Preparing to install Remedy SSO with the Remedy installer
Before installing Remedy SSO, ensure that your environment meets the installation requirements, and complete the tasks described in this section.
Complete the pre-installation tasks for Remedy SSO
Before installing Remedy SSO, ensure the following:
If you have installed an earlier version of Remedy SSO, check if it is compatible with the TrueSight Presentation Server. If it is not, upgrade to a compatible version. For details, see
Ensure that the target computer meets the for Remedy SSO.
- Review the issues section for any installation-related issues.
- Plan to host Remedy SSO on the same network domain or one of the parent domains on which you plan to install other TrueSight products to avoid any access related issues.
- Ensure that you have the following privileges to install:
- (Windows) You can install Remedy SSO as an administrator or as a non-administrator user. The non-administrator user must be a part of the Administrators group.
(Linux) You must install Remedy SSO as a non-root user only. To be able to perform the installation, a non-root user needs the following permissions:
- Read, write, and execute permissions for Remedy SSO installation directory and /tmp directory.
- Read and write permissions for the /opt/bmc directory.
The ProductRegistry.xml file is created in the /opt/bmc directory. Therefore, the /opt/bmc directory requires read and write permissions. If the bmc directory does not exist, create it with read and write permissions.
- The Remedy SSO installer does not include Tomcat. Download and install the latest stable version of Tomcat 7.x or later.
- Install and configure the Tomcat server before installing Remedy SSO. Tomcat and Remedy SSO must be installed in different folders.
- The database that you are planning to use must be accessible from the host computer on which you want to install Remedy SSO.
- Configure the required security level for the installation environment.
- (Linux) Ensure that the system default locale is set to UTF-8.
Security Planning for Remedy SSO
Review the following sections to understand the security requirements:
For standalone installations, HTTPS must be configured on the Tomcat server in the server.xml file.
When HTTPS in configured, the interactions between end users and the Remedy SSO node happen only through HTTPS. However, the interactions between integrated applications and the Remedy SSO node happen through either HTTP or HTTPS, depending on the configuration.
For high availability installations, HTTPS must be configured on the load balancer. When HTTPS is configured, interactions between end users and the load balancer happen through HTTPS connections.
The interactions between the load balancer, the Remedy SSO nodes, and the supported BMC applications happen through HTTP.
Remedy SSO supports the X-Forwarded-Proto and X-Forwarded-Host headers that might be sent by the load balancer with a request. Remedy SSO considers the information that comes from the headers while it is generating a login URL (pointing to the Remedy SSO server) for the end user. This feature keeps all external traffic secure, though the internal traffic, which happens behind the load balancer, may not be secure.
Database permissions for Remedy SSO
Ensure that you have database user credentials with permissions to create tables and read/write data to them, or you have admin credentials to create such a user during installation. You can use the following script examples for creating such permissions:
Use a new database name for Remedy SSO to prevent table name conflicts with the Configuration table. If you are using Oracle, create a new schema for Remedy SSO before running the Remedy installer, and select the new database during installation.
- To manually create a Microsoft SQL Server database, see
- To manually create an Oracle database, see
- To manually create a PostgreSQL database, see
Sticky session for Remedy SSO HA load balancer
Starting from version 9.1.03.001, the Remedy SSO Admin UI does not need sticky sessions to function in an HA environment.
For earlier versions, the Remedy SSO Admin UI requires sticky session/Session Persistence in an HA environment. This is accomplished by enabling sticky session/Session Persistence on the load balancer. Different load balancers have different configurations to enable a sticky session/Session Persistence. Refer to the specific load balancer documentation or ask the vendor for detais about the configuration.
Note that when sticky session/Session Persistence is not enabled for the Remedy SSO Admin UI, the admin user behind the firewall can use a specific Remedy SSO server hostname to access admin UI instead of using the load balancer URL.
Where to go from here
If you are installing the product, perform the other preinstallation tasks listed in the Preparing to install the TrueSight Operations Management solution page.