/
1.3.2.5. Manage Tenants

1.3.2.5. Manage Tenants

Owned by wiki
Last updated: Aug 04, 2021


The Settings → Manage Tenants page can be reached by clicking the    menu item.

The following changes are permanent starting with Flowster Studio 5.3, so please take special consideration if you have installed a previous version of Flowster Studio (e.g. Flowster Studio 5.2):

tenant in a multi-tenancy architecture represents a part of a software which serves multiple customers having their data isolated and invisible to the other tenants. A tenant will have its own databaseusersexecution agents and other settings.

Flowster Studio offers the possibility to define multiple tenants, all of them managed by a single software:


A tenant configuration include general InformationExecution Agents, User Rights and Central Storage Path.

In the Information tab will be displayed the tenant’s: Name, Logo, SQL Server, SQL Instance and Database.

In the Execution Agents tab will be displayed all the execution agents assigned to the selected tenant.

In the Rights tab will be displayed all the users which will have rights to visualize the tenants in Tenants List and edit the tenant information: name, icon and database settings. Tenant Rights can only be granted to Super Admins/Admins type of users or groups. In order to grant permissions to a user, click on Add Child button to open the Add rights window. Here the list of users is filtered to only display super admins/admins security groups:


In the Central Storage Path tab will be configured a network shared path where dynamic files for a workflow executions can be created by using Write To Central Storage File activity in the workflow (The Write Data To Storage activity will create a text file with the execution GUID for the file’s name, where it can insert user defined content (for example, variables values, arguments values, different strings, logs etc).

The central data storage is used to offer files for download at runtime of a workflow. These files can be created with the Storage Custom File activity and stored in the directory. After a successful workflow execution, the user can download the file using the Info button or tracking info in the "History", "Start Task" parameters overview or "Execution Logs" areas.


Default Tenant

The default tenant is considered the first database provided when installing Flowster Studio for the first time, as a standalone installation and the Super Admin chosen during installation will have access to configure and manage the default tenant and to create/delete other tenants. The Create Tenant/Delete Tenant options are only available on the default tenant. 

 

The default tenant will have the following settings added from the beginning:

  • Domain
  • SuperAdmin group and a super admin user
  • Portal


Create Tenant

Runtime User SQL Server Rights

In order to successfully create a tenant database from Flowster Studio Administrator, the Runtime User must have dbcreator rights.

If the Runtime User doesn’t have dbcreator rights, then the Add Tenant wizard allows selecting an empty database (a database existing on the given SQL server, which has only the name), running only the script with the tables creation.


NOTE: TRIAL mode allows the existence of only one tenant. The maximum number of tenants depends of the applied license type.

Only the default tenant (the first tenant created) will be allowed to create new tenants ( the child tenants won't be able to create tenants). A new tenant can be added from the Tenants page, by clicking the Create Tenant button.

The Create tenant wizard opens:


  • Insert a Name for the tenant (required)
  • Choose an existing SQL Server name and its associated instance from the drop-down list (required). Instead of SQL Server name, you can also use the SQL Server IP.
  • Choose an Authentication method (required): Flowster Runtime User, Windows Authentication or SQL Authentication.
    • In case of Flowster Runtime User method, the user name and password are automatically taken
    • In case of Windows Authentication method, the user name will be the current logged in domain\user name but it can be changed by the user
    • In case of SQL Authentication method, the user name will be an SQL user name, provided by the user
  • Insert User name (required for all authentication methods except Flowster Runtime User).
  • Insert Password (required for all authentication methods except Flowster Runtime User).
  • Insert a new Database Name or choose an existing one from the drop-down list (required).
  • Click Next. The AD Domain Information wizard dialog will be displayed. All the information for this dialog are optional if the tenant will have as superadmin (nn. default added user) a custom user and not a domain user. 

NOTE: different authentication providers, including Active Directory can be later defined when configuring the tenant.


