×
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
 
 

Unsupported content

 

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

BMC Decision Support for Server Automation 8.6 ... Installing Configuring after installation Administering security

Configuring the Authentication Service

The Authentication Service is a program implemented within a 

    MultiExcerpt named 'BladeLogic' was not found
The multiexcerpt named 'BladeLogic' was not found. Please check the page name and MultiExcerpt name used in the MultiExcerpt Include macro. Authentication Server that is responsible for authenticating users and issuing session credentials.

In 

    MultiExcerpt named 'BladeLogic' was not found
The multiexcerpt named 'BladeLogic' was not found. Please check the page name and MultiExcerpt name used in the MultiExcerpt Include macro., the Authentication Server is always part of an Application Server when the Application Server type is set to CONFIGURATION or ALL. For 
    MultiExcerpt named 'Product_Name' was not found
The multiexcerpt named 'Product_Name' was not found. Please check the page name and MultiExcerpt name used in the MultiExcerpt Include macro., the Authentication Server stands alone and is not associated with any particular Application Server.

A default installation of 

    MultiExcerpt named 'Product_Name' was not found
The multiexcerpt named 'Product_Name' was not found. Please check the page name and MultiExcerpt name used in the MultiExcerpt Include macro. sets up a stand-alone Authentication Service, called BMC SARA Authentication (Windows) and blauthservice (UNIX). This service authenticates users associated with multiple Application Servers. When a user successfully authenticates, the Authentication Service for reports issues single sign-on (SSO) credentials to the user.

Unlike other 

    MultiExcerpt named 'BladeLogic' was not found
The multiexcerpt named 'BladeLogic' was not found. Please check the page name and MultiExcerpt name used in the MultiExcerpt Include macro. applications, 
    MultiExcerpt named 'Product_Name' was not found
The multiexcerpt named 'Product_Name' was not found. Please check the page name and MultiExcerpt name used in the MultiExcerpt Include macro. must be able to refresh the SSO credentials for you so that you can run recurring reporting jobs even after the current session ends.

To enable credential refreshing

  1. On the reports server, start the Application Server Administration console (the blasadmin utility).

  2. Specify that the SSO credentials issued by the Authentication Service can be refreshed, by entering the following command:

    set AuthServer isSSOCredRefreshEnabled true

    By default, the installation program for 

      MultiExcerpt named 'Product_Name' was not found
    The multiexcerpt named 'Product_Name' was not found. Please check the page name and MultiExcerpt name used in the MultiExcerpt Include macro. sets this value to true.

  3. Specify the maximum amount of time a renewable session credentials can be used by entering the following command:

    set AuthServer MaximumSessionCredentialLifetime <#>

    <#> is a value in minutes. By default the installation program for 

      MultiExcerpt named 'Product_Name' was not found
    The multiexcerpt named 'Product_Name' was not found. Please check the page name and MultiExcerpt name used in the MultiExcerpt Include macro. sets this value in minutes that equals six months. 

  4. Specify the duration for any session credentials that the Authentication Server issues by entering the following command:

    set AuthServer SessionCredentialLifetime <#>

    <#> is a value in minutes. In a reports context, credentials can be renewed until the MaximumSessionCredentialLifetime value is reached. 


    Values of MaximumSessionCredentialLifetime and SessionCredentialLifetime are set as follows: 


    MaximumSessionCredentialLifetime < 
    SessionCredentialLifetime    		SessionCredentialLifetime is set to the same value as MaximumSessionCredentialLifetime
    MaximumSessionCredentialLifetime = 0 or NoneMaximumSessionCredentialLifetime is set to the same value as SessionCredentialLifetime.


    For information about how to set the SessionCredentialLifetime option, see Configuring the Authentication Service in the BMC Server Automation documentation.

  5. Specify whether session credentials can be refreshed by a host other than the host to which the credentials were originally issued by entering the following command:

    set AuthServer isSsoRefreshHostnameCheckEnabled true


    BMC recommends that you set this option to false only when the reports server does not have a static IP address.

  6. Restart the Authentication Service.
Was this page helpful? Yes No Submitting... Thank you
Last modified by Sulekha Gulati on Aug 08, 2014
refreshing configuration security administration credentials authentication_service authetication_server

Comments

Logging on with a different role
Configuring data encryption
© Copyright 2021 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2021 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.