vCenter 5.1 Simple Install – Not so simple

VSphere 5.1 came out just over a month ago, introducing a number of new features. One of particular importance to the userbase, is the addition of Single Sign On (SSO) to vCenter, and the separation of vCenter Inventory Service from the vCenter Server core. If you are setting up a proof of concept or lab environment, you are likely to choose the vCenter Simple Install which installs these three components on a single machine under one unified installer.

When both upgrading from vCenter 5.01 and doing a fresh install on a new x64 Windows 2008 Standard Edition R2 server, we encountered significant problems using the Microsoft SQL Server 2008 R2 Express database that is bundled with vCenter Server.

During the upgrade procedure your are prompted to use an existing database, and since you already have the express database installed you’ll likely want to just add a new database to the existing database instance. In order to use your existing database your are prompted for the database’s “sa” password, which we actually do not know. You may input any password to enable the SA account and set the password, but you’ll need to comply with the OS’s password policy. For a Server 2008 R2 Standard host:

Passwords must be at least six characters in length.
Passwords must contain characters from three of the following four categories:

  • English uppercase characters (A through Z).
  • English lowercase characters (a through z).
  • Base 10 digits (0 through 9).
  • Non-alphabetic characters (for example, !, $, #, %).

If you mistakenly enter a password that fails to meet the password complexity requirements, the installation fails soon thereafter. In order to resume the installation you’ll need to reset the “sa” password to meet complexity requirements. Below is one method from the command line:

sqlcmd –S 'localhost\VIM_SQLEXP'
sp_password @new = 'newpassword', @loginame = 'sa'
go
ALTER LOGIN sa WITH PASSWORD = 'newpassword' UNLOCK
go
exit

During a fresh installation we run into a few issues.

Firstly, we need to setup a x64 OBDC DSN, which is difficult to do before you start your vCenter 5.1 Simple Install, as there is no database installed! So, when the installer gets to installing vCenter Server, you’ll need to: cancel out of the installation, set up the DSN as shown below, then restart the vCenter Server installation.

On your Windows Server:

  1. Go to "Administrative Tools"
  2. Go to "Data Sources (ODBC)"
  3. Select "System DSN"
  4. Select "Add"
  5. Select "SQL Server Native Client 10.0"
  6. In the "Name" field enter "Vcenter DSN" or something similar
  7. In the "Description" field enter whatever you like
  8. In the "Server" drop down list select "localhost\VIM_SQLEXP"
  9. Goto the next page
  10. Select "With Integrated Windows authentication"
  11. Goto the next page
  12. Select the "Change the default database to:" and choose "RSA"
  13. Goto the next page
  14. Select "Finish"


Secondly, once we finish the installation we are allowed to log in ONE TIME to vCenter Server using your existing, Windows AD or localhost, credentials (you will also need to deal with the browser certificate errors) when using the vSphere Web Client.

In order to log into vCenter Server, you’ll need to configure your vCenter SSO credentials, so fire up the vSphere Web Client:

  1. Login as "admin@System-Domain"
  2. Navigate to "Home"
  3. Select "Administration"
  4. Select "Sign-On and Discovery - Configuration"
  5. Under "Identity Sources" make sure your preferred group is present
  6. Select "SSO Users and Groups"
  7. Under "vCenter Single Sign On Users and Groups" select the "Groups" tab
  8. Select "_Administrators_" then click on the little person with the "+" sign
  9. Select your preferred "Identity Source" from the pull down menu
  10. Select your vCenter administrative user and/or group and click "add"
  11. Click "Okay" then log out of the vSphere Web Client

You should now be able to login to your vCenter Server using the vSphere Web Client. In the case of using the local administrator account we had to use the username of “administrator@administrators”, which may be a side effect of adding both the local “administrator” user and “administrators” group to our list of preferred “Identity Sources”

Good luck and I hope you’ve found this information useful in your VMware vCenter Server 5.1 installation.