This documentation supports the 20.02 version of BMC Digital Workplace Advanced.

To view an earlier version, select the version from the Product Version menu.

Troubleshooting configuration for Remedy Single Sign-On integration

Carefully read this topic before making any major changes in your current configuration. Also, make a backup of your configuration files, operating systems, and databases before making any major changes to your database.

Make sure you have configured BMC Digital Workplace/Remedy Single Sign-On integration by following the steps documented below:

Additional checks:

  • BMC Digital Workplace and BMC Digital Workplace Catalog agent-id values should always match in both rsso-agent.properties , i.e. agent-id=dwp-agent.

Here's a good example of a standard rsso-agent.properties file.

#RSSO Agent configuration example

logout-urls=/atssologout.html

agent-id=myit-agent

excluded-url-pattern=.*\\.xml|.*\\.gif|.*\\.css|.*\\.ico|/shared/config/.*|/WSDL/.*|/shared/error.jsp|/shared/timer/.*|/shared/login_commn.jsp|/shared/view_form.jsp|/shared/ar_url_encoder.jsp|/ThirdPartyJars/.*|/shared/logout.jsp|/shared/doc/.*|/shared/images/.*|/shared/login.jsp|/services/.*|/shared/file_not_found.jsp|/plugins/.*|/shared/wait.jsp|/servlet/GoatConfigServlet|/servlet/ConfigServlet|/shared/HTTPPost.class|/shared/FileUpload.jar|/BackChannel.*|/servlet/LicenseReleaseServlet.*

sso-external-url=http://rsso.domain.com:8080/rsso/
sso-service-url=http://rsso.domain.com:8080/rsso/

com.bmc.rsso.tls.disable.checks=true

use-in-memory-cache=true

callback-url=http://dwp.domain.com:9000/dwp/app

Note

More details on: Configuring Remedy SSO agent .

If you have BMC Digital Workplace Catalog, make sure you have the ignore-tenant domain setting defined in all your applications: BMC Digital Workplace, SmartIT, Midtier.

Related topic

https://communities.bmc.com/docs/DOC-120256
 



Narrowing down Remedy Single Sign-On issues

  • Always make sure the Remedy Single Sign-On Server is able to communicate with the Remedy Single Sign-On agent's hosts servers.
    • Check your DNS/Network/Certificates/Firewalls  settings and confirm that communication is bidirectional.
    • NOTE:  curl, ping, telnet wget are good commands to check this.
      • Log on to the BMC Digital Workplace Server and run: curl -vk https://rsso.domain.com 

        Example of a working connection -if SSL is in place, output will be longer, but the output should display something like  * Connected to rssoserver  (xxxxxxx) port 443 (#0)
        This is being executed from BMC Digital Workplace Catalog to Remedy Single Sign-On. Check from Remedy Single Sign-On to BMC Digital Workplace Catalog.

        * About to connect() to http://rssoserver.domain:port/rsso port 8080 (#0)
        *   Trying xxxxx...
        * Connected to rssoserver  (xxxxxxx) port 8080 (#0)
        > GET /rsso HTTP/1.1
        > User-Agent: curl/7.29.0
        > Host:/rssoserver.domain:port
        > Accept: */*
        >
        < HTTP/1.1 302
        < Location: /rsso/
        < Transfer-Encoding: chunked
        < Date: Mon, 09 Mar 2020 16:25:48 GMT
        <
        * Connection #0 to host rssoserver.domain left intact
  • A good practice is testing Remedy Single Sign-On on a non-ssl protocol first, and then on SSL.
    • You should be able to resolve/reach Remedy Single Sign-On URL from BMC Digital Workplace Server and vice versa, this includes the load balancer URL, Server alias, and FQDN.
  • Remember that localhost URL is not supported, and you need to use Fully Qualified URLs at all times when Remedy Single Sign-On is in place.
  • It is a good practice to have Remedy Single Sign-On and the other applications running on the latest and greatest available version.
  • Running GA versions could lead to some issues.
  • If you have enabled Managed Service Provider in place, make sure that rsso-agents are configured.
    Domain entry page for MSP users

Use this troubleshooting and resolution guide whenever you're having any of the following issues:

  • The spinning wheel is displayed when users try to log on to BMC Digital Workplace via Remedy Single Sign-On.
  • Two Login pages are displayed when users try to log on to BMC Digital Workplace Catalog via Remedy Single Sign-On: Remedy Single Sign-On Login Page and BMC Digital Workplace Catalog Login Page.

