Embotics® vCommander® multi-tenancy is very powerful and flexible, and allows for completely unique experiences for each organization’s members, whether these are customers for service providers, or business units in the enterprise. In that you can configure quotas, deployment destinations, ownership policies, IP Pools, and other many other settings to be specific to each organization, the onboarding process can become time-consuming. When this is the case, and you will onboard many organizations with the same basic settings, you can automate the process using the instructions included in this article.


The following requirements must be in place before this solution may be configured.

Creating a Custom Component

A service catalog entry must be configured that can be requested by the people responsible for managing onboarding activity.

  1. Under the Configuration menu, choose Service Request Configuration.
  2. Switch to the Service Catalog tab.
  3. Click Add Service.
  4.  Enter the Name Customer Onboarding and provide a meaningful Description, if you wish. Select an icon and categories as appropriate. Click Next.

  5. Click Add and choose New Component Type.

  6. Enter the Component Name Onboarding Processor, adding a meaningful description if you wish. Enter as the Annual Cost and click Add to Service. Click Next.

  7. Review the Component Name and Description and click Next.

  8. On the Deployment page, click Next.
  9. Choose Publish – Specific organizations, users and groups and select these as appropriate. Be careful to assign only to your own staff! Click Next.

  10. Click Finish.

Creating a Custom Attribute

The custom form that is created in the next step will use a custom attribute that lists the names of your managed systems. You can create the attribute directly from the form tool when you add it, or ahead of time, but for ease of reading the instructions below assume you’ll do it outside the form control.

  1. Under the Configuration menu choose Custom Attributes. Click Add.
  2. Enter the Name Managed Systems and provide a meaningful description if you wish.

  3. Choose Applies To: All and select List as the Type.
  4. Leave Edit in Service Portal checked. Click Next.
  5. Enter the values you want to appear. These can be the display labels of your managed systems or any other value, because the scripting being configured later will handle translating the value.

  6. Click Finish.

Creating a Form

Next, create a form to handle this type of request.

  1. Switch to the Form Designer tab.
  2. Click Add.
  3. Enter Onboarding as the Form Name, adding a Display Name if you wish.
  4. Choose New Request Component Form as the Form Type, and Onboarding Processor as the Component Type.
  5. Choose Publish – Specific organizations, users and groups and select as appropriate.

  6. Click OK.
  7. Click Delete for each tool in the middle designer pane, because it’s easier to start fresh. Add the following tools to make your form, then click Save:

    Form Element Options
    Header Text: Onboarding Customer
    Style: Heading 1

    Header Text: Organization Information
    Style: Heading 2

    Input Text Field Display label: Org Name
    Maximum Characters: 100
    Number of Lines: 1
    Required: Yes

    Header Text: Organization Manager
    Style: Heading 3

    Text Text: An Active Directory account that will receive all emails targeted at the manager.

    Input Text Field Display Label: Manager
    Maximum Characters: 100
    Number of Lines: 1
    Required: Yes

    Header Text: Organization Member Group
    Style: Heading 2

    Text Text: Optionally enter an Active Directory group that represents members of the organization. Anybody belonging to this group will be able to log in to the Service Portal.

    Input Text Field Display Label: Group
    Maximum Characters: 100
    Number of Lines: 1
    Required: Yes

    Header Text: Resource Quotas
    Style: Heading 2

    Text Text: Specify the maximum resources that this organization may consume.

    Input Text Field Display Label: CPU
    Maximum Characters: 100
    Number of Lines: 1
    Required: Yes

    Input Text Field
    Display Label: Memory (GB)
    Maximum Characters: 
    Number of Lines: 

    Input Text Field
    Display Label: Disk (GB)
    Maximum Characters: 100
    Number of Lines: 1
    Required: Yes

    Header Text: Infrastructure
    Style: Heading 2

    Header Text: Managed System
    Style: Heading 3

    Text Text: Select the managed system on which this customer will be provisioned.

    Customer Attribute Customer Attribute: Managed Systems
    Required: Yes
    Header Text: Folder
    Style: Heading 2

    Input Text Field
    Display Label: Folder
    Maximum Characters: 100
    Number of Lines: 1
    Required: Yes

You may also want to create a Service form assigned to the team handling onboarding requests that does not share contents with your global default, as the contents may not be relevant to your onboarding service.

Configuring a Completion Workflow

The completion workflow takes the values users enter into the form, and passes them to scripts that do the onboarding work via the vCommander REST API. In our example commands lines shown below, the onboarding scripts have been extracted to C:\Scripts\, and call encrypted credential files stored in C:\scripts\auth\ (see Encrypting Credentials for PowerShell Scripting). The location of the credentials file is defined in the scripts themselves.

  1.  Switch to the Completion Workflow tab.
  2. Click Add.
  3. Enter the Name Onboarding Completion and choose to Apply this workflow after an Unmanaged Component is deployed. Click Next.

  4. Add the following four Execute Script steps. For each set Step Execution to Always execute, Timeout to 300, Script Output to Capture script output as comment, and When Step Fails to Mark workflow step as failed: do not proceed. Use the Name and associated Command Line from the table below. (Note that there should be no line breaks in the command line.)

    Step Name Command Line
    Create Organization c:\windows\system32\WindowsPowerShell\v1.0\PowerShell.exe -ExecutionPolicy Bypass -File c:\scripts\create-org.ps1 -org_name "#{target.settings.inputField['Org Name']}" -manager "#{target.settings.inputField['Manager']}" -usergroup "#{target.settings.inputField['Group']}" -quota_cpu "#{target.settings.inputField['CPU']}" -quota_mem "#{target.settings.inputField['Memory (GB)']}" -quota_storage "#{target.settings.inputField['Disk (GB)']}"

    Create Folder c:\windows\system32\WindowsPowerShell\v1.0\PowerShell.exe -ExecutionPolicy Bypass -File c:\scripts\create-folder.ps1 -system "#{target.customAttribute['System']}" -folderName "#{target.settings.inputField['Folder']}"

    Create Destination c:\windows\system32\WindowsPowerShell\v1.0\PowerShell.exe -ExecutionPolicy Bypass -File c:\scripts\create-destination.ps1 -org_name "#{target.settings.inputField['Org Name']}" -system "#{target.customAttribute['System']}" -folderName "#{target.settings.inputField['Folder']}"

    Create Ownership Policy c:\windows\system32\WindowsPowerShell\v1.0\PowerShell.exe -ExecutionPolicy Bypass -File c:\scripts\create-ownership.ps1 -org_name "#{target.settings.inputField['Org Name']}" -folderName "#{target.settings.inputField['Folder']}" -manager "#{target.settings.inputField['Manager']}" -usergroup "#{target.settings.inputField['Group']}"

  5. Click Next.
  6. Choose Apply this workflow to the selected unmanaged components: and select the Onboarding Processor from the list. Click Next.

  7. Click Finish.

You are now ready to automatically onboard new customers