Setting up Local User Management authentication in Remedy SSO

You can configure the Remedy SSO server to authenticate the TrueSight Presentation Server users as local users. Remedy SSO provides you the facility to authenticate local users. A local user represents an individual user who accesses the protected application. The local users are assigned to groups (roles). Groups (roles) represents the groups or roles in your organization and is used to control user access. 

Perform the following tasks in Remedy SSO for enabling the user authentication:

  • Add local users to the appropriate realm.
  • Create the groups (roles) needed by your organization.
  • Assign users to the appropriate groups (roles).
  • Configure Remedy SSO to use local user management authentication.

The following topics help you to perform the above tasks in Remedy SSO and create an authorization profile in the TrueSight console:

Related topics

Configuring the general settings in Remedy SSO

Configuring tenants in Remedy SSO

Managing authorization profiles

Role-based access

Before you begin

  • You must have installed and configured the Remedy SSO to work with the TrueSight Presentation Server and its component products. For details, see  Planning to deploy Remedy SSO   and   Installing Remedy Single Sign-On.
  • You must migrate the internal user data from Atrium SSO to Remedy SSO. For details, see  Migrating internal user data from Atrium SSO to Remedy SSO.
  • You must have set the Remedy SSO general settings. For details, see  Configuring the general settings in Remedy SSO.
  • You must have configured tenants to be used with the TrueSight Presentation Server. For details, see Configuring tenants for the Presentation Server in Remedy SSO.

Configuring Local Users and Groups in Remedy SSO

You can add, search for, edit, and delete users. You can also change user passwords. Similarly,  you can add groups (roles) to a realm, add users to groups (roles), and remove users from groups (roles).

To add a user using Local User Management

  1. Log in to the administration console of Remedy SSO.

  2. Click Local User Management.
  3. In the Users tab, from the Realm drop down list, select a Realm.
  4. Click Add User.

  5. Complete the following fields:

    FieldDescription
    Login Name

    Enter the user's login name. The Login name is case insensitive.

    Note: You cannot modify the login name after it is created.

    User NameEnter the user's full name.
    PasswordEnter the user's password. Ensure that you do not include spaces at the beginning or end of the password. Spaces are allowed between the first and last password characters.
    Confirm PasswordReenter the user's password.
    Description (Optional)Provide a description of the user.
    Enabled (Optional)Select this option to enable the user to log into the BMC application.
  6. Click Add.

To edit a user using Local User Management

  1. In the Users tab, from the Realm drop down list, select a Realm.
  2. Locate the user and click Edit  in the Action column.

    Note

    If you disable the user who is currently logged into a BMC application, the user remains logged in.

  3. Make your changes and click Save.

To delete a user using Local User Management

In the Users tab, select a Realm, locate the user, click Delete  in the Action column, and confirm the deletion.

To change the user password 

  1. In the Users tab, select a Realm.
  2. Locate the user and click Change Password  in the Action column.
  3. Enter the new password, then enter the password again in the Confirm Password field.
  4. Click Change Password.

To search for a user

In the Users tab search field enter the search criteria using the following format and then press Enter.
text=<searchText/*> AND enabled=<true/false/*>
The following table describes how to use the search criteria:

Search criteriaDescription
text=<searchText/*>

Use text= to enter a string to search on the value of one of the following fields: User Name, Login Name, Description.

You can pass a partial search value enclosed in % for text to search for all users having the partial search value in one of the User Name, Login Name, or Description fields.

You can use an asterisk as a wildcard to return all users.

Examples:

  • text=BMC returns users with the exact value of "BMC" in one of the 3 fields.
  • text=%BMC% returns users with "BMC" as a partial value, such as "BMCadmin" as User Name.
  • text=* AND enabled=true returns all enabled users.
enabled=<true/false/*>

Use enabled= to enter a string to search on users' enabled state.

You can use an asterisk as a wildcard to return users in any enabled state.

Examples:

  • enabled=false returns disabled users.
  • text=* AND enabled=* returns all users (enabled and disabled).
  • text=BMC AND enabled=true returns all enabled users with the exact value of "BMC" in one of the 3 fields.

To add group (roles) to a realm

  1. In the Remedy SSO console's Local User Management window, click Group (Roles).
  2. In the Users tab, from the Realm drop down list, select a Realm.
  3. Click Add Group (Role).

    1. Provide information in the following fields (asterisk denotes a required field).

      FieldDescription
      Group (Role) Name

      Enter the group (role) name.

      Note: You cannot modify the group (role) name after it is created.

      DescriptionEnter a description for the group (role) name.
  4. Click Save  in the Action column.

To add users to or remove users from a role

  1. In the Remedy SSO console's Local User Management window, click Group (Roles).
  2. In the Group (Roles) tab, select a Realm.
  3. Locate the group (role) and click Assign/Remove User(s)  in the Action column.
  4. Use the appropriate procedure to assign or remove users to or from the group (role).
    • To assign users to a group (role)
      • In the Available Users column, select one or more users and click Assign to move the users to the Assigned users column.
      • To assign all users in the list, select the top check box in the Available users column, and click Assign to move the users to the Assigned users column.
      • Search for users in the Search field of the Available users column, select them, and click Assign to move them to the Assigned users column.
    • To remove users from a group (role)
      • In the Assigned User column, select one or more users and click Remove to move the users to the Available users column.
      • To remove all users in the list, select the top check box in the Assigned users column, and click Remove to move the users to the Available users column.
      • Search for users in the Search field of the Assigned users column, select them, and click Remove to move them to the Available users column.
  5. Click Done.

To create or edit an authorization profile with Local users in the Presentation Server

  1. Log in to the TrueSight console as a Super Admin.
  2. Navigate to Administration>Authorization Profiles.
  3. Create a new authorization profile or edit an existing authorization profile to associate the user groups.
  4. Select the tenant that you configured in Remedy Single Sign-On for LOCAL users and select Edit under User Groups
  5. Click Add and select the LOCAL user group from the list of user groups.
  6. Select a role from the list roles.
  7. (Optional) Select an object from the list of object.
  8. Select OK and then Save.
  9. Select Yes to confirm changes to the authorization profile.
  10. Log out of the TrueSight console.
  11. Log in to the TrueSight console as a LOCAL user.

Was this page helpful? Yes No Submitting... Thank you

Comments