8.0
Table Of Contents
- vCenter Server Installation and Setup
- Contents
- About vCenter Server Installation and Setup
- Introduction to vSphere Installation and Setup
- Deploying the vCenter Server Appliance
- File-Based Backup and Restore of vCenter Server
- Image-Based Backup and Restore of a vCenter Server Environment
- After You Deploy the vCenter Server Appliance
- Log In to vCenter Server by Using the vSphere Client
- Install the VMware Enhanced Authentication Plug-in
- Repoint vCenter Server to Another vCenter Server in a Different Domain
- Repoint a Single vCenter Server Node to an Existing Domain without a Replication Partner
- Repoint a vCenter Server Node to an Existing Domain with a Replication Partner
- Repoint a vCenter Server Node to a New Domain
- Syntax of the Domain Repoint Command
- Understanding Tagging and Authorization Conflicts
- vCenter Server Domain Repoint License Considerations
- Troubleshooting vCenter Server Installation or Deployment
What Happened to the Platform Services Controller
Beginning in vSphere 7.0, deploying a new vCenter Server or upgrading to vCenter Server 7.0
requires the use of the vCenter Server appliance, a preconfigured virtual machine optimized for
running vCenter Server. The new vCenter Server contains all Platform Services Controller services,
preserving the functionality and workflows, including authentication, certificate management, tags,
and licensing. It is no longer necessary nor possible to deploy and use an external Platform
Services Controller. All Platform Services Controller services are consolidated into vCenter Server,
and deployment and administration are simplified.
As these services are now part of vCenter Server, they are no longer described as a part of
Platform Services Controller. In vSphere 7.0, the
vSphere Authentication
publication replaces the
Platform Services Controller Administration
publication. The new publication contains complete
information about authentication and certificate management. For information about upgrading
or migrating from vSphere 6.5 and 6.7 deployments using an existing external Platform
Services Controller to vSphere 7.0 using vCenter Server appliance, see the
vSphere Upgrade
documentation.
Authentication Services
vCenter Single Sign-On
The vCenter Single Sign-On authentication service provides secure authentication services to
the vSphere software components. By using vCenter Single Sign-On, the vSphere components
communicate with each other through a secure token exchange mechanism, instead of
requiring each component to authenticate a user separately with a directory service like Active
Directory.
vCenter Single Sign-On can authenticate users through:
n External identity provider federation
You can configure vCenter Server for an external identity provider using federated
authentication. In such a configuration, you replace vCenter Server as the identity
provider. Currently, vSphere supports Active Directory Federation Services (AD FS) as the
external identity provider. In this configuration, AD FS interacts with the identity sources
on behalf ofvCenter Server.
n vCenter Server built-in identity provider
vCenter Server includes a built-in identity provider. By default, vCenter Server uses the
vsphere.local domain as the identity source (but you can change it during installation). You
can configure the vCenter Server built-in identity provider to use Active Directory (AD) as
its identity source using LDAP/S, OpenLDAP/S, and Integrated Windows Authentication
(IWA). Such configurations allow customers to log in to vCenter Server using their AD
accounts.
Authenticated users can then be assigned registered solution-based permissions or roles
within a vSphere environment.
vCenter Server Installation and Setup
VMware, Inc. 9