Where to go from here (see page 68)
Before you begin
. Install the first node for an HA cluster on a new Tomcat server (see page 57)
Obtain the zipped BMC Atrium Single Sign-On files from the BMC product package via Electronic Product Download (EPD) or the BMC Atrium Single Sign-On DVD for the additional nodes.
If there is already an installation of BMC Atrium Single Sign-On on the target computer, the installer will not allow another installation. Uninstall the existing version.
Ensure that the first node and all the additional nodes are running in the HA cluster.
Prepare to run the installation program for your operating system.
For example, you must update Terminal Services configuration options and configure the DEP feature if you are using Windows. For more information, see Configuring Terminal Services and DEP parameters.
Important
The BMC Atrium Single Sign-On Tomcat server cannot be shared with any product (for example, the AR System server or the BMC Remedy Mid Tier) that integrates with BMC Atrium Single Sign-On. BMC recommends that you install BMC Atrium Single Sign-On on a different computer than the computer where you plan to install a BMC product (for example, the AR System server or the BMC Remedy Mid Tier).
To install an addition node for an HA cluster on a new Tomcat
During subsequent node installations, previously installed nodes must be available so the newly added node can fully integrate into the cluster.
2.
3.
4.
5.
6.
7.
8.
Copy the cluster configuration file (created during the first node's installation) to the Disk1directory of the extracted files before installing BMC Atrium Single Sign-On on the node.
Note
The installation and configuration information of the first node is used when installing additional nodes.
Run the installation program.
Launch the setup executable located in the Disk1directory of the extracted files.
(Microsoft Windows ) Run setup.cmd (UNIX ) Run setup.sh
In the lower right corner of the Welcome panel, click Next.
Review the license agreement, click I agree to the terms of license agreement, and then click Next. Accept the default destination directory or browse to select a different directory, and then click Next. In the Host Name Information panel, verify that the hostname presented is the Fully Qualified Domain Name (FQDN) for the host, and then click Next.
Correct the value as needed.
In the BMC Atrium SSO Server Cluster Options panel, perform the following actions:
Home BMC Software Confidential
a.
b.
c.
9.
10.
11.
Select Clustered Atrium SSO Server. Select Add this node to an existing cluster. Click Next.
In the BMC Atrium SSO Cluster Configuration File Information panel, browse to the Disk1 directory where you copied the file, and then click Next.
Enter the LDAP port number (8091), LDAP replication port (8092), LDAP administration port (8093), and click Next.
Verify that Install New Tomcat is selected and click Next.
Note
The BMC Atrium Single Sign-On Tomcat server cannot be shared with any product that integrates with BMC Atrium Single Sign-On. BMC recommends that BMC Atrium Single Sign-On be the only application on the Tomcat server.
13.
14.
a.
b.
c.
d.
If any of the port numbers are incorrect, a pop-up menu identifies the incorrect port number and allows you to modify the selection.
Review the installation summary and click Install.
After the second node has been successfully installed, additional nodes can be added to the cluster by using the file created during the first installation.
Verify that your BMC Atrium Single Sign-On installation was successful by accessing the BMC Atrium Single Sign-On URL.
Navigate to Start > All Programs > BMC Software > BMC Atrium SSO > Administrator to launch the BMC Atrium SSO Admin Console .
The URL to open the BMC Atrium SSO Admin Console is:
https://<ssoServer>.<domain>:<port>/atriumsso/atsso/console/login/Login.html For example:
https://ssoServer.bmc.com:8443/atriumsso/atsso/console/login/Login.html
When you are prompted that you are connecting to an untrusted connection, add the exception and then continue.
Note
Browsers display this warning because you have not yet configured the SSO authentication as a trusted provider.
Confirm that you can view the BMC Atrium Single Sign-On login panel.
Log on with the SSO administrator name (for example, amadmin) and password.
The BMC Atrium SSO Admin Console appears.
(Click the image to expand it.)
Home BMC Software Confidential
d.
15.
16.
Verify that your BMC Atrium Single Sign-On installation was successful by accessing the SSO load balancer.
For example:
https://ssoloadbalancer.bmc.com:8443/atriumsso
The BMC Atrium SSO login screen appears. After you log on, your SSO servers appear in the HA Nodes List.
(Optional) Create an administrative user account for BMC Products to perform search functions on the user store (for example, to list user names and emails).
If you are using the BMC Atrium Single Sign-On server's internal LDAP, assign the BMCSearchAdmins group to the new user account.
If you are using an external system for authentication (such as AR System, LDAP, or Active Directory), assign the BmcSearchAdmins group to either an already existing user account or a new user
1.
Where to go from here
To install the AR System server, see Installing or upgrading AR System server.
To secure certificates with an external CA, see Managing keystores with a keytool utility (see page 239). To configure authentication, see Configuring after installation. For a specific authentication method, see the specific method. For example, for LDAP or Active Directory, see Using LDAP (Active Directory) for
. authentication
6.5.7 Installing the first node for an HA cluster on an external Tomcat server
The following provides information and instructions for installing the first node for an HA cluster on an external Tomcat.
Before you begin (see page 68)