In an environment where there are multiple isolated VI workload domains using a shared NSX Manager instance, if you delete the VI workload domain that created the NSX Manager instance, then you need to register the NSX Manager instance with another isolated VI workload domain's Workspace ONE Access.
When two isolated VI workload domains share an NSX Manager instance and you delete the VI workload domain that created the NSX manager instance, the SDDC Manager UI displays the following message:
"Please follow manual guidance instructions to re-register existing NSX as relying party to an isolated WLD that is already connected to an NSX."
VMware Cloud Foundation 5.2
The warning message is displayed after you delete the VI workload domain that created the shared NSX Manager instance.
The following information will be required for the shared NSX Manager:
NSX Manager cluster FQDN
NSX Manager admin login credentials
The following information for the vCenter Server of one of the remaining VI workload domains that shared the NSX Manager instance will be required:
vCenter Server FQDN
vCenter Server root certificate in PEM encoded format
NOTE: The following procedure uses "WLD2" as an example.
Generate the API token needed to register NSX Manager as a relying party to WLD2:
Generate a session id, using the administrator SSO account credentials for the vCenter Server:
Generate a token using the session ID generated in the previous step:
Fill out the following template and save it to a json file:
Run the following curl command for NSX Manager registration as root user from the SDDC Manager Virtual Machine:
To verify the shared NSX Manager is now registered to the new domain, run the following command:
Verify that there is one entry for vcenter-idp-federation, and the oidc_uri contains the vCenter Server FQDN.
Sample output from command: