Create or upgrade the first node in a vCenter Single Sign-On installation for high availability.

You can upgrade vCenter Single Sign-On in a high availability installation without taking all vCenter Single Sign-On nodes offline at the same time. While the first Single Sign-On node is being upgraded, the load balancer will redirect all requests to the second node. After the first node is successfully upgraded, you can upgrade the second node.

vCenter Server can continue running while you upgrade vCenter Single Sign-On. Logged in users can continue accessing vCenter Server and related solutions that are connected to vCenter Single Sign-On during the upgrade. However, vCenter Server, the vSphere Web Client, and vCenter Inventory Service cannot be started while the first Single Sign-On node is offline.

Note

vCenter Server 5.1 supports connection between vCenter Server and vCenter Server components by IP address only if the IP address is IPV4-compliant. To connect to a vCenter Server system in an IPv6 environment, you must use the fully qualified domain name (FQDN) or host name of the vCenter Server. The best practice is to use the FQDN, which works in all cases, instead of the IP address, which can change if assigned by DHCP.

For more information about vCenter Single Sign-On, see How vCenter Single Sign On Affects vCenter Server Installation and Upgrades and the vSphere Security documentation.

Review Prerequisites for the vCenter Server Upgrade.

1

In the software installer directory, double-click the autorun.exe file to start the installer.

2

Select  vCenter Single Sign-On and click Install.

3

Follow the prompts in the installation wizard to choose the installer language, and agree to the end user patent and license agreements.

4

If you are installing a new instance of Single Sign-On, proceed to step 5. If you are upgrading an existing installation of Single Sign-On, take the following steps:

a

Enter the password for the Single Sign-On administrator account.

b

(Optional) If you use a Microsoft SQL Server Single Sign-On database, select whether to set a Microsoft SQL instance with a dynamic port.

To enable the dynamic port feature for an external Single Sign-On SQL Server database, you must enable the feature SQL Server Browser on startup for the external SQL Server during the SQL Server installation, or enable it after SQL Server is installed. If the SQL Server Browser feature is not enabled, Single Sign-On cannot connect to the external database with the instance name.

c

Enter the Microsoft SQL Server instance name for the dynamic port.

d

Proceed to Step 17.

5

Select Create the primary node for a new Single Sign-On installation.

6

Select the Single Sign-On type, Create the primary node for a new Single Sign-On installation.

7

Set the password for the vCenter Single Sign-On administrator account.

The password must have at least eight characters, at least one lowercase character, one uppercase character, one number, and one special character. The following characters are not supported in passwords: non-ASCII characters, semicolon (;), double quotation mark ("), single quotation mark ('), circumflex (^), and backslash (\). Passwords must comply with Windows Group Policy Object (GPO) password policy.

8

Select the database type for vCenter Single Sign-On.

a

If you are using the bundled Microsoft SQL Server 2008 R2 Express database, enter the passwords for a Single Sign-On database administrator and database user. The installer uses these credentials to create the users in the database.

b

If you are using an existing database, enter the JDBC connection information.

9

If you are using an existing database, to ensure that table space is created for the database, run the script rsaIMSLite<DBName>SetupTablespaces.sql. The script is located at vCenter Server Installation directory\Single Sign On\DBScripts\SSOServer\Schema\your_existing_database.

You can leave the installer to run the script, and resume the installer from this panel.

10

If you are using an existing database for Single Sign On, and you have not already done so, create a database user (RSA_USER) and database administrator (RSA_DBA), by running the script rsaIMSLiteDBNameSetupUsers.sql. The script is included in the vCenter Server installer download package, at vCenter Server Installation directory\Single Sign On\DBScripts\SSOServer\Schema\your_existing_database.

You can leave the installer to run the script, and resume the installer from this panel.

11

If you are using the bundled Microsoft SQL Server 2008 R2 Express database, enter the passwords for a Single Sign-On database administrator and database user. The installer uses these credentials to create the users in the database.

The password must comply with Windows Group Policy Object (GPO) password policies for your local operating system and AD domain. The password must be 32 characters or less. The following characters are not supported in passwords: semicolon (;), double quotation mark ("), single quotation mark ('), circumflex (^), and backslash (\). Passwords must comply with Windows Group Policy Object (GPO) password policy.

12

If you are using an existing database, enter the JDBC connection information.

a

(Optional) If you use a Microsoft SQL Server database for Single Sign-On, select whether to set a Microsoft SQL instance with a dynamic port.

To enable the dynamic port feature for an external Single Sign-On SQL Server database, you must enable the feature SQL Server Browser on startup for the external SQL Server during the SQL Server installation, or enable it after SQL Server is installed. If the SQL Server Browser feature is not enabled, Single Sign-On cannot connect to the external database with the instance name.

b

If you select the option to use a dynamic port, enter the Microsoft SQL Server instance name for the database.

13

Enter the FQDN or IP address for the vCenter Single Sign-On host machine.

14

(Optional) Enter the SSPI service account information.

You can use the default Windows NetworkService account, or enter the account information for an administrator user. This step applies only if you logged in as a domain account user to install Single Sign-On.

15

Select the folder in which to install vCenter Single Sign-On.

The installation path cannot contain any of the following characters: non-ASCII characters, commas (,), periods (.), exclamation points (!), pound signs (#), at signs (@), or percentage signs (%).

16

Accept or change the HTTPS port for vCenter Single Sign-On.

17

Click Install.