Adding a New Tenant

the system administrator can add a new tenant click add fill in the form with the tenant details (see below for field description) click the image icon locate and upload the company logo image (mandatory) click edit licenses to edit the tenant license counts (refer to the section adding / editing tenant licenses docid\ abrpxxngkqqjhtrsjmpq5 for more information) and save click save the new tenant will now be listed among the tenants the system administrator can set the expiration date of the tenant during the tenant’s creation if the system administrator doesn’t assign the expiration date of the tenant, the remaining duration of the tenant is set same as the remaining duration of the host when a certain amount of time is left before the tenant's expiration date (for example, last 15 days), information about the tenant's expiration date appears at the top of the tenant screen every time, and when the period expires, the tenant is disabled this value should be parametric; the name of the system parameter should be tenant expiration warning before day and the default value should be 15 tenant expiration warning before day parameter should be set on the host environment once a tenant's license expires, the tenant becomes disabled, and all license numbers from the deactivated tenant are included in the host's license (for example, assume that the host has 100 user licenses, 30 of which are from the tenant, 70 are on the host after the tenant's license expires, the host has a total of 100 user licenses) new tenant form field description ( means mandatory field) tenant id the descriptive tenant keyword, which is used in the tenant schema name and during log in (a tenant user should log in as “\<username>@\<tenant id>”) only lower case letters should be used it cannot be changed once the tenant is created tenant name the name of the tenant, shown in the tenant list on the tenant manager screen address the tenant’s street address business contact the name of the business contact for the tenant phone the phone number of the business contact for the tenant admin (name surname) the name/surname of the main administrator for the tenant admin phone the phone number of the tenant administrator admin email the email address of the tenant administrator an email with the password setup link is sent after the new tenant is created admin username the unique username for the main tenant administrator this user is created along with the tenant schema becomes the first user of the new tenant, and has access to all administration modules this user can share these duties with other tenant users once they are added to the tenant schema tacacs port number the port number that the tacacs devices in the tenant schema will use for the tacacs protocol the alternative values that appear in this combo box are defined by the multitenancy tacacs port range parameter in the system config man interface access on behalf of the tenant when it is enabled, the host users can have access to the tenant interface and make changes on their behalf, if the host users are imported by means of ldap or microsoft entraid integration o user directory source name ( ) if the access on behalf of the tenant is enabled, the defined user directories on the host environments should be selected at least one in this field after user directories are selected, the group and user textboxes for the selected user directories will be displayed as blank on this page \ if the host’s administrator user does not fill in these fields (keep them as blank), definitions under ldap or microsoft entra id integration on the host’s environment will be used depending on the user directory type (either active directory or entra id directory) for example, if the host gets 5 users from ldap integration, the tenant will also have the same 5 users \ if the host’s administrator user fills these fields, the new definitions will be used rather than defined in the host environment thanks to this, the host's administrator can differentiate the users received by ldap or microsoft entra id integration in the host and tenant environment for example, if the ldap integration of the host environment has “(&(objectclass=user)(cn=john))” user search phrase, and during the tenant creation, if the tenant environment has “(&(objectclass=user)(cn=jane))” user search phrase, the host environment has “john” user, whereas the tenant environment has “jane” user additionally, if it is required, the host’s admin user can select a subgroup of users from among those pre selected for the host’s environment, for the tenant environment for example, if the ldap integration of the host environment has “(&(objectclass=user)(cn= mary ))” user search phrase, and during the tenant creation, if the tenant environment has “(&(objectclass=user)(cn= mary ann ))” user search phrase, the host environment might have multiple users like “mary”, “mary george”, “mary ann” etc , whereas the tenant environment has “mary ann” which is also found in the host environment "the access on behalf of" users are only counted in the host’s license so, if 5 "the access on behalf of" users are defined in 20 tenants, a 5 user slot is occupied only in the host’s license these users are visible and used; however, they are not counted in the tenants’ licenses interface names the vrf interfaces that can be used by the tenants