Where to go from here (see page 171)
Before you begin
. For more information, see the BMC Remedy AR Install the AREA LDAP plug-in used with the AR System server
System 8.0 online documentation.
To configure external authentication for AR System integration
Use a browser to log on to the AR System server (by using the mid tier).
For example:
http://midTier:8080/arsys
Open the AR System Administration Console.
Open the Server Information window by selecting System > General > Server Information. Click the Configuration tab.
Clear Allow Guest Users. Click the EA tab
(Click the following image to expand it.)
Home BMC Software Confidential
7.
8.
9.
10.
11.
Set the following information:
Field Value
External Authentication Server RPC Program Number 390695 External Authentication Server Timeout (seconds) RPC 80
External Authentication Server Timeout (seconds) Need To Sync 300 (default)
Select Authenticate Unregistered Users.
Set Authentication Chaining Mode to AREA-ARS. Set the Group Mapping.
For example, you can map the Atrium Single Sign-On group BmcAdmins to the AR group Administrator. Click OK.
Where to go from here
. Installing BMC Atrium Single Sign-On for AR System integration
9.1.2 Installing BMC Atrium Single Sign-On for AR System integration
The following topic provides information and instructions for installing BMC Atrium Single Sign-On for AR System integration:
1.
To install BMC Atrium Single Sign-On as a standalone
Unzip the BMC Atrium Single Sign-On files.
Run the installation program.
The installation program, autorun, automatically detects the appropriate subscript to run. However, if the appropriate file is not launched, manually run the setup executable. The setup executable is located in the
directory of the extracted files.
Disk1
(Microsoft Windows ) Run setup.cmd.
(UNIX ) Run setup.sh (which automatically detects the appropriate subscript to execute).
Accept the default destination directory or browse to select a different directory and click Next.
Verify that the hostname presented is the Fully Qualified Domain Name (FQDN) for the host, correct the value as needed, and click Next.
Choose to install non-clustered or clustered Atrium Single Sign-On Server.
Non-clustered Atrium Single Sign-On Server – Standalone Single Sign-On Server.
Clustered Atrium Single Sign-On Server – Implemented as a redundant system with session failover.
Clustered install requires at least two nodes. For more information, see Installing BMC Atrium Single .
Sign-On as a High Availability cluster (see page 55) Verify that Install New Tomcat is selected and click Next. The Tomcat server options are:
Install New Tomcat (default)
Use External Tomcat. See Installing BMC Atrium Single Sign-On on an external Tomcat server (see to install with this option.
page 72)
Accept the default Tomcat HTTP port number (8080), HTTPS port number (8443), and Shutdown port number (8005), or enter different port numbers and click Next.
If any of the port numbers are incorrect, a panel identifies the incorrect port number and requires you to return to the previous page to correct the values before proceeding with the installation.
Note
When installing on Linux servers, port selections below 1000 require the server to run as root, or use a port forwarding mechanism.
Enter a cookie domain and click Next.
The domain value of the cookie should be the network domain of BMC Atrium Single Sign-On or one of its parent domains. See Default cookie domain for more information.
Important
The higher the level of the selected parent domain, the higher the risk of user impersonation. Top-level domains are not supported (for example, com or com.ca ).
Home BMC Software Confidential
You cannot use sibling domains or cross-domains with BMC Atrium Single Sign-On. For example, installing the BMC Atrium Single Sign-On server in the remedy.com domain and the AR System server in the bmc.com domain is not supported. You must move all your computers into the same domain.
Enter a strong administrator password (at least 8 characters long), confirm the password, and click Next. The default administrator name is amadmin. See Administrator password for more information.
Review the installation summary and click Install.
Verify that your BMC Atrium Single Sign-On installation was successful by accessing the BMC Atrium Single Sign-On URL.
Navigate to Start > All Programs > BMC Software > BMC Atrium SSO > Administrator to launch the BMC Atrium SSO Admin Console .
The URL to open the BMC Atrium SSO Admin Console is:
http://<ssoServer>.<domain>:<port>/atriumsso/atsso/console/login/Login.html For example:
http://ssoServer.bmc.com:8443/atriumsso/atsso/console/login/Login.html Confirm that you can view the OpenSSO login panel.
(Optional) Create an administrative user account for BMC Products to perform search functions on the user data store (for example, to list user names and emails).
If you are using the BMC Atrium Single Sign-On server's internal LDAP, assign the BMCSearchAdmins group to the new user account.
If you are using an external system for authentication (such as AR System, LDAP, or Active Directory), assign the BmcSearchAdmins group to either an already existing user account or a new user
account.
Where to go from here
Configuring BMC Atrium Single Sign-On for integration
9.1.3 Configuring BMC Atrium Single Sign-On for integration
The BMC Remedy AR System server is integrated with the BMC Atrium Single Sign-On solution by a new Atrium Single Sign-On plug-in. To configure this plug-in, you must provide values for certain configuration parameters on the new Atrium Single Sign-On Integration tab, located on the AR System Administration: Server Information form.
Alternatively, you can also perform the Atrium Single Sign-On integration related configuration while installing the AR System server. To do this, you must provide the values for the configuration parameters on the new Atrium Single Sign-On Configuration screen after selecting the Configure Atrium SSO check box.
Before you begin (see page 174)
1.
2.
Note
To activate the connection to BMC Atrium Single Sign-On, use the Atrium SSO Integration tab of the AR System Administration: Server Information form.
BMC Atrium Single Sign-On integration is supported only on web clients. For information about manually configuring the mid tier for Atrium Single Sign-On integration, see Manually configuring mid
. tier for BMC Atrium Single Sign-On user authentication (see page 176)
Before you begin
Install the BMC Atrium Single Sign-On server
Note
The BMC Atrium Single Sign-On Tomcat server cannot be shared with any product (for example, the AR System server or the BMC Remedy Mid Tier) that integrates with BMC Atrium Single Sign-On. BMC recommends that BMC Atrium Single Sign-On be the only application in the Tomcat server.