vRA 7 multiple system admin user for creating tenants-best practise
Whats the right way to create multiple system admin users ...ie user other than administrator@vsphere.local for default tenant...ie that user when logs into default tenant should be able to see other tenants and assign IaaS and tenant admins also
I guess the idea is to have an audit trail on system admin like activities instead of having generic admin user ...have a user who shows as having created tenant etc , bestowing IaaS admin
Why would a generic user like admin be the only user allowed to create multiple tenants and bestow IaaS and tenant admin rights ...?
Multitenancy is the right way to separate data in motion and rest for different units we would like to have
Another requirement is IPAM based workflows need access to default domain and tenant access to be able to enumerate tenants id and names in some workflow calls using their Cloud API
admin@vsphere.local who has default system admin and who can enumerate tenants is not a valid user once we sync the vRO7 with vRA 7 vIDM for authentication as this pulls only Directory services and not local users..please suggest
