Single Sign on Server has only been out a short time and there isn't a lot of great discussion out there yet around it - espcially in terms of making design decisions. I'm looking for some good feedback and links especially around the question of installing it in a multisite configuration.
For example: You have 5 sites in different geographic locations. Each site has their own vCenter Server. Do you want to install an SSO server in each site, or just in one site?
If you install SSO in multiple sites, then if the SSO server in one site goes down, that site can't log in to their vCenter Server. If that site is a remote location and has a smaller and less robust setup, it might be more likely for it's SSO server to go down. In that scenario, it can't log into your main site's SSO server over the WAN either, because each SSO server serves only it's own site in a multisite configuration.
However if you don't use multisite, your vCenter Server at a remote site CAN log in to your main site's SSO server over the WAN. If something happens at the remote site, as long as the vCenter Server at the remote site is up and still has WAN connectivity, people and services can still authenticate to the remote site's vCenter Server.
So when you are making this decision whether to use multisite SSO, is it just a matter of deciding which is more reliable, your WAN connection or your remote site's infrastructure? Or is there more involved to think about?
Also, if you start out without using multisite, how hard is it to change later to using multisite? Are there undocumented problems people have discovered from trying to make changes?
How hard is it to change from multisite back to single site later?
What about other management products? VCO, vCOPs, Chargeback, SRM, vShield, VCD, DynamicOps, etc. They won't all be used in all sites, but of I'm deploying some of these in more than one site, and they will all use Single Sign on, how should that affect my initial decision on whether or not to use multisite SSO?
Any best practices or flowcharts to outline how to process these decisions?