I did not get any further with that, no. However, I have since abandoned the idea of an HA and/or multisite layout for SSO at this company and will settle on a single SSO VM running within an HA cluster that all 4 of our vCenters and their respective Inventory/web servers will point to. We can deploy as such given we have high speed links between the SSO server and the vCenter locations and we will leverage SRM to protect the SSO server between its primary site and a backup/recoveryt one. Bye Bye SSO layout/design complexity. I liken it to Microsoft when AD first came out and what they ultimately said regarding domains/child domains/resource domains and the like: In the end, if AT ALL possible, go with a SINGLE DOMAIN. I'm applying that mindset to "SSO 1.0" from VMware in order to keep tshooting and design as simple as possible (if your infrastructure/needs even remotely allow for that approach, which ours most definitely does).
↧