I think you are on the right track. The only multi-tenant big deployment I have seen.... used cryptic groups as well "just in case" and had "Customer 1228474 Group" like that. But when you have thousands of tenants, using names is problematic and coming up with a system is actually better.
There are some big multi-tenant guys around, but I don't think they hang out here. From: [email protected] [mailto:[email protected]] On Behalf Of Pete Hakesley Sent: Tuesday, March 1, 2016 8:57 AM To: MSMOM ([email protected]) <[email protected]> Subject: [msmom] Groups and Sealed MPs MSMOM, I am building a new SCOM 2012 R2 UR9 environment for a secure multi-tenant platform (cloud ESX based) I was asked about data inside management packs and I have determined in the normal way we use MP causes a problem. Rule: No data pertaining to customer A can be presented on any other customer server. So If I create a Unsealed MP which contains views, Groups overrides must reside in this MP. So an override could exist in here which means this MP is delivered to all Agent based servers - VERY bad If a create a MP of Views and Group and seal it then create a overrides MP for that customer (without using the customer name) I can ensure no MP's are sent to the agents with customer information in - VERY GOOD The other option is to name Groups and views with cryptic names - makes the GUI experience very poor. My question: What are the pitfalls and has anyone used Sealed Group/View MP to good use? In this kind of scenario? Peter Hakesley | Monitoring & Automation Technical Lead Engineer, Data Centre Services t: +44(0)845 155 6556 ext: 4006 e: [email protected]<mailto:[email protected]> | w: www.scc.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.scc.com%2f&data=01%7c01%7ckevin.holman%40microsoft.com%7c26b297bd1803485e20b308d341e22d25%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=RH9lRZqqVliJkrm1mZFdEDgp3aT8s4VB1GSZGP%2bofwk%3d> a: SCC, CV1, Cole Valley, 20 Westwood Avenue, Tyseley, Birmingham B11 3RZ
