Deactivating Enhanced Linked Mode (ELM) in vCenter 9.0 (VVF)
search cancel

Deactivating Enhanced Linked Mode (ELM) in vCenter 9.0 (VVF)

book

Article ID: 427530

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • Administrators need to separate a vCenter Server instance from an existing Enhanced Linked Mode (ELM) group.

  • The environment requires migration to the new vCenter Linking architecture supported in vCenter 9.0.

  • An upgraded vCenter 9.0 node displays replication errors or "stale" partners from a legacy SSO domain.

  • There is a business requirement to isolate the Single Sign-On (SSO) domain for security or licensing boundaries.

 

Environment

VVF 9.x

Cause

In vCenter 9.0, the legacy Enhanced Linked Mode (ELM) which relies on a shared SSO domain and continuous replication is being deprecated in favor of vCenter Linking (sometimes referred to as "Mixed Mode" or "Identity Broker" integration).

When upgrading from vCenter 8.0 to 9.0, the existing ELM configuration persists. To utilize the new, loosely coupled vCenter Linking architecture, or to simply isolate a site, the legacy SSO replication agreement must be manually broken using the cmsso-util command-line utility.

Resolution

Note: This is a preparatory step and requires downtime.

  1. Take offline snapshot of vCenter VMs which are in ELM
  2. SSH to any vCenter in ELM.
  3. Run configuration pre-checks and fix any issues.

    Run cmsso-util break-elm --mode pre-check --password <administrator user_password>.

  4. Fix any issues reported by the pre-check.

    Output of break-elm precheck when successful:

    Command: cmsso-util break-elm --mode pre-check --password <administrator user_password>'

    Output: Mode: pre-check This operation might take a few minutes to complete.
    [Pre-check] Invoking Break ELM topology workflow...
    [Pre-check] Fetch the peer nodes details...
    [Pre-check] Executing break ELM on local node...    
    [Pre-check] Executing break ELM on all peer nodes...
    Break ELM pre-checks completed successfully.

  5. Deactivate Enhanced Link Mode.

    Run cmsso-util break-elm --mode execute --password <administrator_password>.

  6. Log out from the vSphere Client and log in again for the changes to take effect.

Additional Information

For reference - Deactivate Enhanced Link Mode from vCenter Using the cmsso-util break-elm Utililty

Powered by Wolken Software