VMware Cloud Community
rafskr
Enthusiast
Enthusiast

Move Web Client 5.1 to different SSO - upgrade path to vSphere 6

Hi,

I'm following VMware KB: Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components

I have tested this on vSphere 5.5 and works fine.

Now i testing version 5.1 which will be upgraded to vSphere 6. So i have created separate SSO server and i have moved vCenter 5.1 to this new SSO 5.1. Everything worked fine. vSphere client show the inventory.

I do have small problem with Web Client. Please see attached.

vcenter01.example.com  - 5.1 version. Local SSO instance was already removed. vSphere Client logs in by using SSO vcenter6-sso.example.com

vcenter6.example.com - main vCenter5.1 with connected SSO vcenter6-sso.example.com

Result of ssolsclie listServices

Intializing registration provider...

Getting SSL certificates for https://vcenter6-sso.example.com:7444/lookupservice/sdk

Getting SSL certificates for https://vcenter6-sso.example.com:7444/sso-adminserver/sdk

Anonymous execution

Found 7 services.

Service 1

-----------

serviceId={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}:2

serviceName=The security token service interface of the SSO server

type=urn:sso:sts

endpoints={[url=https://vcenter6-sso.example.com:7444/ims/STSService?wsdl,protocol=wsTrust]}

version=1.0

description=The security token service interface of the SSO server

ownerId=<null>

productId=<null>

viSite={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}

Service 2

-----------

serviceId={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}:6

serviceName=VMware Log Browser

type=urn:logbrowser:logbrowser

endpoints={[url=https://vcenter6.example.com:12443/vmwb/logbrowser,protocol=unknown],[url=https://vcenter6.example.c...]}

version=2.1.0.1063474

description=Enables browsing vSphere log files within the VMware Web Client

ownerId=WebClient_2015.04.12_213424

productId=<null>

viSite={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}

Service 3

-----------

serviceId={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}:1

serviceName=The administrative interface of the SSO server

type=urn:sso:admin

endpoints={[url=https://vcenter6-sso.example.com:7444/sso-adminserver/sdk,protocol=vmomi]}

version=1.0

description=The administrative interface of the SSO server

ownerId=<null>

productId=<null>

viSite={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}

Service 4

-----------

serviceId={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}:12

serviceName=vCenterService

type=urn:vc

endpoints={[url=https://vcenter01.example.com:443/sdk,protocol=vmomi]}

version=5.1

description=vCenter Server

ownerId=vCenterServer_2015.04.06_202908@System-Domain

productId=<null>

viSite={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}

Service 5

-----------

serviceId={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}:7

serviceName=VMware vSphere Web Client

type=urn:com.vmware.vsphere.client

endpoints={[url=https://vcenter6.example.com:9443/vsphere-client,protocol=vmomi]}

version=5.1

description=VMware vSphere Web Client Service

ownerId=WebClient_2015.04.12_213424

productId=<null>

viSite={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}

Service 6

-----------

serviceId={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}:3

serviceName=The group check interface of the SSO server

type=urn:sso:groupcheck

endpoints={[url=https://vcenter6-sso.example.com:7444/sso-adminserver/sdk,protocol=vmomi]}

version=1.0

description=The group check interface of the SSO server

ownerId=<null>

productId=<null>

viSite={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}

Service 7

-----------

serviceId={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}:10

serviceName=vCenterService

type=urn:vc

endpoints={[url=https://vcenter6.example.com:443/sdk,protocol=vmomi]}

version=5.1

description=vCenter Server

ownerId=vCenterServer_2015.04.12_214641@System-Domain

productId=<null>

viSite={6E2EAF31-C52A-4AF8-BB6F-BD0757FFA8C6}

Return code is: Success

0

Thanks in advance.

Tags (2)
Reply
0 Kudos
3 Replies
rafskr
Enthusiast
Enthusiast

Anybody have experience with this?

I have many vCenter Servers with 5.1 and 5.5. Deal here is to create new SSO 5.1 server and repoint vCenters 5.1 to this new SSO.

But when i'm follwing KB and have to repoint WebClient i have error with ServiceID

Then if i will manage this i will probably upgrade all vCenter 5.1 and new SSO 5.1 to vSphere 5.5. Repoint remaining vCenter5.5 to newly upgraded SSO. Uninstall local SSO from vCenters 5.5 and upgrade SSO5.5 to PSC and then all vCenters to version 6.

I have checked this procedure for 5.5 and it's working ok. I have all vCenter visible from WebClient 6.

Reply
0 Kudos
rafskr
Enthusiast
Enthusiast

Since nobody has replied i continued messing...

Even though Web Client was down i have upgraded vCenter 5.1 to 5.5. During the upgrade for Web Client 5.5 i have selected also new SSO server, which is vcenter6-sso.example.com But still some customer could take some time to upgrade vCenter 5.1, would be nice to know how to fix the error.

So i had:

vcenter6-sso.example.com - 5.1

vcenter6.example.com - 5.1 with working WebClient, SSO vcenter6-sso.example.com

vcenter01.example.com - 5.1, SSO was uninstalled. Repoint was set for vcenter6-sso.example.com. Web Client couldn't connect

vcenter02.example.com - 5.5 with local SSO

1. upgrade vcenter6-sso-example.com to 5.5

2. upgrade vcenter6.example.com to 5.5

3. upgrade vcenter01.example.com to 5.5 - this fixes Web Client

Now two vCenters 5.5 will be visible from Web Client.

4. repoint vcenter02.example.com to SSO vcenter6-sso.example.com

5. uninstall local SSO for vcenter02, reboot

6. vClient works ok, but small error with Web Client and Inventory Service, run is-change-sso.bat

connectivity to Web Client restored

all vCenter are now 5.5 and visible from Web Client with external SSO

9. upgrade vcenter6-sso.example.com to 6

10. upgrade 3 vCenter 55 to 6.0

from image you can see that all vCenter  are with external SSO

Reply
0 Kudos
PramodKhalate
Enthusiast
Enthusiast

Hello

I am facing same issue while re-pointing Web client on different SSO Server.

Anyone faced same type of issue.

Any help will be greatly appreciated.

Thanks

Pramod

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
Reply
0 Kudos