VMware Cloud Community
yuanlinios
Contributor
Contributor
‎11-18-2018 06:39 AM
Jump to solution

Merge SSO domain in VCSA 6.7U1?

I noticed following from Under the Hood - vSphere 6.7 Update 1 - VMware vSphere Blog

Now, you have the flexibility to combine, merge, or separate vSphere SSO Domains ...

So it is already possible to MERGE SSO domains? For example, I have 2 independent deployments of VCSA 6.7U1 with their own "vsphere.local" SSO domain. Is it possible to merge them into 1 "vsphere.local" SSO domain so that ELM can work?

VCIX6-DCV/NV, RHCA, CCIE www.linkedin.com/in/yuanlinios
Tags (2)
0 Kudos
1 Solution

Accepted Solutions
yuanlinios
Contributor
Contributor
‎11-19-2018 07:40 AM
Jump to solution

I was too impatient... Found the solution from official document

Repoint vCenter Server with Embedded Platform Services Controller to Another vCenter Server with Emb...

Work like a charm

VCIX6-DCV/NV, RHCA, CCIE www.linkedin.com/in/yuanlinios

View solution in original post

0 Kudos
7 Replies
HassanAlKak88
Expert
Expert
‎11-19-2018 12:14 AM
Jump to solution

Hello,

Yes, and this called "Embedded Linked Mode". check the following: vCenter Embedded Linked Mode for a vCenter Server Appliance with Embedded Platform Services Controll...

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.

Cheers,

VCIX6-NV|VCP-NV|VCP-DC|

@KakHassan

linkedin.com/in/hassanalkak


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
0 Kudos
yuanlinios
Contributor
Contributor
‎11-19-2018 04:47 AM
Jump to solution

Hello,

Of course I know ELM is supported for VCSA with embedded PSC and it is the recommended configuration.

But before you link them together, you have to put them into the same SSO domain, correct?

So my question is how to merge/consolidate individual "vsphere.local" SSO domains into one. Is it possible in VCSA 6.7U1?

VCIX6-DCV/NV, RHCA, CCIE www.linkedin.com/in/yuanlinios
0 Kudos
HassanAlKak88
Expert
Expert
‎11-19-2018 05:07 AM
Jump to solution

Hello,

The setup should be as following:

Site A:

  • Stage 1: Deploy vCenter with Embedded PSC
  • Stage 2: Configure SSO domain "vsphere.local"

Site B:

  • Stage 1: Deploy vCenter with Embedded PSC
  • Stage 2: Join this PSC to existing SSO domain on Site A

if you already configured two SSO domains "vsphere.local" on each site, you have to go to Site B and reconfigure SSO domain (using the installer setup) to join the Site A appliance.

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.

Cheers,

VCIX6-NV|VCP-NV|VCP-DC|

@KakHassan

linkedin.com/in/hassanalkak


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
0 Kudos
HassanAlKak88
Expert
Expert
‎11-19-2018 05:10 AM
Jump to solution

Or reconfigure following the below:

Reconfigure vCenter Server with Embedded PSC (your case it is another external PSC) to vCenter Server with External PSC

  1. Login to the vCenter Server:

    vCenter Appliance - as root user using SSH.
    Windows v Center - as administrator using RDP.

  2. Run this command to verify that all PSC services are running:

    service-control --status --all

  3. Run this command:

    cmsso-util reconfigure --repoint-psc psc_fqdn_or_static_ip --username username --domain-name domain_name --passwd password [--dc-port port_number]

    Note:The FQDN value is case-sensitive.

    The options username and password are the administrator user name and password of the vCenter Single Sign-On domain_name.

    Use the --dc-port option if the external Platform Services Controller runs on a custom HTTPS port. The default value of the HTTPS port is 443.

    For example:

    Run this command if the external PSC runs on a custom HTTPS port 449:

    cmsso-util reconfigure --repoint-psc psc.acme.local --username administrator --domain-name vsphere.local --passwd Password1! --dc-port 449

  4. Login to the vCenter Server instance by using the vSphere Web Client and verify that the vCenter Server is running and can be managed.

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.

Cheers,

VCIX6-NV|VCP-NV|VCP-DC|

@KakHassan

linkedin.com/in/hassanalkak


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
0 Kudos
yuanlinios
Contributor
Contributor
‎11-19-2018 07:40 AM
Jump to solution

I was too impatient... Found the solution from official document

Repoint vCenter Server with Embedded Platform Services Controller to Another vCenter Server with Emb...

Work like a charm

VCIX6-DCV/NV, RHCA, CCIE www.linkedin.com/in/yuanlinios
0 Kudos
iforbes
Hot Shot
Hot Shot
‎03-27-2019 08:56 AM
Jump to solution

The doc is a little confusing. I simply have a VCSA at site 2 (with embedded PSC) in vsphere.local. I want to repoint this VCSA to site 1 SSO domain (also called vsphere.local - but a separate SSO domain from site 2). What are the precise steps to achieve this repoint?

Thanks

0 Kudos
ziansong
Contributor
Contributor
‎07-01-2019 12:37 AM
Jump to solution

Can you provide specific steps for your operation? Because your correct answer is to merge two different domains.

0 Kudos