Starting the BMC Server Automation Console
This topic describes how to launch the BMC Server Automation console. It includes the following sections:
Overview of the process
To log on, you may be asked to provide a user name and password, although that is not required for all authentication methods. For all types of authentication, you must choose an authentication profile.
If the information you provide when you log on is valid, you are granted a session credential. BMC Server Automation client applications use a session credential to establish a secure connection with the BMC Server Automation Application Server. If you already have a valid session credential, this procedure explains how to use the credential to start the BMC Server Automation Console and establish a connection with the Application Server.
You can choose to cache your session credential. By default, session credentials are not cached. If a valid session credential is cached, when you use a BMC Server Automation client application again, you do not have to authenticate again. Session credentials remain valid for a configurable amount of time. For more details about configuring this aspect of the authentication service, see Configuring the Authentication Service. By default, session credentials expire after 10 hours.
When you attempt to log on, a security message may warn you that the Application Server has presented BMC Server Automation with an untrusted certificate. When an Application Server uses self-signed certificates, the message always appears the first time you try to connect to a particular Application Server. If you encounter the warning, you should ideally examine the certificate before choosing to trust it. After you trust it, the certificate is added to your keystore of trusted certificates and this warning does not appear when you connect to the same Application Server again. For information about viewing an untrusted certificate, see Viewing an untrusted certificate.
Some IT departments post lists of SHA1 or MD5 fingerprints of trusted certificates. If your IT department follows this practice, compare the SHA1 and MD5 fingerprints of the certificate you are asked to trust to items in the trusted list.
Before you begin
To log on, you must choose an authentication profile, which is a collection of information that a BMC Server Automation client uses to conduct a logon session. You or your system administrator must set up an authentication profile before performing this procedure. For more information about creating authentication profiles, see Setting up an authentication profile. Only users who are granted access to BMC Server Automation can log on. For more information about how users are granted access, see Authorization overview.
To start the BMC Server Automation Console
Open the BMC Server Automation dialog box by doing one of the following:
- (Microsoft Windows) Perform one of the following steps:
- From the Start menu, select Programs > BMC Software > BladeLogic Server Automation Suite > Server Automation ConsolereleaseNumber.
From the directory where BMC Server Automation is installed (for example, C:\Program Files\BMC Software\BladeLogic\CM), enter:
You can append parameters to this command to provide locations of files that should be used during logon. For more information, see Additional command line options for logon.
If more than one version of the client is installed, the different versions reside in directories called BladeLogicN, such as BladeLogic2.
(UNIX) From the directory where BMC Server Automation is installed (for example, /opt/bmc/BladeLogic/CM/rcp), enter:
You can append parameters to this command to provide locations of files that may be used during logon. For more information, see Additional command line options for logon.
A logon dialog box appears. The appearance of the dialog box varies, depending on whether you have a valid session credential cached.
If you have a valid cached session credential, you can examine it by clicking Show Credential.
Perform the following steps to start the console and connect to the Application Server.
- Using the Authentication profile tab, select an authentication profile.
- If you:
- Possess a valid cached session credential, skip this step and go to the next step.
- Are using Active Directory/Kerberos (ADK) or public key infrastructure (PKI) authentication, skip this step and go to the next step.
- Are using SRP, LDAP, or SecurID authentication, enter your user name and password. For SecurID, your password consists of a PIN followed by the current token code displayed on your RSA SecurID token.
- Are using Domain Authentication, enter your user name and domain. The domain name must always be capitalized. If you are defined as a member of the default realm, you do not have to enter a domain name. For information about how to set up the default realm for Domain Authentication, see Configuring Domain Authentication.
To change the setting for caching session credentials or the display language, click Options. The logon window expands to show additional options in a tabbed format. By default the Generaltab is open.
Save credential for this session
Saves a session credential between sessions.
By default, this option is not checked. The setting for this option remains in effect for future logons until you change the setting. If a session credential is already cached, this option is dimmed.
Displays your choice of language (either your previous choice or your acceptance of the installation default). Select a new display language for the console or keep the current user preference. The selection remains in effect as your default language for future logons until you make a new choice.
- Click Connect.
If the Application Server presents the BMC Server Automation Console with an X.509 certificate that is not trusted, a security alert appears. Most Application Servers use self-signed certificates, so typically you encounter this dialog box the first time you access a particular Application Server.
- If a security alert does not display, skip this step and go to the next step. If a security alert describes an untrusted certificate, do one of the following:
- To return to the logon dialog box, click No. You can cancel the logon session or use a different authentication profile to log on.
- To accept the unknown certificate and proceed with the logon, click Yes.
- To examine details about the certificate, click View Certificate. For more information about this procedure, see Viewing an untrusted certificate. After examining the certificate, click Yes or No, as described above.
- If multiple roles are associated with your user name, the Assume Role dialog box appears. From this dialog box, for Select Role, choose the role you want to use.
If you prefer, you can switch roles later at any time during a session. (See Switching roles.)
Click OK. The BMC Server Automation Console appears.
When the console starts, by default it loads certain types of information by running a background operation. The Show background operations icon in the lower right corner of the console indicates a background process is running. For information about background processes, see Running background operations.