Getting Started Checklist

Purpose

This guide provides a point-by-point checklist of the steps necessary to complete the initial Tehama setup.

For a more detailed walk through, go through the Getting Started guides starting with the overview or reach out to Tehama Support.


Prerequisites

  • Mobile device (Smartphone or Tablet)
  • Google Authenticator App (to be installed on the mobile device)
  • Gateway Host (host for the Tehama Gateway, two if the 'Multiple Gateways' option is to be enabled)
    Note: A host for the Tehama Gateway is optional. The connected organization may opt to provide access only to applications and services in the cloud (by setting 'Network Access' to 'Internet Only'), which does not require the installation of a Tehama Gateway.
  • Tehama Client Host (host for the Tehama Client - the host device from which each Tehama user connects to their Tehama Desktops)
    Note: Each user for whom you provision a Tehama Desktop is going to need a host device from which to launch and connect to the Desktop. They must be able to install the Tehama Client on this host device.

Joining Tehama

  • Invite Email: Locate the invite email and click on the Accept invitation link
  • Account Creation/Initial Log In
    • Enter personal details and choose a password
    • Click Register
  • Google Authenticator Setup
    • Set up Google Authenticator
      LOG IN dialog appears
    • Enter the username and password
    • Enter the 6-digit code on Google Authenticator (not needed for Google Login)
    • Accept the latest Terms of Service (ToS), if required. (It is never required for members of organizations that have enabled custom terms of service.)
  • Organization Registration (only if joining as an organization)
    • Enter organization details when prompted
    • Press Complete Registration
  • Profile Page Completion
    • Enter user details when prompted
    • Press Save

Tehama Installation (Room create/connect/join)

Following your completion of your profile, you will be asked either to create a Room, to connect a Room or to join a Room, depending on the type of your invitation. Pick the scenario that applies to you.

  • Create Room - "I want to create a Room."
  • Connect Room - "I've been invited to connect my network to a Room that was created by my service provider."
  • Join Room - "I've been invited to join a Room as a third-party organization."

 • Create Room

Choose the Room type that best suits your needs:

  • Create and connect a Standard Room: "I am creating a Room, connecting it to my network, and then (optionally) inviting another organization to join and use the Room."

  • Create and connect a Domain Join Room: "I am creating a Room, connecting it to my organization's network, and then connecting my network's domain to the Room."

  • Create a Service-provider Room: (special case of the Standard Room) "I'm creating a Room and requesting another organization, my service-consumer, to connect it to their network."

All three of the above workflows begin in the ROOMS tab for your organization:

Synopsis:

For Standard Rooms:

  • Click NEW in the ROOMS tab.
  • Select Standard Room.
  • Select "Your Organization" in the Connect this room to field.
  • Enable or disable the File Vault in the Room.
  • Enable or disable the App Vault in the Room.
  • Enable or Disable 'Desktop Administrator Rights' for Desktops of type Workspace in the Room. Read the screen carefully before choosing to enable or disable.
  • Select the type of network access in the Room ('Tehama Gateway' or 'Internet Only').
  • Connect the Room
    • this simply means to 'build' the Room if the network access mode is 'Internet Only'.
    • this means to install and connect a Tehama Gateway to the Room, otherwise.

For Domain Join Rooms:

  • Click NEW in the ROOMS tab.
  • Select Domain Join Room.
  • Enable or disable the File Vault in the Room.
  • Enable or disable the App Vault in the Room.
  • Connect the Room
  • Open ports for communication between the Room and the network's Domain Controller(s).
  • Connect the network's Domain Controller(s) to the Room.

For Service-provider Rooms:

  • Click NEW in the ROOMS tab.
  • Select Standard Room. (A Service-provider Room is a special case of a Standard Room.)
  • Select "Third-Party Organization (Invite)" in the Connect this room to field.
  • Enable or disable the File Vault in the Room.
  • Enable or disable the App Vault in the Room.
  • Enter info needed to invite the Third-Party organization to connect the Room.
  • Send out the invitation to connect the Room to the Third-Party organization.

 • Connect Room

Connect to a Service-provider Room: "I've been invited to connect my network to a Room that was created by my service provider."

Synopsis:

After having clicked on the link in the invitation email, and, if necessary, creating an organization in Tehama:

  • Accept the invitation to join and connect the Room.
  • Click on the Room name in the ROOMS tab.
  • Enable or Disable 'Desktop Administrator Rights' for Desktops of type Workspace in the Room. Read the screen carefully before choosing to enable or disable.
  • Select the type of network access in the Room ('Tehama Gateway' or 'Internet Only').
  • Connect the Room
    • this simply means to 'build' the Room if the network access mode is 'Internet Only'.
    • this means to install and connect a Tehama Gateway to the Room, otherwise.

 • Join Room

Join a Standard or Service-provider Room: "I've been invited to join a Room as a third-party organization."

Synopsis:

After having clicked on the link in the invitation email, and, if necessary, creating an organization in Tehama:

  • Click on the Room name in the ROOMS tab.
  • Accept, if necessary any policy set for your organization.

Proceed to propose members in the Room from your organization.


Install the Tehama Gateway

  • Install a Tehama Gateway instance on your selected Gateway host following the instructions in the Tehama Gateway User Guide. (Repeat on your other selected Gateway host, if your Room has the 'Multiple Gateways' option enabled.)
    NOTE: Due to a limitation in the authentication framework used by Tehama, the Tehama Gateway cannot be installed on the 172.31.x.x network.

    In addition, Tehama cannot connect to resources that are on the 172.31.x.x network directly.

    If you have the following situation:

    • the Tehama Gateway is on a supported network; and
    • a resource is on the 172.31.x.x network

    then a workaround would be to create a NAT on the network to NAT the address of the resource to an address that Tehama can see, like 10.x.x.x or something similar.
  • Verify Connectivity with your Room
    Once Tehama has reported a connection with your Room, confirm the connection to your network, and its associated IP address by navigating to your Room's CONNECTION tab's STATUS sidebar item (when 'Network Access' is set to 'Tehama Gateway'):
    • A green dot will indicate a connection was established.
    • IP addresses will be displayed (referring to the Tehama routers assigned to the Tehama Gateway instance(s) for your Room, two per instance). (You may have two Tehama Gateway instances running if your Room has the 'Multiple Gateways' option enabled.)
    • For each entry in the table of Tehama Gateways for the Room, a Room connected icon Room connected icon will appear.

For more detailed information about the installation of the Tehama Gateway, please see the Tehama Gateway User Guide.


Tehama Administration (Org/Room setup)

Having create and connected a Room, you can now carry out basic and necessary organization and Room setup.

See the Getting Started with Tehama Administration guide for help with the following:

As the organization that created and connected a Standard Room:

As the organization that created and connected a Domain Join Room:

As the organization that created a Service-provider Room:

As the organization that connected a Service-provider Room:

As the organization that joined a Standard or a Service-provider Room: