# Admin Configuration
Perform the following steps to configure a solution for a BL admin. Only ABB employees can be Ability Administrators.
Prerequisites:
- access to a portal ( reference portal info page )
- user has Ability Administrator access.
- Solution Administrator has already logged into the portal to register their username.
- Solution Administrator has provided the necessary tenant information.
# Sample Input
Below is an example of a valid solution request.
| Parameter | Value |
|---|---|
| Solution Name | ADP |
| Solution Scope | instance |
| Solution Namespace | adp.demo |
| Solution Administrator | first_name.last_name@country.abb.com |
| Background Application | BGA |
| Tenant 1 Alias | ADP (abboaa.onmicrosoft.com) |
| Tenant 1 Id | 3dbfa739-4be4-438e-bf17-bbcf853088db |
| Tenant 1 Identity Provider | ABB Ability(tm) Issuing TEST CA 02 |
| Tenant 1 Self Signup | enable |
| Tenant 1 Admin Identity | 98709be7-eb4f-4b3f-a15d-a33b970e5dac |
| Tenant 1 Admin Name | ADP Tenant Admin 01 |
| Tenant 1 Admin Email | adpAdmin01@abboaa.onmicrosoft.com |
| Tenant 1 Non-Admin Identity | ee5e41bb-3f24-436c-848e-7d2a441ac524 |
| Tenant 1 Non-Admin Name | ADP User 01 |
| Tenant 1 Non-Admin Email | adpUser01@abboaa.onmicrosoft.com |
| Tenant 2 Alias | UST (abboaa.onmicrosoft.com) |
| Tenant 2 Id | 3dbfa739-4be4-438e-bf17-bbcf853088db |
| Tenant 2 Identity Provider | ABB Ability(tm) Issuing TEST CA 02 |
| Tenant 2 Self Signup | enable |
| Tenant 2 Admin Identity | 3505fea9-ab50-4931-b740-b3a95c379485 |
| Tenant 2 Admin Name | US Tenant Admin 01 |
| Tenant 2 Admin Email | usAdmin01@abboaa.onmicrosoft.com |
| Tenant 2 Non-Admin Identity | ef6eda9b-6e52-473b-8b72-2bcdd19cf8c5 |
| Tenant 2 Non-Admin Name | US User 01 |
| Tenant 2 Non-Admin Email | usUser01@abboaa.onmicrosoft.com |
# Define solution
Login to the
ABB Abilitytenant with a user that has Ability Administrator access.
Verify your user is listed as an
Ability Admin.
Both Tenants will use the
ABB Ability(tm) Issuing TEST CA 02. Navigate toAuthenticationand then selectCertificates.
Below is the certificate for
ABB Ability(tm) Issuing TEST CA 02.
-----BEGIN CERTIFICATE-----
MIIEIDCCAwigAwIBAgIQVJ5s1NzrvLcoStU43GEGvjANBgkqhkiG9w0BAQwFADCB
jDELMAkGA1UEBhMCQ0gxDjAMBgNVBAcTBUJhZGVuMSUwIwYDVQQKExxBQkIgSW5m
b3JtYXRpb24gU3lzdGVtcyBMdGQuMR8wHQYDVQQLExZGT1IgVEVTVCBQVVJQT1NF
UyBPTkxZMSUwIwYDVQQDExxBQkIgQWJpbGl0eSh0bSkgVEVTVCBSb290IENBMB4X
DTE5MTAxNTAwMDAwMFoXDTM0MTAxNDIzNTk1OVowgaIxCzAJBgNVBAYTAkNIMQ4w
DAYDVQQHEwVCYWRlbjEkMCIGA1UEChMbQUJCIEluZm9ybWF0aW9uIFN5c3RlbXMg
THRkMQ8wDQYDVQQLEwZQRzk5NjQxHzAdBgNVBAsTFkZPUiBURVNUIFBVUlBPU0VT
IE9OTFkxKzApBgNVBAMTIkFCQiBBYmlsaXR5KHRtKSBJc3N1aW5nIFRFU1QgQ0Eg
MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZuD5B3SG0IRgNFvI8
1wTK6AtCZ/Qm/UVGHo1zEN4+yRutYGlqqL7lL2MbOhXw7qgQmFLQFYSCPbzGWIhO
A+KpiBUYDUUuF/XX+lC7h85Gd1L9kkH8eaJrxJ32ypumMDhkuiR/pxTbw099ZAxp
