×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.
BMC Decision Support for Server Automation 8.6 ... Installing Configuring after installation Administering security Implementing authentication Domain authentication Configuring for domain authentication

Configuring the Authentication Server to refresh domain session credentials

BMC BladeLogic Decision Support for Server Automation relies on the ability to refresh session credentials when executing scheduled jobs. This feature allows you to run scheduled reports without you to authenticate again.

When refreshing session credentials, the Authentication Service validates the user account on the directory server. The account must exist and be enabled for logging on.

To refresh session credentials, the Authentication Service might need to authenticate itself to the directory server. If authentication is required, you must define a default LDAP URL and search base. These step are required only if you follow the more secure approach for domain authentication.

To configure an Authentication Server to refresh domain session credentials

  1. On the reports server, start the Application Server Administration console (the blasadmin  utility) as follows.
    • (Windows) Navigate to the BDSSAInstallationDirectoty\bin directory and enter the following command: blasadmin.
    • (UNIX) Navigate to the BDSSAInstallationDirectoty/br directory and enter the following command: blasadmin.

  2. Instruct the Authentication Service to validate Active Directory users with the Active Directory server before refreshing their credentials by entering all of the following commands:

    set AuthServer isActiveDirectoryLdapCheckEnabled true
set AuthServer activeDirectoryLdapUrl <URL>
set AuthServer activeDirectorySearchBase <search>

    Note

    If you set isActiveDirectoryLdapCheckEnabled to true, it is mandatory to set the value of other two parameters.


    In the preceding commands:

    • <URL> is the URL of the Active Directory LDAP server. The LDAP server is typically located on the KDC, such as ldap://sub1.dev.mycompany.com:389.

    • <search> provides a string that specifies where to start looking for user accounts on the directory server. For example, you might enter DC=SUB1, DC=DEV, DC=MYCOMPANY, DC=COM, which instructs the Active Directory server to begin searching in the SUB1.DEV.MYCOMPANY.COM object in the LDAP directory.

      Note

      If you do not want the Authentication Service to validate Active Directory users with the Active Directory server, set the isActiveDirectoryLdapCheckEnabled parameter to false.

  3. Restart the Authentication Service.
Was this page helpful? Yes No Submitting... Thank you
Last modified by Sulekha Gulati on Mar 21, 2014

Comments

Log in or register to comment.

Configuring the Authentication Service for domain authentication
RSA SecurID authentication
© Copyright 2024 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.