Changing to an external Remedy Single Sign-On instance after installation

If you are using the embedded version of Remedy Single Sign-On (Remedy SSO) authentication and you want to switch to an external Remedy SSO instance, all BMC Atrium Orchestrator (BAO) components that point to embedded Remedy SSO must be reconfigured to point to the external Remedy SSO instance.

Notes


The following BAO components must be reconfigured:

  • Repository
  • CDP
  • OCP (if installed)
  • HA-CDP (if installed)
  • AP (if installed)

In these instructions, AO_HOME represents the component installation directory.

To configure components for an external Remedy SSO, complete the following steps for each component.

  1. Stop the component service (see Starting and stopping product components and services).
  2. Navigate to the AO_HOME/config directory.
  3. Edit the authentication.xml file.
    The file will look similar to the following example:

    <?xml version="1.0" encoding="ISO-8859-1"?>
    <authentication>
      <config>
         <service-type>RSSO_EMBEDDED</service-type>
         <url>https://BAOhost.bmc.com:8443</url>
         <tenant>BAOLocal</tenant>
      </config>
    </authentication>
  4. Change the authentication service-type and URL settings to those for the external Remedy SSO as follows:

    <?xml version="1.0" encoding="ISO-8859-1"?>
    <authentication>
      <config>
         <service-type>RSSO_EXTERNAL</service-type>
         <url>https://RSSOhost.bmc.com:8443</url>
         <tenant>BAOLocal</tenant>
      </config>
    </authentication>
  5. Navigate to the AO_HOME/tomcat/conf directory.
  6. Edit the context.xml file.
  7. Locate the following lines and, if they exist, comment them out, and save your changes.
    Note that the port numbers and IP address values will be different in your file.

    <Parameter name="com.bmc.ao.ha.cdp.port" override="true" value="9999"/>
     <Parameter name="com.bmc.ao.ha.cdp.ip" override="true" value="111.222.333.444"/>
     <Parameter name="com.bmc.ao.ha.repo.port" override="true" value="9999"/>
     <Parameter name="com.bmc.ao.ha.repo.ip" override="true" value="111.222.333.444"/>
     <Parameter name="com.bmc.ao.USE_HA_FAIL_SAFE_MODE" override="true" value="false"/>
     <Parameter name="com.bmc.ao.USE_HA" override="true" value="true"/>
  8. Restart the BAO component service.

Create the default user, role, and realm

Note

Perform these steps after you have changed your authentication system to external Remedy SSO.

After installing Remedy SSO, you must complete the following tasks before installing BMC Atrium Orchestrator Platform components:

  1. Create a realm named BAOLocal (see Working with realms).
  2. Create a user called aoadmin (see Creating and managing local users and roles in Remedy Single Sign-On). Use the default password (see Installing the repository for the default password, which is listed after the installation instructions).
  3. Create a role called AoAdmin (see Creating and managing local users and roles in Remedy Single Sign-On).
  4.  Assign the aoadmin user to the AoAdmin role  (see Creating and managing local users and roles in Remedy Single Sign-On).

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Peter Lowater
    It should also mention here that you need to Create the default user, role, and realm.
    Is covered when installing and using External RSSO but not here
    Jun 21, 2017 05:35
    1. Shweta Hardikar

      Hi Peter,

      I have added the section on creating a user, role, and realm after moving to external RSSO here.

      Hope this helps! 

      Jun 28, 2017 03:53
  2. Iain Taylor

    Hi Shweta, sorry but there appears to be authrisation issues all over the site, this is the second page that I am getting the following error on :( .

    Error rendering macro 'excerpt-include' : User 'iain.taylor@tiberone.com' does not have permission to view the page '_Changing to an external Remedy Single Sign-On instance'.

    Thank you for resolving the fail safe enterprise service bus page error.

    Nov 10, 2017 04:10
    1. Shweta Hardikar

      Hi Iain, Sorry for the problems. I have fixed the current page. I will look for more instances.

      Nov 14, 2017 01:10
      1. Iain Taylor

        Thank you Shweta.

        Nov 27, 2017 05:09