VMware Cloud Community
pawarkp
Contributor
Contributor
‎06-28-2018 04:21 AM

Change SSO Domain post install of vCenter 6.5

Hi,

We have successfully installed vCenter 6.5 appliance SSO with our internal AD domain "stlcoe.local" insted of vsphere.local. Post installation we have tried to add domain users or group in VC but unable to do so.

To troubleshoot this issue further we have trying to add Active Directory domain in identity source but we are getting below error since the domain name is already available.

Is there any workaround available to change the default SSO  or we need to install vcenter again ?

=====================================

The "Add identity source" operation failed for the entity with the following error message.

Either the supplied name or alias is already associated with another domain, or an identity source with same name already exists.

====================================

Thanks in Advance...

Regards,

KP

10 Replies
diegodco31
Leadership
Leadership
‎06-28-2018 11:31 AM

Hi

To add AD follow these steps:

Join the vCenter Server Appliance to an Active Directory Domain

If you can not. You could attach image from the configuration screens.

Diego Oliveira

LinkedIn: http://www.linkedin.com/in/dcodiego

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego
0 Kudos
pawarkp
Contributor
Contributor
‎06-28-2018 10:14 PM

Hi Diego,

Thanks for the information.

We have tried given steps but the issue is the domain name specified at the time of installation is "stlcoe.local" which is default domain under VC identity source.This default domain is not a active directory Type identity source.

Since the domain name is already available it won't allow to add the Active directory type identity source with same domain name (stlcoe.local).

The other resolution which i got from few blogs is re-install VC is the only option.

Screenshot for your ref.

pastedImage_0.png

Regards,

KP

0 Kudos
Devi94
Hot Shot
Hot Shot
‎06-28-2018 10:41 PM

I believe you are running on embedded psc. I dont see any other option other than redeploying complete appliance. If it is external psc, you can unregister from sso and register to new psc.

0 Kudos
diegodco31
Leadership
Leadership
‎06-29-2018 04:25 AM

To understand better, your Active Directory domain is stlocoe.local? During the installation of vcenter was the local domain configured with the name stlcoe.local?

If is true, i recommend reinstalling vCenter with the default (vsphere.local) local domain and then configuring vCenter integration with AD.

I recommend reinstalling vCenter to does not trash, follow steps for integration:

https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.vcsa.doc/GUID-08EA2F92-78A7-4EFF-88...

The last attempt:

https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.psc.doc/GUID-98B36135-CDC1-435C-8F27-5E0D01...

B) Active Directory as a LDAP Server

https://www.virten.net/2017/01/how-to-add-ad-authentication-in-vcenter-6-5/

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego
0 Kudos
daphnissov
Immortal
Immortal
‎06-29-2018 04:42 AM

Then you have deployed vCenter incorrectly. If you've changed the internal SSO domain from vSphere.local to be the same name as your AD name, you cannot add users from that external domain now. Your only solution is to delete and redeploy vCSA and leave vSphere.local the default. You can then add your external AD as a source.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
pawarkp
Contributor
Contributor
‎06-29-2018 05:41 AM

Thank you all for the resolution.

Means Re-deploy vCSA is the only option.:smileylaugh:

Regards,

KP

0 Kudos
daphnissov
Immortal
Immortal
‎06-29-2018 05:56 AM

Yes, redeploy is your only option. Don't change the default SSO domain unless you know exactly what you're doing (and have a good reason for doing so).

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
hkotak
Contributor
Contributor
‎12-25-2018 12:29 AM

I have made the similar mistake of using the same name. Unfortunately this vcenter is running for couple of months and has lot of configuration. Is it possible to backup/restore this to new vcenter? Everything except SSO?

0 Kudos
daphnissov
Immortal
Immortal
‎12-25-2018 04:37 AM

Essentially no.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
diegodco31
Leadership
Leadership
‎12-25-2018 06:47 AM

Hi

Your only option is redeploy.

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego
0 Kudos