Copying users from Remedy ITSM into BMC Digital Workplace Catalog
For each BMC Digital Workplace self-service user who requires access to view and request services from the catalog, a user account that shares the same credentials must exist in the BMC Digital Workplace Catalog database. A server system administrator can add multiple user accounts by running the user_group_sync.sh script to copy information from the Remedy IT Service Management server that hosts the accounts that BMC Digital Workplace uses.
Before you begin
- Make sure you have set the Oracle JDK or OpenJDK home path. Specify the name of the Java home folder. For more information on other installation parameters, see BMC Digital Workplace Catalog installation parameter reference.
- Complete the tasks in Configuring BMC Remedy Single Sign-On integration for BMC Digital Workplace Catalog.
- Complete the tasks in Performing the BMC Digital Workplace Catalog installation.
- Make sure you can log in to the application server and run scripts in the installLocation folder.
Details about the user_group_sync.sh script
The user_group_sync.sh script is inside the <installLocation>/artools folder. You can run the script from the command line, with options for setting the source and target databases.
After the first time you configure and run the process, you can set up a cron job to run the task automatically at specific times.
The copy process runs in a single direction from Remedy ITSM to BMC Digital Workplace Catalog. Also, the script only adds users; it does not delete users.
If many users exist in the Remedy ITSM database, the first time the user copy task is run, it might take a long time to complete. In the future, the process should take less time to complete because less data should be transferred.
The script copies the information from the following fields in the User table:
- Full name
- Login name
These fields are required to request catalog services. For security reasons, when the script copies user information, the process does not transfer the passwords. Remedy Single Sign-On must be configured for authentication to enable self-service users to have the appropriate access to view and request services.
User entitlement groups
Import the users from Remedy ITSM as individual users, and create virtual marketplaces by using custom filters that read the user's information from the connected Remedy system. For more information, see Creating virtual marketplace entitlements.
To prepare the Remedy ITSM user sync utility
- As a Demo user, log in to the BMC Remedy Mid Tier configured for BMC Digital Workplace Catalog.
- In the left navigation panel, select AR System Administration > AR System Administration Console.
- Select System>General> Centralized Configuration.
- Click the Component Name field, and select arsys.server.shared.
- Change the value for Crossref-Blank-Password to T.
If the value is absent, click Add, and create a new one.
- Click Apply.
- Restart the dwpcontroller.
Users may not need to configure a separate Mid Tier for BMC Digital Workplace Catalog. Instead, they can configure the ar.conf file located on the BMC Digital Workplace Catalog AR System server:
- In the ar.conf file, add
Crossref-Blank-Password: T External-Authentication-RPC-Socket: 390695 Authentication-Chaining-Mode: 1 External-Authentication-Sync-Timeout: 0
- Save the file.
- Restart the dwpcontroller.
To run the user_group_sync.sh
If you are upgrading from version 19.08 or earlier, you must rerun the sync after completing the upgrade. Use the following query to clear the last run timestamp from the tenant database before following the steps mentioned below.
Update myit_sb_TenantConfiguration set UserSyncLastRun=NULL
On the server, go to <installLocation>/artools, as shown in the following example.
# cd /opt/bmc/digitalworkplace/artools
In a text editor, edit the script parameters in angle brackets with values from your system.Example
./user_group_sync.sh -itsm_s <bmc-itsm-server-host> -itsm_u <bmc-itsm-sample-user> -itsm_p <bmc-itsm-sample-password> -itsm_a <bmc-itsm-sample-port> -sb_s <bmc-dwpcatalog-host> -sb_u <bmc-dwpcatalog-user>@<BMC_AR_TENANT_DOMAIN_NAME> -sb_p <bmc-dwpcatalog-password> -sb_a <BMC_AR_PORT> -sb_aw <bmc-dwpcatalog-sample-port> -sb_proto <http|https> -sb_group_creation <group-option> -skip_disabled <true|false> >> /var/log/sb_user_sync.log
Parameter Placeholder value Description
Specify the Remedy ITSM server host name.
Specify the Remedy ITSM server administrative account name.
Specify the Remedy ITSM server administrative account password.
If the password is blank, escape the quotes (
Specify the Remedy ITSM server default port.
Specify the host name of the BMC Helix Digital Workplace server.
Specify the BMC Digital Workplace Catalog administrative account and tenant domain name.
Specify the BMC Digital Workplace Catalog administrative user account password.
Specify the BMC Digital Workplace Catalog platform port number.
Specify the BMC Digital Workplace Catalog application port.
http | https
Specify HTTP for non SSL, and HTTPS for SSL connections.
Specify the preferred group creation method (
c | co | cod), or specify
noneto not create any groups.
trueto import only users in Enabled status,
falseto import all users.
Specify the location of the keystore for your application server's certificate.
Specify the password to access the keystore of your application server's certificate.
- After you have entered the required values, copy the text into the clipboard.
While in <installLocation>/artools directory, paste the command into your terminal and press Enter to run the command.Example
./user_group_sync.sh -itsm_s bmc-itsm-sample.com -itsm_u Demo -itsm_p \"\" -itsm_a 0 -sb_s bmc-dwpcatalog-sample.com -sb_u email@example.com -sb_p password -sb_a 9988 -sb_aw 8008 -sb_group_creation none -skip_disabled true >> /var/log/sb_user_sync.log
If you are running the user sync on an application which has SSL configured, add the
-ts_passwordparameters to the command.
The system does not show a visible status as it exports all of the CTM:People user records from Remedy ITSM, and attempts to create new records in BMC Digital Workplace Catalog. Error messages appear on the screen as the script exits.
To check the status of the copy process, open a second terminal window to log in to the same server, and view the following log file: /var/log/sb_user_sync.logExample
tail -f /var/log/sb_user_sync.log
To configure a scheduled task to the run user_group_sync.sh process
You do not need to schedule a cron task if users do not change active status, company, organization, or department frequently. Instead, run the script manually to capture changes to the Remedy ITSM user database.
After the script has run successfully from the command line, add the command to the list of scheduled cron tasks.
Open the crontab editor.
Set the task to run on the required schedule.Example
# Example to run every 15 minutes: */15 * * * * cd /opt/bmc/digitalworkplace/artools && ./user_group_sync.sh -itsm_s bmc-itsm-sample.com -itsm_u Demo -itsm_p \"\" -itsm_a 0 -sb_s bmc-dwpcatalog-sample.com -sb_u firstname.lastname@example.org -sb_p password -sb_a 9988 -sb_aw 8008 -sb_group_creation none -skip_disabled true >> /var/log/sb_user_sync.log
Save the crontab file.
To establish the connection between Remedy ITSM and BMC Digital Workplace Catalog
To make the BMC Digital Workplace Catalog options available for Remedy ITSM users, you must configure an appropriate connection:
- In BMC Digital Workplace Catalog, go to Services > Connectors, and open a Remedy connector.
- In the Connection Options panel, enter host, port, user, and password.
- Save the changes.
The connection is established.
Where to go from here
Complete the remaining procedures in Configuring after installation of BMC Digital Workplace Catalog that are required for your deployment scenario, and then perform the procedure described in Integrating Remedy applications with BMC Digital Workplace Catalog