Tips for installing VMware Single Sign-on in vSphere 5.1.0a

I’ve lost many hours of my life trying to get VMware Single Sign-on(SSO) installed for an installation of vSphere 5.1.  Here are some of the tips that I used to finally get it installed.

First a few details.  The vSphere install was on a Windows 2008 server, and the database backend was Oracle 11g.

  • Read the documentation.  It’s rather long, but most of it isn’t going to be relevant to your situation.  Kudos to VMware for releasing documentation in ePub format.
  • Use this link and download the ODAC drivers.  Install everything.
  • Don’t use this link.  Could not get these drivers to work.
  • Set your %ORACLE_HOME% and %TNS_ADMIN% system (not user) variables.   Oracle was installed on c:\Oracle, and I was installing version 11.2.0.3.20 on a brand new server.  My %ORACLE_HOME% was set to C:\Oracle\product\11.2.0\client_1, and my  %TNS_ADMIN% was C:\Oracle\product\11.2.0\client_1\Network\Admin.  Your  %TNS_ADMIN% is where your sqlnet.ora and tnsnames.ora must live.  You can copy examples from a “Samples” directory for guidance.  The tnsames.ora must be correct for the next step to work.
  • Once they are installed, you’ll need to create your ODBC drivers in Windows.  The requirement is for a 64 bit system DSN.  Make sure to use this “Data Sources (ODBC )”, which is found in “Control Panel\All Control Panel Items\Administrative Tools.”  If you use this, you WILL get the 64 bit ODBC drivers, and you’ll find them in the dropdown box under “System DSN -> TNS Service Name.”
  • The server must have a PTR (reverse) record.
  • IIS must either be uninstalled or disabled.  I’ve disabled it.  In Windows 2008, it’s referred to as “World Wide Web Publishing Service”, not IIS.

Now that you have this done, you’re ready to install SSO service.  You want to get the newest image you can.  There have been several revisions since I started this exercise (5.1, 5.1.0a, and lastly 5.1.0a build 880471.)  There are vast difference between   each of those releases, with improvements and clarifications in each release, as it relates to Single Sign-on, and I would expect the improvements to continue.

Once SSO is installed, the only other error I ran into was a requirement that the database user have additional DBA privileges.  Should this happen, you’ll get a nice, descriptive error box with all the information you need to give your DBA.

Good Luck!!