×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Important

   

This version of the product has reached end of support. The documentation is available for your convenience. However, you must be logged in to access it. You will not be able to leave comments.
TrueSight Network Automation 8.9 Planning

Authentication

Authentication is the process of verifying the identity claimed by a system entity. Often that entity is a user, but in some situations the entity is a service. TrueSight Network Automation supports the following authentication mechanisms:

  • Local
  • Active Directory
  • LDAP
  • RADIUS
  • TACACS/TACACS+
  • SAML 2.0

This topic provides the tasks that you need to perform to support the SAML 2.0 mechanism. Details needed for the other authentication mechanisms are described on the Application server installation worksheets page.

Supporting SSO mechanism

Starting from version 8.9.04, TrueSight Network Automation supports SSO. To implement SSO for the GUI-based interface, TrueSight Network Automation uses the SAML 2.0 protocol and for the non-GUI based interfaces, such as SSH Proxy and REST services, TrueSight Network Automation uses the OAuth 2.0 protocol. TrueSight Network Automation supports SSO with CA Single Sign-On and Okta as Identity Providers (IdP).

Before you begin

Ensure that the time on the Identity Provider (IdP) server and the TrueSight Network Automation application server is in sync.

Supporting SSO for GUI-based interface

To enable SSO on the GUI-based interface, perform the following tasks:

  1. Before installing TrueSight Network Automation, register the TrueSight Network Automation application on the IdP server with SAML authentication. While registering, provide the following parameters:
    • TrueSight Network Automation URL in the following format: https://hostName:portNumber/bca-networks/main/displayMain.do.
      hostName indicates the name of the computer where you want to install TrueSight Network Automation. portNumber indicates the port number for https communication.
    • HTTP Binding  as POST
    • NameIDFormat as Transient
  2. Choose SAML 2.0 as the authentication mechanism on the Authentication Source panel while installing TrueSight Network Automation. 
  3. (Optional) To enable other SSO users (except the Administrator with which you have installed TrueSight Network Automation) for SAML 2.0 authentication, log on to TrueSight Network Automation GUI and select the Automatically Add New Users As parameter on the System parameters page.

Supporting SSO for non-GUI based interfaces

To enable SSO on non-GUI based interfaces, perform the following tasks:

  1. Choose SAML 2.0 as the authentication mechanism on the Authentication Source panel while installing TrueSight Network Automation.
  2. Register TrueSight Network Automation on the IdP server as an OAuth application.
  3. Configure the Enable OAuth Integration parameter on the System parameters page.
Was this page helpful? Yes No Submitting... Thank you
Last modified by Sulekha Gulati on Dec 15, 2020

Comments

Log in or register to comment.

Supported devices
Security planning
© Copyright 2013 - 2019 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.