Hi guys, I am trying to understand the different SSO options and also get a better feel for best practices for installing it. As you're all aware, there are three options: vCenter Single Sign-on for your first vCenter Server vCenter Single Sign-On for an additional vCenter Server in an existing site vCenter Single Sign-On for an additional vCenter Server with a new site I have the following questions: 1.  If I having existing vCenter servers running 5.5 on Windows Server 2008 R2, but I want to remove them and replace them with vCenters running Windows 2012 R2, should I select option 1 when installing the new vCenters?  Or, can I Select option 2, then decommission the previous vCenter Server running SSO at a later time? 2.  Is the first Single Sign-on Server special in any way?  Is it like a "Primary" SSO server since it was the first one installed?  Do I need to take special precaution when installing it? 3.  Finally, what is the best practice when installing a second vCenter in a DR site?  I believe the most logical SSO installation method would be installing vCenter Single Sign-On for an additional vCenter Server with a new site in the DR site rather than vCenter Single Sign-On for an additional vCenter Server in an existing site.  My thinking on this is that if the protected site falls down, there should be nothing at all linking the two sites, therefore the DR site should have its own SSO server, and that server should be in a new site.  But is this accurate?  Can I install using "vCenter Single Sign-On for an additional vCenter Server in an existing site" without creating any dependencies between the two sites? I know there are a lot of articles out there about SSO, but I'm still really unclear about these specific scenarios, any help would be appreciated. Thanks, Duncan.