager Tenant FQDN Reachability and Resolvability Check
    • VMware Identity ManagerTenant FQDN Certificate Check
    • vRealize Automation Tenant FQDN Reachability and Resolvability Check
    • vRealize Automation Tenant FQDN Certificate Check
    1. If the validations are not successful and if you want to make some changes, and resume the tenant creation operation, click Save and Exit. The same wizard can be opened anytime to re-run the precheck to complete and proceed.
    2. If the pre-check validations are green, click Save and Next. A summary of the whole selection appears.
  10. Click Next and Create Tenant changes after reading the summary.
    You can view the tenant creation under the Request Details page. Both VMware Identity Manager and vRealize Automation tenants can be accessed through its tenant FQDNs. For more information, see Tenant Management in vRealize Suite Lifecycle Manager. You can log in to both VMware Identity Manager tenant FQDN and vRealize Automation tenant FQDN with the tenant admin credentials. The VMware Identity Manager tenant admin is also made the organization owner in new tenant vRealize Automation.