You can repoint a vCenter Server with an embedded Platform Services Controller from one Single Sign-On domain to an existing domain using a replication partner.

See Figure 1 for an example of repointing to an existing domain. In this case, there is repliacation.
Figure 1. Repointing a vCenter Server with an Embedded Platform Services Controller from One Domain to an Existing Domain


  • Embedded repointing is only supported with vCenter Server 6.7 Update 1 and later.
  • To ensure no loss of data, take a file-based backup of each node before proceedeing with repointing the vCenter Server.


  1. Shut down the node (for example, Node C) that is being repointed (moved to a different domain).
  2. Decommission the embedded node that is being repointed. For example, to decommission Node C, log into Node B (on the original domain) and run the following command:
    cmsso-util unregister --node-pnid Node_C_FQDN --username --passwd Node_B_sso_adminuser_password
    After unregistering Node C, services are restarted. References to Node C are deleted from Node B and any other nodes that were linked with Node C on the original domain.
  3. Power on Node C to begin the repointing process.
  4. (Optional) Run the pre-check mode command. The pre-check mode fetches the tagging (tags and categories) and authorization (roles and privileges) data from the vCenter Server. Pre-check does not migrate any data, but checks the conflicts between the source and destination vCenter Server. For example, run the pre-check with the following CLI:
    cmsso-util domain-repoint -m pre-check --src-emb-admin Administrator --replication-partner-fqdn FQDN_of_destination_node --replication-partner-admin PSC_Admin_of_destination_node --dest-domain-name destination_PSC_domain
    Note: Pre-check is not required if a replication partner does not exist (repointing to a newly created domain).
    See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util domain-repoint command.
    The pre-check writes the conflicts to the /storage/domain-data directory.
  5. (Optional) Check conflicts and apply resolutions for all conflicts or apply a separate resolution for each conflict.
    The conflict resolutions are:
    • Copy: Create a duplicate copy of the data in the target domain.
    • Skip: Skips copying the data in the target domain.
    • Merge: Merges the conflict without creating duplicates.
    Note: The default resolution mode for Tags and Authorization conflicts is Copy, unless overridden in the conflict files generated during pre-check.
  6. Run the execute command. In execute mode, the data generated during the pre-check mode is read and imported to the target node. Then, the vCenter Server is repointed to the target domain. For example, run the execute command with the following:
    cmsso-util domain-repoint -m execute --src-emb-admin Administrator --replication-partner-fqdn FQDN _of_destination_node --replication-partner-admin destination_node_PSC_Admin_user_name --dest-domain-name destination_PSC_domain
    See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util domain-repoint command.