Versions Compared

Version Old Version 31 New Version 32
Changes made by

MS

MS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
maxLevel3
minLevel1

Info

This page is a guide for cloud administrators to provision tenants (enterprises) in private cloud.

Flow chart

This flow chart describes the basic process for provisioning enterprise tenants. 

...

Mermaid
fileNamemermaid_1655114480704
themeneutral
version89
{"diagramDefinition":"graph TD\r\n\r\nZ(( ))\r\n\r\nstyle Z fill:#g1g,stroke:#100,stroke-width:20px\r\n\r\nZ-->A(Provision infrastructure)\r\nA-->B>BB(Create roles)\r\nBB --> B(Modify privileges of roles)\r\nB-->C(Create scopes)\r\nC-->D(Create enterprise tenantsenterprises)\r\nD-->E(Create tenant admins)\r\nE-->H(Provision networks)\r\nH-->J(Create virtual datacenters)\r\nJ-->K(Capture VMs)\r\nK-->L(Configure backups)\r\nL-->Q((<fontcolour=f3efe6> * ))\r\n\tstyle Q fill:#f3efe6,stroke:#030300,stroke-width:7px,color:#f3efe6\r\n\r\nsubgraph Provision tenants\r\n        B\r\n        C\r\n        D\r\n        E\r\nend"}

...

  1. Go to UsersRoles

  2. Click the duplicate clone button and click the pencil edit button, OR click the +add button

  3. Enter the Name of the role

  4. To create a global role for all enterprises, select Make this role global

  5. Optionally, to create a list of network addresses from which users with this role can access the platform, enter Allowed CIDRs.

  6. Enter the corresponding External roles, e.g. LDAP group, for the user. This is required in external authentication modes (openid, ldap).
    A user's external roles must map to a single role (local or global).
    You can also set external scopes.

    • Examples of external roles for LDAP:

      • ldap_group_01

      • ldap_group_02

    • Example for OpenID:

      • id=admins,ou=group,o=qa,ou=services,dc=openam,dc=forgerock,dc=org

...

...

Modify the privileges of

...

user roles

  1. Select the role

  2. In the Privileges pane, select or deselect the privileges 

    • To add or remove groups of privileges, click the All privileges checkbox beside the group name

    • You cannot “undo” a set of changes, but you can discard your changes

  3. To save the changes, click Save

    • (warning) The platform will discard your changes if you do an action outside of the Privileges pane, for example, clicking on a another role name

    • (warning) For troubleshooting information, see Manage roles#Role troubleshooting and tips

...