Rooms User Guide

A Tehama Room provides an isolated set of tools and services so you can collaborate securely. Organizations work together using a shared room with access governed by a policy. As a Room owner or administrator, you can monitor and audit user actions they perform when accessing and using resources on the connected network. Actions you can audit include their sessions, use of access credentials, transferring files in and out of your systems, and much more. More information on the Room concept is available in the Introduction.

For more information on various scenarios regarding creating a Room see the Getting Started Guide.

The graphic that follows provides a display of the architecture of the isolation that Rooms provide in the scenario where a service buyer (customer) has two rooms in Tehama connected to their network.


Depending on what type of user (administrator, manager, staff) you are and organization you belong to, a Room can contain all or a subset of the following six tabs:

  • CONNECTION – Allows you to manage and see status of the connection and to view/configure your firewall rules
  • MEMBERS – Use to manage who has access to the room
  • CONFIGURE – Use to add and configure tools such as desktops to a Room, or control access to your assets in a secrets vault (read-write). Also use to view/upgrade/downgrade your room's configuration details.
  • WORK – The main tab for end users of the Room. Use to access the tools (desktops, file vault, secrets vault (read only) )) available in the Room
  • AUDIT – Use to view the activity stream for you Room, and also to view recordings of your Room's desktop sessions
  • POLICY – Use to view or accept the compliance policy that governs access to assets accessible from the Room

NOTE: Depending on the status of your room you may or may not see all of these tabs. For example, the Work and Audit tabs are only available after you successfully connect the gateway agent and provision your room.


The Connection tab gives you control over the connection for your room. It provides you with the Status and Firewall Rules sidebar items.


The Status page provides three important capabilities.

The top of the page displays the Gateway Agent connection status showing you whether or not your room is currently connected.

Your room's connectivity depends on a Gateway Agent being installed for your room. The middle of the page provides you with a link to the Gateway Agent User Guide for information on setting up the Gateway Agent and connecting it to your room.

The bottom of the page displays a button with which to regenerate the Access Key for your room's Gateway Agent, if required. Again see the Gateway Agent User Guide for more information on managing this key.

Firewall Rules

The Firewall Rules page allows you to customize access to the room's Desktops from remote applications/services through the room's Gateway Agent.


The Members tab is used to request or approve who has access to the Room. It groups users by organization.

As the user organization you can:

  • Request that teams or members be granted access to the team. These requests will be approved by the connected organization if they did not choose the automatic approval method.
  • Remove your member's access.

As the connected organization you can:

  • Add your own members to the room by expanding your organization in the list and clicking the + MEMBER button, or by clicking the ADD button in the top right corner of the page and selecting Member from the drop-down.
  • If you own the room (are paying for it) you can invite another organization by using the ADD button and selecting Organization from the drop-down.
  • Approve or deny requests for access from other organizations you've invited by expanding that organization and selecting the "check box"/"x" buttons.
  • Remove users access by using the trash can Delete icon.


You can use the Configure tab to view/change your room's configuration details and to add/configure tools such as Desktops and the Secrets Vault.

Room name

Click on the room name in the breadcrumbs in order to make it editable. Save your change by selecting the checkmark or discard it by selecting the cross.

Note that the name field (the name of the Room) may only be modified by the billing organization's admin or the Tehama super user.

Note that the ability to change the room name is available from any tab in the room.


Click the Details sidebar item to view your room's current configuration. Click on the upgrade/downgrade button to select a different room configuration.


Click the Desktops sidebar item to view your room's current list of desktop configurations.

From here you can add new desktop configurations, or view/edit existing desktop configurations. See more information in the Configure Desktops section of the Desktops User Guide.


From the Secrets sidebar item under the Configure tab, you can add/configure secrets as described in the Secrets User Guide.


The work tab is the main interaction point for most daily users of Tehama. It provides you with links to the available tools for the Room to actually deliver the work you are doing in the Room.

My Desktops

Lists the desktops that you have been granted access to in the Room. The status icon for each desktop shows you whether the desktop is in use or not.

To use a desktop, click the Desktop name and you will be provided with login information you can use to access the desktop. See more information in the Work with Desktops section of the Desktops User Guide .

File Vault

The file vault tab is used to transfer files in and out of the desktops. Any files you upload to the file vault will be available in the z:\ drive of the desktops.


From the Secrets sidebar item under the Work tab, you can view secrets as described in the Secrets User Guide.


The audit tab is used to access the auditing and monitoring capabilities of the room.

Activity Stream

The activity stream for a room shows all the activity that has taken place on or to the room since its creation.

Session Recording

At this time this includes past and live recordings of all sessions. Remote session recordings securely capture activity related to the type of work and actions performed on assets in Tehama. While the virtual desktops are being used, they are also being recorded.

Note that live sessions and recorded live sessions are available to view on the desktop ONLY by those having appropriate permissions for the room (see Roles User Guide).

The following procedure describes how to view a live session:

To View Recorded Sessions

  1. In Tehama, click the ROOMS tab.
  2. Click the AUDIT tab. The display shows all the activity in that room.
  3. Locate the session to view. NOTE: Saved recordings are associated with an ID number.
  4. To display details about a session, click the Information Information icon.
  5. Use the Play Play icon to start viewing the recording.

To View Live Sessions

  1. In Tehama, click the ROOMS tab.
  2. Click the AUDIT tab. The display shows all the activity in that room.
  3. Open the workspace agent.
  4. Navigate to the Live Audit page.
  5. Select the session(s) from the list that appears.
  6. Optionally, you can also access the Live Sessions from the workspace agent on a desktop.


Rooms optionally support having a Policy associated with them. This is managed through the Policy tab.

If you are the organization connecting the Room you will be prompted to configure a Policy or have "no policy" that governs the use of the Room. More information on policies can be found in the Policy User Guide.

If you have been invited to the Room you will be prompted to accept the Policy if one is set before your first access. This will occur every time the Policy is changed.