You can upgrade a vRealize Automation Identity Appliance with vCenter Platform Services Controller (PSC), a component of vSphere 6.x. To do this, you must register the new SSO with vRealize Appliance, add identity stores, and create a new solution user.
About this task
You can upgrade to PSC as part of your product upgrade or as an independent product component.
Backup and create a snapshot of your Identity Appliance.
Save information for identity stores for all tenants. You must recreate this information in the new SSO appliance.
Install vCenter PSC.
Download the vCenter Server (VCSA) for Linux and Windows Deploys from the VMware download site.
Follow the deployment procedures in the VMware vCenter Server 6.0 Deployment Guide searchable at http://www.vmware.com.
If you are upgrading to PSC as part of a complete product upgrade, upgrade your vRealize Automation deployment before beginning the following procedure.
- Navigate to the vRealize Appliance management console by using its fully qualified domain name, https://vra-va-hostname.domain.name:5480/.
- Log in with user name root and the password you specified when you deployed vRealize Appliance.
- Click the vRA Settings tab and click SSO from the menu bar.
- Change the value in the SSO Port text box to 443.
- Enter the default administrator name firstname.lastname@example.org in the SSO Admin User text box.
- Enter the SSO administrator password in the SSO Admin Password text box. The password must match the password you specified in the SSO settings for the Identity Appliance.
- Click Save Settings.
- If you are prompted with a warning about an untrusted host, click OK to proceed and to restart vRealize Appliance services.
- Wait for all services to restart before using vRealize Automation.
- Click the Services tab.
- Monitor the Registered Services listing. You can click Refresh to see the latest information.
- Add identity stores to the new appliance.
- Log out of the vRealize Appliance management console.
- Go to your default tenant at https://vCAC FQDN/vcac and log in as email@example.com.
- Open the tenant.
- Click Update.
- Open each configured tenant and add the identity stores you configured prior to the upgrade and saved earlier,
- Click Add.
- Click Update.
- Reopen the tenant and confirm that settings for the tenant and the IaaS administrators display correctly.
- Add identity stores for all tenants.
- Go to the IaaS machine where Model Manager Data was installed and imported from and create a new data file.
- Open a Windows command prompt as an administrator.
- Go to C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\.
- Rename the file vcac-config.data to vcac-config.old.
- Run the following command to create the updated data file:
Vcac-Config.exe GetServerCertificates -url https://(vCAC FQDN) --FileName vcac-config.data.
Vcac-Config.exe GetServerCertificates -url https://vcac.vcloud.local --FileName vcac-config.data
- Create a new solution user. A solution user represents the IaaS service and is used for authentication between Windows and virtual appliances. Use a command of the following form:
Vcac-Config.exe RegisterSolutionUser -url https://(vCAC FQDN) --Tenant vsphere.local -cu firstname.lastname@example.org -cp password --FileName vcac-config.data -v
Vcac-Config.exe RegisterSolutionUser -url https://vcac.vcloud.local --Tenant vsphere.local -cu email@example.com -cp Passw0rd123 --FileName vcac-config.data -v
- Move the solution user into the IaaS database with a command of the following form:
Vcac-Config.exe MoveRegistrationDataToDB --FileName vcac-config.data -s "SQL Server FQDN" -d "Database_name" -v
Vcac-Config.exe MoveRegistrationDataToDB --FileName vcac-config.data -s "sql.vcloud.local" -d "vCAC" -v
- Restart IIS or open an elevated command prompt window and type iisreset.
- From the IaaS Windows machine, select Start > Administrative Tools > Services.
- Restart machines for all IaaS Services in the recommended order.
All IaaS services must be restarted for the solution user change to take effect.
- VMware vCloud Automation Center Service (manager service)
- VMware DEM-Orchestrator
- VMware DEM-Worker
- VMware vRealize Automation Agents
You have created a new PSC SSO appliance with required vRealize Automation information.