Hi There,
I'm trying to find SSO upgrade documentation that outlines the options that I must select for the following upgrade scenario:
Prior to upgrade to 5.5:
My understanding it that the upgrade for SSO so Linked Mode will work post 5.5 upgrade should go as follows (obviously linked mode has been removed prior to the upgrade):
The problem is on the first SSO server when I select MULTISITE option on the next page I enter the details for Partner host and password I've been getting one of the following errors:
And cannot proceed with the upgrade. The only option that works is the STANDALONE vCENTRE SSO SERVER option which I think linked mode wont work post upgrade.
Any help pointing me to a document that highlights the correct options so linked mode is retained post upgrade would be great.
Cheers
You're using the vCenter 5.5 Update 2 installer or an old version ? Because there are some changes on descriptions of deployments modes between vCenter 5.5 GA/Update 1 and 5.5 Update 2, take a look:
The available deployment modes for vCenter Single Sign-On are:
For vSphere 5.5GA to vSphere 5.5 Update 1b:
- vCenter Single Sign-On for your first vCenter Server
- vCenter Single Sign-On for an additional vCenter Server in an existing site (formerly HA Cluster)
- vCenter Single Sign-On for an additional vCenter Server with a new site (formerly Multisite)
For vSphere 5.5 Update 2 and onward:
- Standalone vCenter Single Sign-On Server
- High availability
- Multisite
For your first vCenter, you should select "Standalone vCenter Single Sign-On Server" and for the second the "Multisite" option, see this note:
Multisite | vSphere 5.5 Update 2 and onward
This option installs an additional vCenter Single Sign-On server in a new logical site. When vCenter Single Sign-On servers are created using this option, they will all be members of the same vSphere.local authentication domain.As an improvement over vSphere 5.1, Single Sign-On data (policies, solution/application users, identity sources) is now automatically replicated between each vCenter Single Sign-On server in the same vSphere.local authentication domain every 30 seconds.This mode must be used only after the first vCenter Single Sign-On server is deployed using the vCenter Single Sign-On for your first vCenter Server or Standalone vCenter Single Sign-On Server option, depending on your vSphere 5.5 release version.
To detailed information, see this KB article: VMware KB: vCenter Single Sign-On deployment modes for vSphere 5.5
On the first site SSO installation, you should select the option "vCenter Single Sign-On for your first vCenter Server" and proceed with installation.
On the second site SSO installation, you should select the option "vCenter Single Sign-On for an additional vCenter Server with a new site", on the next screen you will be asked for the "Partner" information, that will be the name of first vCenter that you have installed.
Here are some links with detailed step by step installation:
http://wahlnetwork.com/2014/04/14/setting-multiple-sites-vcenter-single-sign-sso-5-5/
Just another tip, is that you should isolate your vCenter servers before the upgrade and then join them again after both vCenter has been upgraded.
Hi Richardson,
Thanks for that information and links, although that information seems correct if its a fresh 5.5 install. When I'm upgrading from 5.1 U1a to 5.5 Ub I get a different set of SSO options (see pic).
My thoughts would be the Multisite option.
Cheers.
You're using the vCenter 5.5 Update 2 installer or an old version ? Because there are some changes on descriptions of deployments modes between vCenter 5.5 GA/Update 1 and 5.5 Update 2, take a look:
The available deployment modes for vCenter Single Sign-On are:
For vSphere 5.5GA to vSphere 5.5 Update 1b:
- vCenter Single Sign-On for your first vCenter Server
- vCenter Single Sign-On for an additional vCenter Server in an existing site (formerly HA Cluster)
- vCenter Single Sign-On for an additional vCenter Server with a new site (formerly Multisite)
For vSphere 5.5 Update 2 and onward:
- Standalone vCenter Single Sign-On Server
- High availability
- Multisite
For your first vCenter, you should select "Standalone vCenter Single Sign-On Server" and for the second the "Multisite" option, see this note:
Multisite | vSphere 5.5 Update 2 and onward
This option installs an additional vCenter Single Sign-On server in a new logical site. When vCenter Single Sign-On servers are created using this option, they will all be members of the same vSphere.local authentication domain.As an improvement over vSphere 5.1, Single Sign-On data (policies, solution/application users, identity sources) is now automatically replicated between each vCenter Single Sign-On server in the same vSphere.local authentication domain every 30 seconds.This mode must be used only after the first vCenter Single Sign-On server is deployed using the vCenter Single Sign-On for your first vCenter Server or Standalone vCenter Single Sign-On Server option, depending on your vSphere 5.5 release version.
To detailed information, see this KB article: VMware KB: vCenter Single Sign-On deployment modes for vSphere 5.5
Perfect, thanks for the clarification and link. That's exactly what I was looking for.
Cheers