Limitations for Moving and Acquiring Tenants Through Common Services
Expand all | Collapse all
Limitations for Moving and Acquiring Tenants Through Common Services
Learn about the limitations and caveats for moving internal tenants and acquiring
external tenants through Common Services.
| Where Can I Use This? | What Do I Need? |
|---|
- Tenant or tenant service group (TSG)
- Strata Cloud Manager
- Strata Multitenant Cloud Manager
- The hub
|
- Prisma Access license
- Superuser or Multitenant Superuser role on the source
and target tenants
|
- You can acquire only the top-most, root-level, parent tenant hierarchies. You cannot
acquire intermediate tenants within a hierarchy.
- You can't acquire tenant hierarchies with Service Provider Backbone enabled in the
hierarchy.
- It's not recommended that a tenant hierarchy without a Service Provider Backbone
enabled be acquired into a tenant with a Service Provider Backbone enabled. The
action isn't blocked, but can have inconsistent results.
You can't acquire a tenant hierarchy with Prisma SD-WAN licenses in the hierarchy at this time.
Users with access to a tenant that acquires a new target tenant will
gain access to the target tenant through inheritance.
Tenant support contacts won't be changed during a move.
A tenant with no support contact will inherit the new owner's
contact.
If a tenant is using a shared Cloud Identity Engine instance, you can't
acquire it until the shared instance is removed.
A tenant will keep all custom role definitions created on it.
All service accounts created on a given tenant will stay with that
tenant after being moved.
If some but not all contact email addresses provided are valid tenant
users, they will still receive the approval request email. Invalid emails will
be ignored.
Invalid acquisition requests will fail silently, they will look like
successful requests to keep tenant information secret from the user.
