Migrating embedded VC & VC with external SSO in same SSO domain
search cancel

Migrating embedded VC & VC with external SSO in same SSO domain

book

Article ID: 345478

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

When all VMware vCenter Server 5.1/5.5 components are installed on the same machine, the VMware vCenter Single Sign-On 5.1/5.5 deployment type is embedded.
 
When you upgrade to VMware vSphere 6.0, several configurations of VMware vSphere 5.1/5.5 are upgraded to topologies that have been deprecated.
 
For example, an embedded VMware vCenter Single Sign-On VMware vCenter Server with an additional external VMware vCenter Single Sign-On node in the same VMware vCenter Single Sign-On domain is upgraded to an Embedded Platform Services Controller with an External Platform Services Controller in VMware vSphere 6.0:
 
 
This topology is not recommended by VMware. For more information on deprecated topologies for VMware vSphere 6.0, see the Deprecated topologies section in List of recommended topologies for VMware vSphere 6.0.x (2108548).
 
This article provides the steps to migrate your existing VMware vCenter Server deployment to use an external deployment of VMware vCenter Single Sign-On.


Environment

VMware vCenter Server 6.0.x
VMware vCenter Server 5.5.x
VMware vCenter Server 5.1.x

Resolution

Note: This article is a part of a resolution path. For more information, see Migrating embedded VMware vCenter Single Sign-On to an external VMware vCenter Single Sign-On deployment (2125119).

This article consists of these steps to migrate your existing VMware vSphere 5.1/5.5 deployment to a recommended topology for VMware vSphere 6.0:
  1. Document the existing VMware vCenter Single Sign-On permissions used within your VMware vCenter Single Sign-On domain
  2. Deploy a new VMware vCenter Single Sign-On machine for VMware vCenter Server on machine A
  3. Deploy a second VMware vCenter Single Sign-On machine for VMware vCenter Server on machine C
  4. Repoint the VMware vSphere Web Client on machine A and machine B to their corresponding VMware vCenter Single Sign-On deployments
  5. Repoint the VMware vCenter Inventory Service on machine A and machine B to their corresponding VMware vCenter Single Sign-On deployments
  6. Repoint the VMware vCenter Server on machine A and machine B to their corresponding VMware vCenter Single Sign-On deployments
  7. Remove VMware vCenter Single Sign-On installed on machine A
  8. Decommission machine B from the environment
  9. Upgrade VMware vCenter Single Sign-On to an External Platform Services Controller
  10. Upgrade VMware vCenter Server 5.1/5.5 on machine A and C to VMware vCenter Server 6.0

Document the existing VMware vCenter Single Sign-On permissions used within your VMware vCenter Single Sign-On domain

Before migrating, document any custom settings configured for VMware vCenter Single Sign-On using the VMware vSphere Web Client.

Custom settings include, but are not limited to:
  • Identity Sources
  • Password Policies
  • Lockout Policies
  • Token Policies
  • Single Sign-On Users and Groups added after install
For more information, see the Configuring vCenter Single Sign-On section in the vSphere Security Guide.

Deploy a new VMware vCenter Single Sign-On machine for VMware vCenter Server on machine A

To deploy a new VMware vCenter Single Sign-On machine:

  1. Deploy a new Microsoft Windows Server on a physical or virtual machine that meets the software and hardware requirements for your version of VMware vCenter Single Sign-On.

    For more information, see Installing vCenter Server 5.1 best practices (2021202) and Installing vCenter Server 5.5 best practices (2052334).

  2. Download and mount the installation media for the current version and build of VMware vCenter Server that is currently deployed in your environment.
  3. Install VMware vCenter Single Sign-On.
Note: When prompted, create a new VMware vCenter Single Sign-On domain. Do not join another VMware vCenter Single Sign-On domain or instance.

Deploy a second VMware vCenter Single Sign-On machine for VMware vCenter Server on machine C

To deploy an additional VMware vCenter Single Sign-On machine:
  1. Deploy a new Microsoft Winfows Server on a physical or virtual machine that meets the software and hardware requirements for your version of VMware vCenter Single Sign-On.

    For more information, see Installing vCenter Server 5.1 best practices (2021202) and Installing vCenter Server 5.5 best practices (2052334).

  2. Download and mount the installation media for the current version and build of VMware vCenter Server that is currently deployed in your environment.
  3. Install VMware vCenter Single Sign-On.

    When prompted:

    1. Select the deployment mode Multisite.
    2. Enter the information to point to the partner VMware vCenter Single Sign-On node installed in the previous step, Deploy a new VMware vCenter Single Sign-On machine for VMware vCenter Server on machine A.

      1. Enter the partner host name.

        The partner host name is the IP address or DNS name of the existing VMware vCenter Single Sign-On server to replicate from.