gBjUWQdc+cnkbLwYUpGufuYUw1DIHqM8SpuMlKtSV/dVXMCEkW44Hmi2kfvVE5pr
iOGZQ5Ghp7CNxpO3/siCCjg8iR0IyDsa6N1+9y33tmDZT7Rkmpt2DDlmYt1QsIoI
y6+87jcI6/WlyX+Efb6jb96bJdWW71nGA7e5ss9nZyxWkPT3MrkGhiRImHiFXqno
AD6NAgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
MB0GA1UdDgQWBBRgNAoy3RhvHOcsqW93XXjbNwTXqjAfBgNVHSMEGDAWgBRl801t
2oo7YZ/8BiTrnrzrbku84jANBgkqhkiG9w0BAQwFAAOCAQEAk/eJUX15xdPc1omd
UsfTnP7NuBGQd2vvXoXPD4RR9TAk9/sOs5hAVy8yx7S7631BXAOJeIkgKoE5m0qO
/D0GIegPJpiCobnLOyqD7Cq3bKREy50splvEXnmyfhs5vpn5pE2iTbGX8W7vvYoI
2O73JqeJSIuNk25h5spVPhyUVha2B3pRn12Gy3XpB22NdPQ2n6jZyd7SJf1QCFjn
bLTAQ2G8tGmt4BHLEhYiWMMGqB+l3squxX9ILhgidRuGgXghTGXdvEz9V1QvLy+E
dDNP9f0Xw7wz1EYOEe77+BvgPz1LKdyxgntf+5W1yNI/m93KFvu1FDndiEplqkCD
OkBSvg==
-----END CERTIFICATE-----
On the
Identity Providerspage, clickNew certificateand enterABB Ability(tm) Issuing TEST CA 02for Display Name and copy the text contents above to Certificate.
If the certificate shows it is not verified, contact Operations to validate the certificate.
Navigate to the
Solutionstab and selectNew Solution. Provide the solution name, scope and namespace. Click save.
Add the BL Solution Admin, identify by
first_name.last_name@country.abb.com, as an administrator for the solution. Navigate toSolutions->ADP->Details. Scroll down to selectAssign User. Use the search box to search for your user and assing it to thisSolution.
Navigate to Tenants and add the tenants for this solution. Substitute the Tenant 1 Id info as shown
https://login.microsoftonline.com/3dbfa739-4be4-438e-bf17-bbcf853088db/v2.0. In this example, the same tenant is used for both. SelectAllow Signupas specified and also includeABB Ability(tm) Issuing TEST CA 02as anIdentity Provider. Repeat for Tenant 2 Id
For each tenant, add the Admin and Non-Admin users as specified in the table.
Navigate back to the solution and select the
ContractTab. Add each tenant created to the solution.
TIP
Only Ability Admin can create Background Applications and assign Grants to them.
Once the Solution Admin defines the grant for the Background Application, they will contact
the Ability Admin to assign the Grant.
- If the solution request requires a Backgroud Application, select the
ApplicationTab. ClickNew Applicationand set the name toBGAfor Background Application,nonefor Delegation, and click save.
- After the
Solution Admindefines the desiredGrantfor the background application, theSolution Adminwill provide the name of theGrant. Once provided, edit the BGA application, select the 'Grants' tab, assign the grant specified by theSolution Admin, and click update.
This completes the steps for an Ability Admin to configure a solution for a Solution Admin.
# Next Steps
If these steps can be completed without error, the Solution Admin can complete the configuration without additional assistance from the the Ability Admin.