This documentation supports the 20.02 version of BMC Digital Workplace Advanced.

To view an earlier version, select the version from the Product Version menu.

Copying users from Remedy ITSM into BMC Digital Workplace Catalog

For each BMC Digital Workplace self-service user who requires access to view and request services from the catalog, a user account that shares the same credentials must exist in the BMC Digital Workplace Catalog database. A server system administrator can add multiple user accounts by running the user_group_sync.sh script to copy information from the Remedy IT Service Management server that hosts the accounts that BMC Digital Workplace uses.

Before you begin

Details about the user_group_sync.sh script

The user_group_sync.sh script is inside the <installLocation>/artools folder. You can run the script from the command line, with options for setting the source and target databases.

After the first time you configure and run the process, you can set up a cron job to run the task automatically at specific times.

The copy process runs in a single direction from Remedy ITSM to BMC Digital Workplace Catalog. Also, the script only adds users; it does not delete users.

If many users exist in the Remedy ITSM database, the first time the user copy task is run, it might take a long time to complete. In the future, the process should take less time to complete because less data should be transferred.

User information

The script copies the information from the following fields in the User table:

  • Full name
  • Login name
  • Email

These fields are required to request catalog services. For security reasons, when the script copies user information, the process does not transfer the passwords. Remedy Single Sign-On must be configured for authentication to enable self-service users to have the appropriate access to view and request services.

User entitlement groups

When you run the user_group_synch.sh script, specify one of four recognized values for the -sb_group_creation parameter to direct the script to create up to three levels of user entitlement groups, or not create any groups. The groups are used only when creating virtual marketplaces as a quick way to entitle multiple users at once, and are not linked to existing Remedy groups.

You do not need to create groups when copying users from Remedy ITSM. Instead, you can import the users as individual users, and create virtual marketplaces by using custom filters that read the user's information from the connected Remedy system. For more information, see Creating virtual marketplace entitlements.

Users are added to the groups as they are created. The following table shows the options you can specify for the -sb_group_creation switch and the levels of groups that are created.

Note

The default value for this parameter is set to none.

Parameter valueGroup nameExample based on pattern
cCompanyCalbro Services
coCompany - OrganizationCalbro Services - Finance and administration
codCompany - Organization - DepartmentCalbro Services - Finance and administration - Accounts receivable
none(Not applicable)(Not applicable)

To prepare the Remedy ITSM user sync utility

  1. As Demo user, log in to the BMC Remedy Mid Tier configured for BMC Digital Workplace Catalog.
  2. Select AR System Administration Console.
  3. Open the Common Server Configuration panel.
  4. Select Centralized Configuration.
  5. Click Component Name, and select arsys.server.shared.
  6. For the arsys.server.shared component type, select shared from the Component Name list.
  7. Change the value for Crossref-Blank-Password to T.
  8. Save the changes.
  9. Restart the dwpcontroller.

To run the user_group_sync.sh

Tip

If you are upgrading from version 19.08 or earlier, you must rerun the sync after completing the upgrade. Use the following query to clear the last run timestamp from the tenant database before following the steps mentioned below.

Update myit_sb_TenantConfiguration set UserSyncLastRun=NULL


 When you run the script for the first time, the date tracking file will be empty. When the script reads an empty date tracking file, the script will first test that the user exists in the database to avoid creation of duplicate entries.

  1. On the server, go to <installLocation>/artools, as shown in the following example.

    Example
    # cd /opt/bmc/digitalworkplace/artools
    1. In a text editor, edit the script parameters in angle brackets with values from your system.

      Example
      ./user_group_sync.sh -itsm_s <bmc-itsm-server-host> -itsm_u <bmc-itsm-sample-user> -itsm_p <bmc-itsm-sample-password> -itsm_a <bmc-itsm-sample-port> -sb_s <bmc-dwpcatalog-host> -sb_u <bmc-dwpcatalog-user>@<BMC_AR_TENANT_DOMAIN_NAME> -sb_p <bmc-dwpcatalog-password> -sb_a <BMC_AR_PORT> -sb_aw <bmc-dwpcatalog-sample-port> -sb_proto <http|https>  -sb_group_creation <group-option> -skip_disabled <true|false> >> /var/log/sb_user_sync.log


      ParameterPlaceholder valueDescription
      itsm_s

      bmc-itsm-server-host

      Specify the Remedy ITSM server host name.
      itsm_u

      bmc-itsm-sample-user

      Specify the Remedy ITSM server administrative account name.
      itsm_p

      bmc-itsm-sample-password

      Specify the Remedy ITSM server administrative account password.
      If the password is blank, escape the quotes (\"\").
      itsm_a

      bmc-itsm-sample-port

      Specify the Remedy ITSM server default port.
      sb_s

      bmc-dwpcatalog-host

      Specify the host name of the BMC Helix Digital Workplace server.

      sb_u

      bmc-dwpcatalog-user@BMC_AR_TENANT_DOMAIN_NAME

      Specify the BMC Digital Workplace Catalog administrative account and tenant domain name.

      sb_p

      bmc-dwpcatalog-password

      Specify the BMC Digital Workplace Catalog administrative user account password.

      sb_a

      BMC_AR_PORT

      Specify the BMC Digital Workplace Catalog platform port number.

      sb_aw

      bmc-dwpcatalog-sample-port

      Specify the BMC Digital Workplace Catalog application port.

      sb_proto
      http | https
      Specify HTTP for non SSL, and HTTPS for SSL connections.
      sb_group_creation

      group-option

      Specify the preferred group creation method (c | co | cod), or specify none to not create any groups.
      skip_disabled

      true|false

      Specify true to import only users in Enabled status, false to import all users.
      ts_path/opt/certs/catalog.jksSpecify the location of the keystore for your application server's certificate.
      ts_passwordpasswordSpecify the password to access the keystore of your application server's certificate.

