What is vCenter Single Sign-On and how it affects vCenter Server
Introduced in vSphere 5.1, vCenter Single Sign-On (SSO) is the identity and authentication managing component for your vSphere 5.5 implementation. This authentication component makes the VMware Cloud Infrastructure Platform more secure by allowing the vSphere software components to communicate with each other through a secure token service (STS) that facilitates the exchange of authentication information. This offloads the authentication requests from both the local operating system users and Microsoft Active Directory users, previously handled by vCenter Server to SSO. SSO now handles all of the token requests and admission. Thus, vCenter Server only needs to handle the environmental permissions while accepting the secure tokens from SSO. For more information about vCenter Single-Sign On, see:
Further, with the use of SSO, you now have the capability to add OpenLDAP users to your vCenter Server 5.5 with the correct identity source configuration. With the ability to use Active Directory and OpenLDAP users for authentication, the use of local operating system users become far less necessary.Note
: If the machine on which you are installing vCenter Server 5.5 already has vCenter Server installed, consider upgrading rather than performing a fresh installation of vCenter Server. To keep your existing vCenter Server configuration by performing an upgrade, see:
Installation options for new vCenter Server implementations
vSphere 5.5 provides two methods to install vCenter Server:
- Simple Install - Installs all of the vSphere 5.5 components on a single system
- Custom Component Install - Installs all vSphere components separately by allowing you to choose the location of each service in your environment
The Simple Install method installs vCenter Single Sign-On, vSphere Web Client, Inventory Service, and finally vCenter Server all on the same system and is often recommend for small deployments of vSphere 5.5.Custom Component Install
Custom Component Install follows the same order as the Simple Install method: vCenter Single Sign-On, vSphere Web Client, vCenter Inventory Service, and vCenter Server. However, each component can be installed on a different system within the environment to allow for resource optimization and performance tuning for each vSphere component. This is often recommended for medium to large deployment of vSphere 5.5.
For more information, see the Hardware Requirements for vCenter Server, the vSphere Web Client, vCenter Inventory Service, and vCenter Single Sign-On
section in the vSphere Installation and Setup Guide
After the first installation of SSO is configured for your environment, you can connect multiple vCenter Servers to the same SSO instance using the Custom Component Install method. Subsequent installations of vCenter Server do not need their own SSO and a single SSO instance can service your entire vSphere environment. However, each instance of vCenter Server does require its own vCenter Inventory Service instance.
Installing vCenter Server using the Simple Install method
For more information on setting up your environment using the Simple Install Method, see Installing vCenter Server 5.5 on a Microsoft Windows platform using the Simple Install method (2058224)
Installing using the Custom Component Install method
To install vCenter Server components separately using the Custom Component Install method:
- Install vCenter Server Single Sign-On.
For more information, see Installing vCenter Single Sign-On 5.5 on a Microsoft Windows platform (2058239).
- Install the vSphere Web Client.
For more information, see Installing the vSphere 5.5 Web Client on a Microsoft Windows platform (2058262).
- Install the vCenter Inventory Service.
For more information, see Installing vCenter Inventory Service 5.5 on a Microsoft Windows Platform (2058269).
- Install vCenter Server.
For more information, see Installing vCenter Server 5.5 on a Microsoft Windows platform (2058274).