  • Insert a Domain FQDN
  • Select an AD Site (optional). If a site will be specified, this parameter will take precedence over the domain controller specified in the LDAP field. If not specified, the connection will be made with the info defined in the LDAP field.
  • Insert the Active Directory LDAP 
  • Insert a Username with rights over the given LDAP
  • Insert a Password for the given user
  • Check the SSL option only if the given domain works on a secure connection. In this case, also insert a port in the LDAP field. For example, LDAP://DomainController:636
  • Test if the connection to the given domain is successful or not
  • Click Next. The Super Admin configuration wizard dialog will be displayed. If you select as Superadmin an AD User, the fields from the previous dialog are mandatory (dialog with Active Directory information)

  • Insert the Super admin for the tenant. If the AD User option is checked, insert the user in the domain_fqdn\username format; if the Custom User option is checked, the dialog will expand with additional fields for the custom user creation. Regardless of the Super admin provider (AD User or Custom User), when Create Tenant is finished, the user will be added in the SuperAdmins security group.

CAUTION: If the AD User option is checked, and the user inserted in the Super admin field will have a different domain than the one specified in FQDN, this will result in a validation error OR if the AD User option is checked but the information for the Active Directory has not been filled, this will also result in a validation error that will prevent the tenant from being created.

IMPORTANT: When creating a tenant with a custom user, please take extra precaution to note/remember the password used for the custom user. If the password is forgotten, currently there is no option to restore it, and no one will have access to the new tenant (the master user is now deprecated, so no user will have external access to the new created tenant). 

  • Insert a Portal name for the portal client app. By default it is the tenant's name.
  • Click Finish.

The new tenant will be created, with all the given information and a new database on the selected SQL Server.


Edit Tenant

A tenant can be edited by selecting it from the Tenant's list (as mentioned above, only users that are granted rights to the tenant can see the tenant in the Tenants List and edit it)


Edit Information 

The user could migrate the database to a different database server of the same type or to a different type.

From the Information tab, users can change the Name, logo , Server Name, SQL Instance and Database of the tenant. Click Test Connection  to verify if the connection to the database is successful.  Click Save Changes when finished editing. 



Edit Execution Agents

The execution agents assigned to tenants should be unique. When an execution agent is added to a tenant, a default Windows Execution Group will be created on the selected tenants, with the agent’s endpoint.

The assigned execution agent will not be available for assignment to another tenant.


Edit Rights

The user assigned to a tenant can manage it from the Manage Tenants page. It can edit a tenant properties, assign other users or assign execution agents to it.


Edit Central Storage Path


In the Central Storage Path tab will be configured a network shared path where dynamic files for a workflow executions can be created by using Write To Central Storage File activity.

Manually insert the path and click the Apply button.

If used in a workflow, the Write Data To Storage activity will create a text file with the execution GUID for the file’s name, where it can insert user defined content (for example, variables values, arguments values, different strings, logs etc). The created file can be downloaded from Start Task parameter overview, Administrator→Execution Logs and Portal → History page, by selecting the Info option for an executed workflow and clicking the Download link.



Delete Tenant

A tenant can be removed from the tenants list, but this action will not delete the tenant's database. The remove operation is available only when the user is not on the selected tenant.

Only the default tenant (the first tenant created) will be allowed to delete tenants ( the child tenants won't be able to delete tenants). 

NOTE: A tenant cannot be deleted if it is in use by a user.



Related content

1.3.2. Settings
1.3.2. Settings
Flowster Studio 5.3
Read with this
1.3.3.2. Security groups
1.3.3.2. Security groups
Flowster Studio 5.3
More like this
1.3.3.2. Security groups
1.3.3.2. Security groups
Flowster Studio 5.4
More like this
1. Flowster Portal
1. Flowster Portal
Flowster Studio 5.4
More like this
1. Flowster Portal
1. Flowster Portal
Flowster Studio 5.3
More like this
Install with a new Database
Install with a new Database
Flowster Studio 5.3
More like this