An instance of vCenter Single Sign On runs on the vCenter Server Appliance. By default, vCenter Server uses the embedded Single Sign On instance, but you can change this configuration by pointing to an external instance of Single Sign On running on another system. Multiple instances of vCenter Server can point to the same instance of Single Sign On.

Before you make changes to the Single Sign On configuration, you must stop the vCenter Server service on the Summary tab of the vCenter Server Appliance Web console.

1

Log in to the VMware vCenter Server Appliance Web console.

2

On the vCenter Server tab, click SSO.

3

Select the deployment type external.

4

Type the user name and password of a user with administrator privileges on the external instance of Single Sign On.

This user is the Single Sign On administrator user (typically admin@System-Domain for a Single Sign On instance running on WIndows and root@localos for a Single Sign On instance running on another vCenter Server Appliance).

5

Type the name of the user or group who is the administrator of the vCenter Server system.

The user or group must exist on the external instance of Single Sign On.

6

Type the URL of the Lookup Service for the target instance of vCenter Single Sign On.

The format is typically https://external SSO IP or host name:7444/lookupservice/sdk, where 7444 is the default HTTPS port for vCenter Single Sign On.

7

Click the Accept Certificate check box.

8

Click Test Settings.

9

Click Save Settings.

The instance of vCenter Server, the Inventory Service, and the vSphere Web Client are registered with the external instances of Single Sign On and the Lookup Service.

Start the vCenter Server service.