VMware Cloud Community
gene_torres
Contributor
Contributor
‎03-05-2013 11:48 AM

SSO Installation/Join Possible?

I haven't been able to find documentation to set me straight on this, so was wondering if anyone's done this... Here's the scenario:

Datacenter 1:

vCenter 5.1 and all required products installed and working.  SSO was installed as the first one in a multi-site implementation.

Datacenter 2:

Starting vCenter installation, however, firewall ports between datacenters haven't been opened yet. 

Question:

If I start this SSO installation in DC2, without the firewall ports, could I install this as a standalone, and then later on when firewall ports are available, join this into a multi-site SSO easily, or will I need to re-install it changing the mode and entering the existing SSO information?

I'm betting it's best to have that communication opened between the datacenters first and save myself some trouble, but wanted to throw this out there and see what you all have done or experienced, and most importantly, see if it was even possible without a complete re-installation of SSO in DC2.

Thanks in advance!

Tags (5)
0 Kudos
2 Replies
EdWilts
Expert
Expert
‎03-05-2013 02:41 PM

Nothing in SSO is easy and it will fight you every step of the way.

Also remember that even in a multi-site SSO environment, there is no automatic replication between the SSO servers.  There is an export/import utility but it's up to you to schedule it.

.../Ed (VCP4, VCP5)
0 Kudos
gene_torres
Contributor
Contributor
‎03-06-2013 10:46 AM

You're right there with SSO, it has been the single piece of vCenter 5.1 so far that I've had to touch more than anything else outside of getting in and building the heirarchy and roles in vCenter.


Good call out regarding multi-site SSO, I made sure I caught that gem of information before actually installing. At least even with a manual process, VMware gave us the import/export utility.

I might just end up waiting until the network is set up to allow cross-datacenter communication for vCenter before doign it.  It will just delay this migration project by 1-2 weeks which I can afford since I'm now ahead of schedule (woohoo).

0 Kudos