Preparing to install Remedy SSO with the Remedy installer
Before installing Remedy SSO, ensure that your environment meets the installation requirements, and complete the tasks described in this section.
Complete the pre-installation tasks for Remedy SSO
Before installing Remedy SSO, ensure the following:
If you have installed an earlier version of Remedy SSO, check if it is compatible with the TrueSight Presentation Server. If it is not, upgrade to a compatible version. For details, see
Ensure that the target computer meets the for Remedy SSO.
- Review the issues section for any installation-related issues.
- Plan to host Remedy SSO on the same network domain or one of the parent domains on which you plan to install other TrueSight products to avoid any access related issues.
- Ensure that you have the following privileges to install:
- (Windows) You can install Remedy SSO as an administrator or as a non-administrator user. The non-administrator user must be a part of the Administrators group.
(Linux) You can install Remedy SSO as a non-root user only. To be able to perform the installation, a non-root user needs the following permissions:
- Read, write, and execute permissions for Remedy SSO installation directory and /tmp directory.
- Read and write permissions for the /opt/bmc directory.
The ProductRegistry.xml file is created in the /opt/bmc directory. Therefore, the /opt/bmc directory requires read and write permissions. If the bmc directory does not exist, create it with read and write permissions.
- The Remedy SSO installer does not include Tomcat. Download and install the latest stable version of Tomcat 7.x or later.
- Install and configure the Tomcat server before installing Remedy SSO. Tomcat and Remedy SSO must be installed in different folders.
- The database that you are planning to use must be accessible from the host computer on which you want to install Remedy SSO.
- Configure the required security level for the installation environment.
- (Linux) Ensure that the system default locale is set to UTF-8.
Security Planning for Remedy SSO
Review the following sections to understand the security requirements:
For standalone installations, HTTPS has to be configured on the Tomcat server in the server.xml file. After the configuration, the interactions between the user and Remedy SSO node happens through HTTPS only. But the interactions between the supported BMC application and Remedy SSO node happens through either HTTP or HTTPS, depending on the relevant configuration.
For High Availability installations, HTTPS has to be configured on the load balancer. After the configuration, while the interactions between the user and the load balancer happen through HTTPS connections, the interactions between the load balancer and the Remedy Single SSO nodes and the supported BMC applications happens through HTTP only.
Database permissions for Remedy SSO
Ensure that you have database user credentials with permissions to create tables and read/write data to them, or you have admin credentials to create such a user during installation. You can use the following script examples for creating such permissions:
Use a new database name for Remedy SSO to prevent table name conflicts with the Configuration table. If you are using Oracle, create a new schema for Remedy SSO before running the Remedy installer, and select the new database during installation.
For MS SQL
CREATE DATABASE <database> CREATE LOGIN user WITH PASSWORD = <pwd>, DEFAULT_DATABASE = <database> USE <database> CREATE USER <user> FOR LOGIN <user> WITH DEFAULT_SCHEMA = dbo EXEC SP_ADDROLEMEMBER DB_OWNER, <user>
CREATE USER <user> IDENTIFIED BY <pwd> GRANT CONNECT, RESOURCE TO user IDENTIFIED BY <pwd> If you have Oracle 12c on the system, you must run the following script to provide a quota for a user on the tablespace. ALTER USER <user> quota unlimited on <tablespace name>
CREATE DATABASE "<database>"; CREATE ROLE "<user>" WITH LOGIN PASSWORD '<pwd>'; GRANT ALL PRIVILEGES ON DATABASE "<database>" TO "<user>"; GRANT ALL ON ALL TABLES IN SCHEMA public TO "<user>";
Sticky session for Remedy SSO HA load balancer
Remedy SSO Admin UI does not need sticky sessions to function in an HA environment.
For earlier versions, the Remedy SSO Admin UI requires sticky session/Session Persistence in an HA environment. This is accomplished by enabling sticky session/Session Persistence on the load balancer. Different load balancers have different configurations to enable a sticky session/Session Persistence. Refer to the specific load balancer documentation or ask the vendor for detais about the configuration.
Note that when sticky session/Session Persistence is not enabled for the Remedy SSO Admin UI, the admin user behind the firewall can use a specific Remedy SSO server hostname to access admin UI instead of using the load balancer URL.
Where to go from here
If you are installing the product, perform the other preinstallation tasks listed in the Preparing to install the TrueSight Operations Management solution page.