As part of installation, you are prompted to make choices. Understand the complete installation, vCenter Single Sign-On setup, and permission assignment process before you start.

Before installing vCenter Server, consider your environment and requirements to make the following decisions:

  • Decide how to set up vCenter Server services: on a single Windows platform or vCenter Server Appliance, or distributed across multiple Windows hosts or vCenter Server Appliances?

  • Decide whether you want your vSphere deployment to authenticate and give permissions to Active Directory users and groups.

  • Decide whether you want your vSphere deployment to authenticate and give permissions to Open LDAP users and groups.

  • Decide whether to use an embedded or an external vCenter Server database

  • If you have multiple vCenter Servers, decide whether they should be standalone instances or joined in a Linked Mode group.

  • Decide whether your vCenter Server deployment requires high availability protection.

  • Decide whether you will be deploying vSphere across multiple sites.

For guidance in making these decisions, review the sections in Before You Install vCenter Server.

After you verify your hardware and software environment, you can start installation. Your interaction with the installer and with vCenter Single Sign-On is shown in the figure below.

Figure 1. Flowchart of vCenter Installation and User Management Process
When you install vCenter Server, several decision points allow you to select an upgrade path

The interaction proceeds as follows.

  1. You decide whether to install the vCenter components in different locations.

    • For a single location, the process differs if you perform a first installation or you are installing multiple vCenter Server systems at the same location. Continue with step 2.

    • For multiple locations for the different components, you can perform a custom install (step 5) and set up an Active Directory or OpenLDAP identity source.

  2. The installation type you select when you install everything in one location depends on whether this is the first vCenter Server system.

  3. After an installation in one location, local operating system users and the user administrator@vsphere.local can authenticate.

    • If the localos identity source is sufficient, you can log in to vCenter Server as administrator@vsphere.local and assign permissions to other local operating system (localos) users. See User Management Tasks in vSphere Security.

    • If an Active Directory identity source is needed, continue to step 4.

  4. If you want to use an Active Directory or OpenLDAP identity source:

    1. Log in to the vCenter Single Sign-On server as administrator@vsphere.local and add the domain as an identity source.

    2. Add the Active Directory or OpenLDAP domain as an identity source.

    3. Log in to vCenter Server and assign permissions so users in your domain can access vCenter Server components.

    See Add a vCenter Single Sign-On Identity Source and Assign Permissions in the vSphere Web Client.

  5. If you decide to install vCenter Server in multiple locations, you can install one or more vCenter Server components and a vCenter Single Sign-On component in each location. See Use Custom Install to Install vCenter Server and Required Components.

    1. Custom Install vCenter Server and vCenter Single Sign-On in location 1.

    2. Custom Install vCenter Server and vCenter Single Sign-On in location 2.

      As part of the installation of the second system, point the vCenter Single Sign-On system to the first vCenter Single Sign-On system you installed. If you want, you can also set up Linked Mode for the vCenter Server instances.

    3. Set up vCenter Single Sign-On for location 1 using the procedure in Steps 3 and 4.

  6. After you complete the setup of vCenter Single Sign-On in one location, vCenter Single Sign-On settings in all other locations are updated immediately.

  7. Log in to vCenter Server and assign permissions to users and groups.

    You set permissions for each vCenter Server instance. See Assign Permissions in the vSphere Web Client.