When sitting around today thinking about the grand scheme of things for my future state architecture, I was presented with a question from a co-worker about linked-mode.
Does the new 5.1 stuff allow for linked-mode in the appliance?
Knowing the short answer was easy, but explaining how it could be done now with SSO without “linked-mode” spawned a test in my home lab. The test is to have more than one vCenter Server Appliance (VCSA) attached and manageable through the 5.1 vSphere Web Client. In short, the answer is yes, it can be done. Here is how:
You will first need to deploy another VCSA somewhere, in my case it was in my lab where my other VCSA was deployed. Once the deployment of the OVF is done you will want to login to the VAMI by going to https://:5480. Your initial login is, of course, root and the password is vmware.
Once logged in you will be presented with the setup wizard. Accept the wonderful EULA then select custom configuration.
Set your database to either Oracle or embedded based on your design. When presented with the SSO settings select external and enter the corresponding information as requested.
Make sure that you check the Trust SHA-1 thumbprint or the registration of the VCSA with your other VCSA/VC will fail.
Reboot the new VCSA, once all of the services start up you will be able to manage this in the vSphere Web Client…well, at least if you login as root into the webUI. How do you fix this? Easy, the same way you adjust permissions within vCenter. Login to the webUI as root and go to the vCenter Inventory List where you will see all of the vCenter Servers. Select the one you just added and click on Manage in the main screen…set permissions for your ESX Admins group or whatever group you may use…VIOLA! You now have the ability to manage multi-site vCenter Server Appliances. AWESOME!
Hopefully this helps you set this up and if you have any questions/comments/concerns/rants then please feel free to post them in the comments!