1 of 4

Managing Tenants

Tenant configuration

To see the list of existing Tenants in the Tenant Broker console, select Farm > Tenants.

The Status column indicates the Tenant status, which can be one of the following:

OK — The Tenant has joined and has been verified.
Not Joined — The Tenant object was created for the Tenant and the invitation hash was generated, but the Tenant has not joined the Tenant Broker yet.
Not Verified — The Tenant has joined, but no connection to the Tenant's RAS Connection Broker has been established yet. This status is usually displayed for a minute or so immediately after the Tenant joins the Tenant Broker. Once the connection is established, the status changes to OK.
This status can also appear when the Tenant Broker loses a connect with the Tenant's primary Connection Broker. Shared gateways will be able to process connections only if they are still able to communicate with the Tenant’s Connection Broker on their own. They are independent from the Tenant Broker's Connection Broker, but Tenant’s Connection Broker is still required to authenticate users.
Disabled — The Tenant is disabled in the Tenant Broker configuration. You can enable and disable Tenant objects as described below.

To see and modify Tenant properties, click Tasks > Properties (or right-click > Properties). The Properties dialog opens where you can view and modify the following properties:

Enable Tenant: Enable or disable the Tenant object in the Tenant Broker.
Name: The Tenant name (must be unique).
Public domain address: The unique address that end users connect to from the outside (e.g. RAS.tenant.com, tenant1.MSP-FARM.com, etc.). See more in Assign a public domain address.
Clients in gateway mode connect to published tenant resources by server IP: When selected, clients will use the Tenant IP address instead of the DNS name. You can use this option when a Tenant farm does not share the same DNS provider as the Tenant Broker farm.
Do not show billing information: (Only for Tenants joined with an invitation hash) When selected, billing information is not shown in the Licensing category of the Tenant.
Forward tenant sessions tunneled through gateway using server IP: When a client session is forwarded to a server hosting published resources, either the server name (FQDN, hostname) or IP address can be used. When this option is selected (default) the IP address is used to forward the session internally. When the option is cleared, the configured host name is used.
Description: An optional Tenant description. The Tenant description is a property that exists and can be viewed only in the Tenant Broker console.
Connection Brokers: An IP address of one or more RAS Connection Brokers installed in the Tenant Farm. This is a read-only field.
Tenant invitation hash: The hash that was used to join the Tenant to the Tenant Broker. This is a read-only field.
Automatically log out idle client connection after: The time period after which an idle client connection should be logged out. For information on how to configure this property, see Remote session settings.

Deleting a Tenant object

A Tenant object can be deleted any time. To delete an object, click Tasks > Delete (or right-click > Delete). This deletes the Tenant configuration from shared RAS Secure Gateways, so no RDP sessions can be established from the gateway to the deleted Tenant anymore. The Tenant's RAS Console will show the Tenant Broker status as "Join Broken" after this. To completely remove any references to the Tenant Broker, the Tenant admin needs to unjoin the Tenant from the Tenant Broker.

Opening a Tenant console

As a Tenant Broker admin, you can open the Tenant console right from the Tenant Broker console. To do so, navigate to Farm > Tenants, right-click a Tenant and choose Open tenant console. This will open a new instance of the RAS Console and will prompt you to log in to the Tenant Farm. Please note that the Tenant Farm must be configured to allow remote console connections, which means that the corresponding port must be open on the Tenant Connection Broker and you need to know the credentials of the Tenant Farm administrator.

When you log in to a Tenant from the Tenant Broker console, the Tenant Farm is automatically added to the Location drop-down list (in the upper left-hand corner of the RAS Console window), so you can connect to the Tenant again by simply selecting it in the Location list.

Tenant configuration

To see the list of existing Tenants in the Tenant Broker console, select Farm > Tenants.

The Status column indicates the Tenant status, which can be one of the following:

OK — The Tenant has joined and has been verified.
Not Joined — The Tenant object was created for the Tenant and the invitation hash was generated, but the Tenant has not joined the Tenant Broker yet.
Not Verified — The Tenant has joined, but no connection to the Tenant's RAS Connection Broker has been established yet. This status is usually displayed for a minute or so immediately after the Tenant joins the Tenant Broker. Once the connection is established, the status changes to OK.
This status can also appear when the Tenant Broker loses a connect with the Tenant's primary Connection Broker. Shared gateways will be able to process connections only if they are still able to communicate with the Tenant’s Connection Broker on their own. They are independent from the Tenant Broker's Connection Broker, but Tenant’s Connection Broker is still required to authenticate users.
Disabled — The Tenant is disabled in the Tenant Broker configuration. You can enable and disable Tenant objects as described below.

To see and modify Tenant properties, click Tasks > Properties (or right-click > Properties). The Properties dialog opens where you can view and modify the following properties:

Enable Tenant: Enable or disable the Tenant object in the Tenant Broker.
Name: The Tenant name (must be unique).
Public domain address: The unique address that end users connect to from the outside (e.g. RAS.tenant.com, tenant1.MSP-FARM.com, etc.). See more in Assign a public domain address.
Clients in gateway mode connect to published tenant resources by server IP: When selected, clients will use the Tenant IP address instead of the DNS name. You can use this option when a Tenant farm does not share the same DNS provider as the Tenant Broker farm.
Do not show billing information: (Only for Tenants joined with an invitation hash) When selected, billing information is not shown in the Licensing category of the Tenant.
Forward tenant sessions tunneled through gateway using server IP: When a client session is forwarded to a server hosting published resources, either the server name (FQDN, hostname) or IP address can be used. When this option is selected (default) the IP address is used to forward the session internally. When the option is cleared, the configured host name is used.
Description: An optional Tenant description. The Tenant description is a property that exists and can be viewed only in the Tenant Broker console.
Connection Brokers: An IP address of one or more RAS Connection Brokers installed in the Tenant Farm. This is a read-only field.
Tenant invitation hash: The hash that was used to join the Tenant to the Tenant Broker. This is a read-only field.
Automatically log out idle client connection after: The time period after which an idle client connection should be logged out. For information on how to configure this property, see Remote session settings.