You can repoint a vCenter Server with an embedded Platform Services Controller from one Single Sign-On domain to an existing domain using a replication partner.

See Repointing a vCenter Server with an Embedded Platform Services Controller from One Domain to an Existing Domain for an example of repointing to an existing domain. In this case, there is replication.
Figure 1. Repointing a vCenter Server with an Embedded Platform Services Controller from One Domain to an Existing Domain

Prerequisites

  • Embedded repointing is only supported with vCenter Server 6.7 Update 1 and later.
  • You must repoint to a vCenter Server that is of the same version.
  • To ensure no loss of data, take a file-based backup of each node before proceeding with repointing the vCenter Server.

Procedure

  1. Shut down the node (for example, Node C) that is being repointed (moved to a different domain).
  2. Decommission the embedded node that is being repointed. For example, to decommission Node C, log into Node B (on the original domain) and run the following command: 
    cmsso-util unregister --node-pnid Node_C_FQDN --username Node_B_sso_administrator@sso_domain.com --passwd Node_B_sso_adminuser_password
    After unregistering Node C, services are restarted. References to Node C are deleted from Node B and any other nodes that were linked with Node C on the original domain.
  3. Power on Node C to begin the repointing process.
  4. (Optional) Run the pre-check mode command. The pre-check mode fetches the tagging (tags and categories) and authorization (roles and privileges) data from the vCenter Server. Pre-check does not migrate any data, but checks the conflicts between the source and destination vCenter Server. For example, run the pre-check with the following CLI: 
    cmsso-util domain-repoint -m pre-check --src-emb-admin Administrator --replication-partner-fqdn FQDN_of_destination_node --replication-partner-admin PSC_Admin_of_destination_node --dest-domain-name destination_PSC_domain
    Note: Pre-check is not required if a replication partner does not exist (repointing to a newly created domain).
    See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util domain-repoint command.
    The pre-check writes the conflicts to the /storage/domain-data directory.
  5. (Optional) Check conflicts and apply resolutions for all conflicts or apply a separate resolution for each conflict.
    The conflict resolutions are:
    • Copy: Create a duplicate copy of the data in the target domain.
    • Skip: Skips copying the data in the target domain.
    • Merge: Merges the conflict without creating duplicates.
    Note: The default resolution mode for Tags and Authorization conflicts is Copy, unless overridden in the conflict files generated during pre-check.
  6. Run the execute command. In execute mode, the data generated during the pre-check mode is read and imported to the target node. Then, the vCenter Server is repointed to the target domain. For example, run the execute command with the following: 
    cmsso-util domain-repoint -m execute --src-emb-admin Administrator --replication-partner-fqdn FQDN _of_destination_node --replication-partner-admin destination_node_PSC_Admin_user_name --dest-domain-name destination_PSC_domain
    See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util domain-repoint command.