You use the vCloud Director tenant portal to perform management tasks on an organization in a vCloud Director system. In this release, the tenant portal provides access to manage distributed firewalls and other advanced networking capabilities that are provided by the VMware NSX® software components made available to an organization by a vCloud Director system administrator.

For an introduction to the vCloud Director product overall and how an organization and its resources are set up in a vCloud Director system, see the vCloud Director User's Guide.

The typical users of the tenant portal are:

vCloud Director system administrators, who might use the tenant portal to configure the distributed firewall and other advanced networking capabilities for an organization.

Organization administrators, who use the tenant portal to manage the distributed firewall and other advanced networking capabilities that the system administrator has made available to that the organization.

Before a user can use the tenant portal to work with the advanced networking capabilities:

The organization must have the rights necessary to use the advanced networking capabilities through the tenant portal. See the VMware knowledge base article at http://kb.vmware.com/kb/2149016 for the steps a vCloud Director system administrator takes to grant the necessary rights to an organization.

The user must be assigned a role that grants the necessary rights. When the rights have been added to the organization by the vCloud Director system administrator, the system administrator can grant those rights to the appropriate roles.

When viewing the properties of a role, the rights required to be able to use all of the advanced networking capabilities available through the tenant portal are:

Folder in the Role Properties window

Required Rights for Advanced Networking Using the Tenant Portal

Distributed Firewall folder

All rights listed in the folder

Note

The predefined Organization Administrator role includes the rights Configure Distributed Firewall Rules and View Distributed Firewall Rules by default. Only the System Administrator role has the Enable Distributed Firewall right by default.

General folder

All rights listed in the folder

Gateway folder

Convert to Advanced Gateway

View Gateway

Gateway Advanced Services folder

All rights listed in the folder

Organization VDC folder

All rights listed in the folder

A vCloud Director system administrator can choose which individual rights to assign to the organization and which individual rights to grant to roles for users in that organization. If you find you cannot access areas of the tenant portal, contact your vCloud Director system administrator to request the rights for those portal areas.