VMware Cloud Community
unsichtbare
Expert
Expert
‎03-02-2013 12:35 PM

Migrate vCenter SSO from one MS SQL to another

Hi all-

This weekend I am tasked with migrating a vCenter SSO database from one MS SQL Server to another (neither are SQL express, and neither are co-cocated with vCenter itself)

In preparation, I read the KB article: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=203351...

But that leaves me with some significant questions. Does anyone at VMware ever think of providing an example in a KB? (no, that's not the actual question)

In the command:

<ssoserver folder>\utils> ssocli configure-riat -a configure-db --database-host <new database server> --database-port <new database port> -m <master password>

What's "<master password>"? Is it the SQL DBA? Is it the SSO DBA?

And what becomes of the SSO Database User and the SSO DBA? Where do I specify the new SQL user accounts and their passwords?

Part of the reason we are migrating is to increase security and password strength, therefore I will have to change the SSO User and SSO DBA passwords.

Rest assured, when I am successful, I will post an example!

Thanks-

+The Invisible Admin+ If you find me useful, follow my blog: http://johnborhek.com/
0 Kudos
3 Replies
ramkrishna1
Enthusiast
Enthusiast
‎03-02-2013 10:52 PM

Hi

Welcome to the communities.

I would like answer to your below question is that nyou need password for SSO.

What's ""? Is it the SQL DBA? Is it the SSO DBA?

"concentrate the mind on the present moment."
0 Kudos
unsichtbare
Expert
Expert
‎03-04-2013 03:13 PM

Have run the above command successfully, but SSO is still using the old database and when the old database is disconnected, vCenter can not start!

c:\Program Files\VMware\Infrastructure\SSOServer\utils>ssocli configure-riat -a configure-db --database-host MYSQL01 --database-port 1433 -m MyP@ssw0rd
Executing action: 'configure-db'
Updating Database configuration
Generating HA node package
Successfully executed action: 'configure-db'

SSO_is_crap.png

+The Invisible Admin+ If you find me useful, follow my blog: http://johnborhek.com/
0 Kudos
unsichtbare
Expert
Expert
‎03-04-2013 03:51 PM

OK - I gave up and called VMware. I always feel like I am giving up when I call support instead of solving the problem myself; but there's just no documentation out there on moving the SSO database from one location to another!

And the answer is:

  • You must edit the config file located at: C:\Program Files\VMware\Infrastructure\SSOServer\webapps\lookupservice\WEB-INF\classes\config

It is a plain text file of about 5 lines (which contains your SSO DBA Password!) and all that needed to be done was update the name of the database host!

Is it just me, or does SSO seem like a poorly-designed hastily-added feature which is not ready for prime-time? Come on, SQL authentication and passwords stored in plain text! Someone needs to tell VMware that 2001 called and wants its SQL authentication back!

+The Invisible Admin+ If you find me useful, follow my blog: http://johnborhek.com/
0 Kudos