Changing to an external Remedy Single Sign-On instance after installation

If you are using the embedded version of Remedy Single Sign-On (Remedy SSO) authentication and you want to switch to an external Remedy SSO instance, all BMC Atrium Orchestrator (BAO) components that point to embedded Remedy SSO must be reconfigured to point to the external Remedy SSO instance.

Notes

Complete these instructions only if you are changing to an external Remedy SSO.
If you make this change, the instructions in Configuring a fail-safe enterprise service bus after installation or Configuring a fail-safe enterprise service bus after upgrade do not apply.

The following BAO components must be reconfigured:

Repository
CDP
OCP (if installed)
HA-CDP (if installed)
AP (if installed)

In these instructions, AO_HOME represents the component installation directory.

To configure components for an external Remedy SSO, complete the following steps for each component.

Stop the component service (see Starting and stopping product components and services).
Navigate to the AO_HOME/config directory.

Edit the authentication.xml file.
The file will look similar to the following example:

<?xml version="1.0" encoding="ISO-8859-1"?>
<authentication>
  <config>
     <service-type>RSSO_EMBEDDED</service-type>
     <url>https://BAOhost.bmc.com:8443</url>
     <tenant>BAOLocal</tenant>
  </config>
</authentication>

Change the authentication service-type and URL settings to those for the external Remedy SSO as follows:

<?xml version="1.0" encoding="ISO-8859-1"?>
<authentication>
  <config>
     <service-type>RSSO_EXTERNAL</service-type>
     <url>https://RSSOhost.bmc.com:8443</url>
     <tenant>BAOLocal</tenant>
  </config>
</authentication>

Navigate to the AO_HOME/tomcat/conf directory.
Edit the context.xml file.

Locate the following lines and, if they exist, comment them out, and save your changes.
Note that the port numbers and IP address values will be different in your file.

<Parameter name="com.bmc.ao.ha.cdp.port" override="true" value="9999"/>
 <Parameter name="com.bmc.ao.ha.cdp.ip" override="true" value="111.222.333.444"/>
 <Parameter name="com.bmc.ao.ha.repo.port" override="true" value="9999"/>
 <Parameter name="com.bmc.ao.ha.repo.ip" override="true" value="111.222.333.444"/>
 <Parameter name="com.bmc.ao.USE_HA_FAIL_SAFE_MODE" override="true" value="false"/>
 <Parameter name="com.bmc.ao.USE_HA" override="true" value="true"/>

Restart the BAO component service.

Create the default user, role, and realm

Note

Perform these steps after you have changed your authentication system to external Remedy SSO.

After installing Remedy SSO, you must complete the following tasks before installing BMC Atrium Orchestrator Platform components:

Create a realm named BAOLocal (see Working with realms).
Create a user called aoadmin (see Creating and managing local users and roles in Remedy Single Sign-On). Use the default password (see Installing the repository for the default password, which is listed after the installation instructions).
Create a role called AoAdmin (see Creating and managing local users and roles in Remedy Single Sign-On).
Assign the aoadmin user to the AoAdmin role (see Creating and managing local users and roles in Remedy Single Sign-On).