7.7.00 enhancements
This section contains information about the features in version 7.7 of the BMC Atrium Orchestrator Platform.
Tip
For information about issues corrected in this release, see Known and corrected issues.
BMC Atrium Single Sign-On integration and replacement of Access Manager
BMC Atrium Orchestrator 7.7 integrates with BMC Atrium Single Sign-On 8.1. Access Manager has been replaced by BMC Atrium Single Sign-On. As a result, when you upgrade an existing Access Manager and repository combination to platform 7.7, Access Manager is deleted.
The BMC Atrium Single Sign-On server uses domains for single sign-on cookie validity and requires the use of a Fully Qualified Domain Name (FQDN) to integrate with different servers. Therefore, the CDP, repository, Operator Control Panel (OCP), high-availability configuration distribution peer (HA-CDP), activity peer (AP), and lightweight AP (LAP) must be installed by specifying the FQDN and not the IP address or host name.
Supported operating systems
Operating system | BMC Atrium Orchestrator Platform | BMC Atrium Orchestrator Development Studio |
|---|---|---|
Windows 7 64-bit | No | Yes |
Windows Server 2008 R2 64-bit | Yes | No |
Windows Server 2012 64-bit | Yes | No |
Red Hat Enterprise Linux 5.x 64-bit | Yes | No |
Red Hat Enterprise Linux 6 64-bit | Yes | No |
Linux Red Hat 6.2 64-bit | Yes | No |
Linux Suse 10.4 64-bit | Yes | No |
Linux Suse 11.2 64-bit | Yes | No |
Oracle Solaris Sparc 10 64-bit | Yes | No |
Note
Starting with BMC Atrium Orchestrator Platform version 7.7, you cannot install BMC Atrium Orchestrator Platform on any 32-bit computers with Linux or Windows.
Discontinued support for operating systems
BMC Atrium Orchestrator Platform version 7.7 does not support the following operating systems:
- Windows Server 2003
- Red Hat Enterprise Linux 4
- Apple Macintosh
Installation program changes
The installation process has changed. You must now observe the following installation guidelines:
- BMC Atrium Single Sign-On must be installed first and be running to install BMC Atrium Orchestrator components. Also, BMC Atrium Single Sign-On and all the BMC Atrium Orchestrator components must share the same domain name.
- The repository and BMC Atrium Single Sign-On must be running to install the CDP.
- The repository, CDP, and BMC Atrium Single Sign-On must be running to install the HA-CDP.
- The CDP and BMC Atrium Single Sign-On must be running to install the OCP.
- The CDP must be running to install the LAP or AP.
- You cannot install BMC Atrium Single Sign-On and the repository together, the way you installed Access Manager and the repository in version 7.6.02.
- You cannot install a stand-alone graphing server.
- You cannot install an AP and OCP combination.
- All BMC Atrium Orchestrator components are installed with HTTPS as the default protocol.
- To install the repository, CDP, HACDP, or OCP, you need the password for the amadmin account in BMC Atrium Single Sign-On.
- You cannot access the repository, Grid Manager, or BMC Atrium Orchestrator Development Studio by using the amadmin account. You must create a user account to use this version of BMC Atrium Orchestrator Platform.
Note
The executable files in BMC Atrium Orchestrator 7.7 are tomcat.exe and not java.exe like in BMC Atrium Orchestrator 7.6.02.
Platform – Content compatibility
BMC Atrium Orchestrator Platform 7.7 is certified with BMC Atrium Orchestrator Content 20.13.01.
Warning
BMC Atrium Orchestrator Platform 7.7. uses Java 7. If you have created custom adapters, you might need to recompile the adapters with Java 7. Some adapters might not work if they do not comply with the increased security standards enforced in Java 7.
Infrastructure changes
BMC Atrium Orchestrator Platform has been upgraded to work with Tomcat 7.0.30, Java 7 update 7, and IPv4-only networks, IPv6-only networks, and IPv4 and IPv6 (mixed) networks.
FIPS compliance
Federal Information Processing Standards (FIPS) are standards that describe document processing, encryption algorithms and other information technology standards for use within non-military government agencies and by government contractors and vendors who work with the agencies. Platform 7.7 is FIPS-compliant.
Authorization in the Grid Manager and Repository Manager
In the earlier versions of BMC Atrium Orchestrator, even though permissions were created and edited in the Grid Manager, roles were stored and managed by Access Manager. Starting with this release, permissions are managed in Grid Manger for the grid or the Repository Manager for the repository.
New components installed with HTTPS
By default, all the BMC Atrium Orchestrator components are installed with HTTPS using a self-signed certificate. When accessing the component for the first time, the web browser prompts you to accept the untrusted certificate. The experience varies with the browser. You can also install the components with HTTP using the Advanced option during installation. BMC Atrium Single Sign-On can be installed only with HTTPS.
Securing user credentials
Some instances where user credentials were present within text-based configuration files have been removed.
Kerberos support in ORCA
BMC Atrium Orchestrator uses Kerberos as an authentication system. The ability to handle Kerberos tokens is only enabled with the ORCA web service.
When you want to use Kerberos, basic authentication must be disabled within the same server. Thus, if you have a CDP set up to handle Kerberos, it cannot handle user name/password authentication at the same time. Another peer in the grid can handle user name/password authentication.
Adapter configuration security enhancements
For security reasons, when using the form view to configure an adapter that requires a <password> element, the ability to switch to XML is available only the first time.
- If you configure an adapter using the form, the only way to edit the configuration is using the form view.
- If you configure an adapter using the XML view, the only way to edit the configuration is using the XML view.
- If you begin configuring the adapter using the form and then switch to the XML view, you cannot switch back to the form. The information that you entered in the form prior to the switch is saved.
After you save the adapter configuration, your experience is locked. You cannot view the contents of the secured form fields by switching to the XML view. If you need to have an XML adapter configuration, you must replace the configured instance.
Removal of multiple-grid support
BMC Atrium Orchestrator versions 7.6 and earlier supported the creation of multiple grids within a single environment. For example, you could create a development grid and a QA grid in the same environment. Following prior deprecation notifications within recent service packs and the online documentation, this feature has now been removed. As a result:
- If you have only one grid, you cannot add or remove any grids.
- If you upgrade and already had a grid, you cannot add another grid.
If you upgrade and already had more than one grid, you cannot add another grid, but you can remove grids, such that you have at least one grid.
With the adoption of server virtualization across the global IT space, greater grid control and performance can be gained by implementing grids on separate OS/JVM instances.Recommendation
BMC recommends that you implement multiple grids on separate OS/JVM instances on virtualized hardware, rather than on a single OS/JVM.
Related topics
Known and corrected issues
Downloading the installation files
Comments