VMware Cloud Community
Psymonious
Contributor
Contributor
‎09-26-2013 02:34 AM
Jump to solution

vCenter/Single Sign-On design recommendation

Hi there

We'd like to make a fresh installation of our 2 virtual centers.

The vCenters look like this

----------------------------------------------------------------------------

1 vCenter Primary Site (source vCenter for SRM)

1 vCenter Backup Site (target vCenter for SRM)

The current running configuration has an issue with SSO. If the primary vCenter is down you cannot login to the second which should be the backup vcenter.

My question is, how to set up the vCenters with SSO that the two vCenter are not affected by another (linked mode and SRM must also work).

Anyone has some experiences with this or has some recommendations for me?

thanks so far

Simon

0 Kudos
1 Solution

Accepted Solutions
ssumichrast
Enthusiast
Enthusiast
‎09-26-2013 04:07 AM
Jump to solution

In 5.5 you will want to install the first vCenter and create a new SSO domain.  Then when you install the second vcenter, you also need to install SSO but tell it to join an existing domain. This will cause the two SSO instances to replicate, but each vcenter has its own copy of the SSO database. That way when the primary vcenter goes offline, the backup vcenter can still log in with SSO and all of the data you need.

I Am not familiar enough with 5.1s SSO -- we skipped that upgrade (and boy I'm glad). My advice would be to upgrade to 5.5 with a clean install if possible and configure SSOs on both sides with replication.

View solution in original post

0 Kudos
3 Replies
ssumichrast
Enthusiast
Enthusiast
‎09-26-2013 04:07 AM
Jump to solution

In 5.5 you will want to install the first vCenter and create a new SSO domain.  Then when you install the second vcenter, you also need to install SSO but tell it to join an existing domain. This will cause the two SSO instances to replicate, but each vcenter has its own copy of the SSO database. That way when the primary vcenter goes offline, the backup vcenter can still log in with SSO and all of the data you need.

I Am not familiar enough with 5.1s SSO -- we skipped that upgrade (and boy I'm glad). My advice would be to upgrade to 5.5 with a clean install if possible and configure SSOs on both sides with replication.

0 Kudos
Psymonious
Contributor
Contributor
‎10-08-2013 06:11 AM
Jump to solution

Thank you for your advice!

We will try this soon.

0 Kudos
TheITHollow
Enthusiast
Enthusiast
‎10-08-2013 07:26 PM
Jump to solution

I think this post by Ken Werneburg may be helpful to you.

Linked mode with SSO for SRM | VMware vSphere Blog - VMware Blogs

http://www.theithollow.com
0 Kudos