      2. Enter the password for the VMware vCenter Single Sign-On administrator account of the existing VMware vCenter Single Sign-On server.

    3. Review and accept the partner certificate.
    4. Enter the new site name.
    5. Accept or change the HTTPS port for VMware vCenter Single Sign-On.
    6. Accept or change the default VMware vCenter Single Sign-On installation folder.
    7. Review the installation options and click Install.

Repoint the VMware vSphere Web Client on machine A and machine B to their corresponding VMware vCenter Single Sign-On deployments

To repoint the VMware vSphere Web Client to the new VMware vCenter Single Sign-On deployment:
  1. Log in as an administrative user to each VMware vCenter Server machine with the VMware vSphere Web Client installed.
  2. Repoint the VMware vSphere Web Client to its corresponding VMware vCenter Single Sign-On deployment.

    For more information, see the Register the vSphere Web Client with a different vCenter Single Sign-On instance section in Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components (2033620).

  3. Configure and replicate the information obtained from the Document the existing VMware vCenter Single Sign-On permissions used within your VMware vCenter Single Sign-On domain section to the new VMware vCenter Single Sign-On deployment.

Repoint the VMware vCenter Inventory Service on machine A and machine B to their corresponding VMware vCenter Single Sign-On deployments

To repoint VMware vCenter Inventory Service to the new VMware vCenter Single Sign-On deployment:
  1. Log in as an administrative user to each VMware vCenter Server machine with the VMware vSphere Web Client installed.
  2. Repoint the VMware vCenter Inventory Service to its corresponding VMware vCenter Single Sign-On deployment.

    For more information, see the Re-register vCenter Inventory Service with vCenter Single Sign-On section in Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components (2033620).

Repoint the VMware vCenter Server on machine A and machine B to their corresponding VMware vCenter Single Sign-On deployments

To repoint VMware vCenter Server to the new VMware vCenter Single Sign-On deployments:
  1. Log on as an administrative user to each VMware vCenter Server machine.
  2. Repoint VMware vCenter Server to its corresponding VMware vCenter Single Sign-On deployment.

    For more information, see the Reregister vCenter Server with a different vCenter Single Sign-On instance section in Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components (2033620).

Remove VMware vCenter Single Sign-On installed on machine A

To uninstall VMware vCenter Single Sign-On on machine A:
  1. Log on as an administrative user to machine A.
  2. Click Start > Control Panel.
  3. Under Programs, select Uninstall a program.
  4. Select VMware Single Sign-On and click Uninstall.

Decommission machine B from the environment

After repointing and reregistering all VMware vSphere services on machine C to the new VMware vCenter Single Sign-On deployment, machine B may be safely powered down.

VMware recommends verifying that no other VMware components or services depend on machine B. You may test this by testing the functionality of each VMware component in your environment with machine B in a powered down state.

After confirming that all services are functioning and no longer depend on machine B, VMware vCenter Single Sign-On may be removed from machine B and the machine may be repurposed or deleted from the environment.

Upgrade both instances of VMware vCenter Single Sign-On to an External Platform Services Controller

To upgrade the new VMware vCenter Single Sign-On deployment to an External Platform Services Controller, see Upgrading VMware vCenter Single Sign-On 5.5 to a VMware vCenter Server 6.0 Platform Services Controller 6.0 (2109560).

Upgrade VMware vCenter Server 5.1/5.5 on machine A and C to VMware vCenter Server 6.0

To upgrade VMware vCenter Server 5.1/5.5 to VMware vCenter Server 6.0, see Upgrading VMware vCenter Server 5.5 to vCenter Server 6.0 with an external Platform Services Controller (2109562).


Additional Information

Installing vCenter Server 5.1 best practices
How to repoint and re-register vCenter Server 5.1 / 5.5 and components
Installing vCenter Server 5.5 best practices
List of recommended topologies for VMware vSphere 6.0
Upgrading VMware vCenter Single Sign-On 5.5 to a VMware vCenter Server 6.0 Platform Services Controller 6.0
Upgrading VMware vCenter Server 5.5 to vCenter Server 6.0 with an external Platform Services Controller
Migrating embedded VMware vCenter Single Sign-On to an external VMware vCenter Single Sign-On deployment
迁移在同一 VMware vCenter Single Sign-On 域中具有其他外部 VMware vCenter Single Sign-On 节点的 VMware vCenter Single Sign-On 嵌入式 VMware vCenter Server 节点
同じ VMware vCenter Single Sign-On ドメインの追加の外部 VMware vCenter Single Sign-On ノードを持つ 1 つの VMware vCenter Single Sign-On 組み込み VMware vCenter Server ノードの移行

Powered by Wolken Software