  2. After you have entered the required values, copy the text into the clipboard.
  3. While in <installLocation>/artools directory, paste the command into your terminal and press Enter to run the command.

    Example
    ./user_group_sync.sh -itsm_s bmc-itsm-sample.com -itsm_u Demo -itsm_p \"\" -itsm_a 0 -sb_s bmc-dwpcatalog-sample.com -sb_u hannah_admin@calbroservices.com -sb_p password -sb_a 9988 -sb_aw 8008 -sb_group_creation none -skip_disabled true >> /var/log/sb_user_sync.log

    Note

    If you are running the user sync on an application which has SSL configured, add the -ts_path and -ts_password parameters to the command.


    The system does not show a visible status as it exports all of the CTM:People user records from Remedy ITSM, and attempts to create new records in BMC Digital Workplace Catalog. Error messages appear on the screen as the script exits.

  4. To check the status of the copy process, open a second terminal window to log in to the same server, and view the following log file: /var/log/sb_user_sync.log

    Example
    tail -f /var/log/sb_user_sync.log

To configure a scheduled task to the run user_group_sync.sh process

Tip

You do not need to schedule a cron task if users do not change active status, company, organization, or department frequently. Instead, run the script manually to capture changes to the Remedy ITSM user database.

After the script has run successfully from the command line, add the command to the list of scheduled cron tasks.

  1. Open the crontab editor.

  2. Set the task to run on the required schedule.

    Example
    # Example to run every 15 minutes:
    */15 * * * * cd /opt/bmc/digitalworkplace/artools && ./user_group_sync.sh -itsm_s bmc-itsm-sample.com -itsm_u Demo -itsm_p \"\" -itsm_a 0 -sb_s bmc-dwpcatalog-sample.com -sb_u hannah_admin@calbroservices.com -sb_p password -sb_a 9988 -sb_aw 8008 -sb_group_creation none -skip_disabled true >> /var/log/sb_user_sync.log
  3. Save the crontab file.

To establish the connection between Remedy ITSM and BMC Digital Workplace Catalog

To make the BMC Digital Workplace Catalog options available for Remedy ITSM users, you must configure an appropriate connection:

  1. In BMC Digital Workplace Catalog, go to Services > Connectors, and open a Remedy connector.
  2. In the Connection Options panel, enter host, port, user, and password.
  3. Save the changes.
    The connection is established.

Where to go from here

Complete the remaining procedures in Configuring after installation of BMC Digital Workplace Catalog that are required for your deployment scenario, and then perform the procedure described in Integrating Remedy applications with BMC Digital Workplace Catalog

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Joel Bongard

    Hello,

    its mentioned that the script only adds users. Is there an elegant way to delete users? And how we can prevent certain users from being copied?

    Many Thanks

    Apr 06, 2020 03:50
    1. Ravee Panjwani

      Thanks for your comment, Joel.

      We need some additional details to be able to answer your question. Do you want to only delete users from BMC Digital Workplace? Also, what kind of users do you want to prevent from being copied?

      If you haven't already seen this topic, please see Creating and managing users.

      Thanks,
      Ravee

      Apr 08, 2020 06:48
  2. Thad Esser

    It appears that the "-lock_file" option is ignored or is no longer valid in 20.02? I just upgraded from 19.05 and having that in my command line caused issues. Its not in the list of parameters displayed in the help text displayed on the server and looking through the script, it is ignored and not used. Perhaps remove it from the docs above, or at least make mention for folks that are upgrading that it is no longer used and should be removed from any scheduled cronjobs.

    Apr 17, 2020 06:33
    1. Ravee Panjwani

      Thanks for your comment, Thad.

      You are right about the option not being available for version 20.02, I will update the documentation to remove it.

      Thanks,
      Ravee

      Apr 28, 2020 04:25
  3. Ezra Wise

    It should be noted that the 'user_group_sync.sh' script has changed in 20.02. It appears to no longer take the '-sb_group_creation' option (or at least won't accept an argument of "none") and the '-skip_disabled' no longer accepts a "true"/"false" argument. Anyone upgrading from a previous version that has a cron job set up automatically sync ITSM users into DWP Catalog will start to experience sync errors because of these changes. Also, the "./user_group_sync.sh ..." examples provided above do not work for v20.02.

    Jun 29, 2020 08:18
    1. Ravee Panjwani

      Thanks for your comment, Ezra Wise.

      The -date_file and -lock_file parameters were removed in version 20.02, however, the -sb_group_creation has not changed. If you have upgraded from a previous version and need to rerun the sync, please try using this query to clear the last run timestamp first → Update myit_sb_TenantConfiguration set UserSyncLastRun=NULL

      Thanks,
      Ravee

      Jun 30, 2020 05:16
      1. Ezra Wise

        Thank you for confirming, Ravee. Because I was still using the -lock_file parameter and the -sb_group_creation and -skip_disabled parameters both followed it in my command, I suspect that is why it was complaining about those arguments. Funny that it did not, however, show any errors with the -lock_file parameter, itself. I will adjust my command accordingly.

        Jun 30, 2020 05:27
        1. Ravee Panjwani

          Thanks for confirming, Ezra Wise

          Jun 30, 2020 05:53
  4. Conrad Pereira

    Hi,

    This statement "When the script reads an empty date tracking file, the script will first test that the user exists in the database to avoid creation of duplicate entries."

    Please provide the location of this date tracking file as this directory /opt/bmc/sync does not seem to exist in 20.02.

    Thanks.

    Jan 20, 2021 02:31