vCenter Single Sign-On deployment modes for vSphere 5.5
search cancel

vCenter Single Sign-On deployment modes for vSphere 5.5

book

Article ID: 305699

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

The articles provides information on the different deployment modes for vCenter Single Sign-On (SSO), the authentication service of vCenter Server for the vSphere 5.5 suite. During installation of vCenter Single Sign-On, the deployment mode selected via the installer can dictate the overall function of vCenter Single Sign-On and, by proxy, vCenter Server.

The available deployment modes for vCenter Single Sign-On are:

For vSphere 5.5GA to vSphere 5.5 Update 1b:
  • vCenter Single Sign-On for your first vCenter Server
  • vCenter Single Sign-On for an additional vCenter Server in an existing site (formerly HA Cluster)
  • vCenter Single Sign-On for an additional vCenter Server with a new site (formerly Multisite)
For vSphere 5.5 Update 2 and onward:
  • Standalone vCenter Single Sign-On Server
  • High availability
  • Multisite
Note: After installation, the vSphere Web Client does not indicate the mode in which the site has been installed. For steps on determining the vCenter Single Sign-On deployment mode, see Identifying VMware vCenter Single Sign-On server deployment mode (2035817).

Environment

VMware vCenter Server 5.5.x

Resolution

Explanation of deployment modes

  • vCenter Single Sign-On for your first vCenter Server | vSphere 5.5 GA to vSphere 5.5 Update 1b
  • Standalone vCenter Single Sign-On Server | vSphere 5.5 Update 2 and onward

    This option configures the first instance of the vCenter Single Sign-On server that can participate in the default Single Sign-On Domain (vSphere.local). A primary Single Sign-On server supports the connectivity of Active Directory, OpenLDAP, Local Operating System users, and Single Sign-On embedded users and groups.

    This is the default deployment mode when using the Simple Install method of implementing vSphere 5.5. This is also the mode you should use when deploying your first vSphere 5.5 instance if installing individual components.

  • vCenter Single Sign-On for an additional vCenter Server in an existing</u> site | vSphere 5.5 GA to vSphere 5.5 Update 1b
  • High Availability | vSphere 5.5 Update 2 and onward

    This option installs an additional vCenter Single Sign-On server in the same logical site. Data is replicated from the first vCenter Single Sign-On server (installed using the first option) to subsequent nodes installed using this option.

    vCenter Single Sign-On does not automatically load balance nor does it automatically failover over using this deployment mode; a third-party load balancer is required for this form of availability. When this deployment mode is used and a third-party load balancer is <u style="font-weight: normal;">not</u> configured, a service dependency on the first vCenter Single Sign-On server exists, and any failure of that vCenter Single Sign-On server can cause all vCenter Servers to fail to start, as well as experience failures of authentication.

    This mode must be used only after the first vCenter Single Sign-On server is deployed using the vCenter Single Sign-On for your first vCenter Server or Standalone vCenter Single Sign-On Server option, depending on your vSphere 5.5 release version.

  • vCenter Single Sign-On for an additional vCenter Server with a new</u> site | vSphere 5.5 GA to vSphere 5.5 Update 1b
  • Multisite | vSphere 5.5 Update 2 and onward

    This option installs an additional vCenter Single Sign-On server in a new logical site. When vCenter Single Sign-On servers are created using this option, they will all be members of the same vSphere.local authentication domain.

    As an improvement over vSphere 5.1, Single Sign-On data (policies, solution/application users, identity sources) is now automatically replicated between each vCenter Single Sign-On server in the same vSphere.local authentication domain every 30 seconds.

    This mode must be used only after the first vCenter Single Sign-On server is deployed using the vCenter Single Sign-On for your first vCenter Server or Standalone vCenter Single Sign-On Server option, depending on your vSphere 5.5 release version.

    Important: VMware recommends this deployment mode when installing any additional vCenter Single Sign-On servers in your environment.


Additional Information

For deployment modes of vSphere 5.1, see Explanation of vCenter Single Sign-On Deployment Modes for vSphere 5.1 (2072442).

For related information, see vCenter Single Sign-On 5.5 FAQs (2057799).

Identifying VMware vCenter Single Sign-On server deployment mode
VMware vCenter Single Sign-On Server 5.5 FAQs
VMware vCenter Server 5.1 Single Sign-On deployment modes for VMware vSphere 5.1 client
vSphere 5.5 での vCenter Single Sign-On のデプロイモードについて