VMware vCenter Server Appliance (VCSA) 5.5 deployment tips and tricks

Here are some deployment tips and tricks for the VMware vCenter Server Appliance (VCSA):

  • The VMware vCenter Server Appliance is a preconfigured Linux-based virtual machine. The VMware vCenter Server Appliance (VCSA) is available as OVF/ OVA
  • It based on Suse Linux Enterprise 11 64-bit
  • Linked Mode, Microsoft SQL or DB2 is not supported
  • As database you can use the embedded vPostgres or external Oracle database
  • The minimal configuration is: 2 vCPUs, 8 GB memory, a 25 GB thin provisioned and 100 GB thick disk. This configuration is for 10 or fewer hosts and 100 or fewer virtual machines. More information on sizing the VCSA can be found here link.
  • In a small home lab or PoC environment you can decrease the memory of the VCSA. For example my home lab VCSA has 4 GB memory. This is not supported!
  • The VCSA is deployed with  Hardware Version 7. If you update the vCenter Server appliance to hardware version 10, you cannot edit the virtual machine settings for the appliance using the vSphere Client!
  • Make sure that the hostname is entered as Fully Qualified Domain Name (FQDN). 


– If you get “Error: invalid hostname. FQDN is required for joining a domain” you forgot to change the hostname of the VCSA to a FQDN.


  • To configure the VCSA, use the following URL: https://IP-address-VCSA:5480 to access the  Virtual Appliance Management Interface (VAMI).
  • The default user name is: root
  • The default password is:  vmware
  • The root password will expire after 90 days! In the Admin page of the VAMI interface it is possible to disable the root password expiration.
  • The default SSO user is: administrator@vsphere.local
  • Synchronize the vCenter Server Appliance Clock with a NTP server, VMware tools or Active Directory (this option is only available if the VCSA is joined with the Active Directory).
  • More information on backing up and restoring the vCenter Server Appliance (vPostgres) database use the following  Link.
  • To use the vSphere Web Client use the following URL: https://IP-address-VCSA:9443/
  • SSH is by default enabled. To enable or disable SSH toggle the SSH login on the Admin tab of the VAMI.
  • Microsoft Sysprep files can be uploaded in the VAMI summary page. They are stored in: /etc/vmware-vpx/sysprep/OS directory.
  • You can add additional software such as SNMP to monitor the VCSA. Adding software can be done with the “Yet another Setup Tool” (YAST).
  • To monitor vCenter Server Appliance database disk usage you can use this script Link.

Is the vCenter Server Appliance (VCSA) 5.5 a replacement for the Windows vCenter Server?

Back in 2012 I wrote a blog post  “What about the VMware vCenter Server Appliance (VCSA) version 5.1”. One of the limitations with VCSA 5.1 was that the embedded vPostgres database only supports 5 hosts and 50 VMs. So it was only supported in test and very small environments.

Now with vSphere 5.5 the the embedded vPostgres database of the vCenter Server Appliance supports 500 hosts and 5000 VMs.  This  is a great improvement!

Other pros are:

  • No Windows and SQL licenses needed
  • Easy and quick to install and upgrade

But there are still limitations such as:

  • No Linked mode support (requires ADAM (AD LDS)
  • VMware Update Manager can’t be installed in the VCSA, additional Windows based VM or physical server needed (Windows license needed)
  • vCenter Heartbeat is not supported
  • Not all VMware and third party plugins will work


There is no direct upgrade path from the Windows vCenter Server to the vCenter Server Appliance! To choose between the Windows vCenter Server and the vCenter Server Appliance the following questions for example needed to be answered:

  • How many hosts and VMs are planned in a single vCenter server?
  • How do I backup and restore the vPostgres database?
  • How do I monitor the vCenter Server?
  • It is a Linux appliance. Is there knowledge available to troubleshoot?
  • Are all my other VMware products and third party products supported?
  • Do I need vCenter Heartbeat?
  • How do I patch my ESXi hosts?
  • Do I need linked mode?
  • Are there other tools to install on the vCenter server?

With the improvement of the vPostgres database it can replace the Windows vCenter Server, but it depends on for example the above questions.  With vSphere 5.5 the use of the vCenter Server Appliance can be considered in every new design or upgrade path. 

vCenter Single Sign On (SSO) password reset

During the installation of the Windows vCenter Single Sing On (SSO) service you must provide a password for the SSO admin user named “admin@System-Domain”.


The password you enter is called the master password. If you change the master password, the password entered during the installation of the SSO service is needed as master password for resetting the “admin@System-Domain”. You can reset it by using the following syntax:

  • navigate to the following directory “\Program Files\VMware\Infrastructure\SSOServer\utils”
  • Use the “rsautil reset-admin-password” command.  The VMware KB article can be found here.

If you forgot the master password and have no other admin account, there is no supported way to reset the SSO password. You need to reinstall your vCenter environment!

There is an unsupported way to recover the SSO password by reading the sha256 hashed password. The complete procedure can be found on Schubis Blog.

Make sure that you document master SSO password entered during the installation. After the installation add some other users to Administrators group in SSO.  I hope VMware will make it possible to reset the “admin@System-Domain” password. in a future patch of release.