  • End users see "User 'x' has no access to * realm" error message.
  • End users see "An invalid domain [.xxxx.com] was specified for this cookie" error message after enabling Remedy Single Sign-On in BMC Digital Workplace/Midtier/SmartIT.
  • End users are not able to see BMC Digital Workplace Catalog Offerings in BMC Digital Workplace.

Issue scope

  • What's the actual problem? (Elaborate on the issue, explain the behavior and mention the error messages you're getting, what are you expecting to see, etc)
  • How many users are being affected by this and where (Prod, Test, QA, Go-live)?
  • What's the impact of the issue?
  • How can this be reproduced? (Frequency)
  • Was this ever working? If yes, what changed/happened when things stopped working?

Diagnosing and reporting an issue

Instructions: After you identify the symptoms and scope of the issue, use this troubleshooting guide to help the customer diagnose and resolve the issue or to create a BMC Support case. 

ActionStepsReference

Troubleshooting BMC Digital Workplace-Remedy Single Sign-On integration




Enable Remedy Single Sign-On Debug logging on Remedy Single Sign-On Admin Console

Working with logs

General Remedy Single Sign-On Troubleshooting scenarios

Troubleshooting common errors and issues

Troubleshooting

Self-resolve

  • Enable debug logging in both Remedy Single Sign-On Server and BMC Digital Workplace Remedy Single Sign-On agents and reproduce the issue.

  • Take note of the time when the issue is replicated.

  • Take screenshots or video while replicating the use case.
  • Get the rsso.log and rsso-agent.0.log from both Remedy Single Sign-On Servers and BMC Digital Workplace Application Servers, and do a search on SEVERE, ERROR - look for the error that is close to the time when the issue was encountered.

  • Take note of the error code and do a search in our Knowledge Base to find any relevant solutions

Note : For more information, see Resolutions for common issues below.


Prerequisite

  • You must have run the configure rsso script which is under </dwpcatalog>/sb/configure_rsso

./configure_rsso.sh

  • Example of the details you should provide:

  • Login as Demo onto BMC Digital Workplace Catalog AR Server using Midtier/User Tool, then Open Common Server Configuration-> Centralized Configuration -> arsys.server.shared→shared and update CrossRef value to T and save.

  • Restart BMC Digital Workplace Catalog Service

./dwpcontroller stop

./dwpcontroller start -u Demo -p password

Starting and stopping the BMC Digital Workplace Catalog server

  • Confirm that EA RPC processes are running on 390695

ps -auxwe | grep 390695

root     29780  0.0  0.0 112712   972 pts/0    S+   10:21   0:00 grep --color=auto 390695 XDG_SESSION_ID=8161 HOSTNAME=clm-aus-ta8r7l TERM=xterm SHELL=/bin/bash HISTSIZE=1000 BMC_AR_SERVER_HOME=/opt/bmc/digitalworkplace SSH_CLIENT=172.21.51.179 1044 22...


Confirm that the Remedy Single Sign-On configuration files exist in its corresponding directory and are configured for each application.

BMC Digital Workplace

FileLocation
rsso-agent.properties<tomcat8.5>/external-conf/
sso-sdk.properties<tomcat8.5>/external-conf/
rsso-agent-all.jar<tomcat8.5>/tomcat8.5/external-conf/lib/
rsso-client-impl.jar<tomcat8.5>/tomcat8.5/external-conf/lib/
rsso-sdk-atsso.jar<tomcat8.5>/tomcat8.5/external-conf/lib/


BMC Digital Workplace Catalog

FileLocation
gson-x.x.x.jar<installLocation>/pluginsvr
rsso-agent-osgi.jar

<installLocation>/deploy

rsso-agent.properties<installLocation>/conf
rsso-area-plugin-all.jar<installLocation>/pluginsvr
rsso.cfg<installLocation>/conf
slf4j-api-1.7.25.jar<installLocation>/pluginsvr


  • Make sure that the slf4j-api-1.7.25.jar entry is present in </dwpcatalog>/pluginsvr/pluginsvr_config.xml

<pathelement type="location">/opt/bmc/digitalworkplace/pluginsvr/slf4j-api-1.7.25.jar</pathelement>

  • Check for the ARSYS.AREA.RSSO tag in the pluginsvr_config.xml. If it is not present, add it and restart BMC Digital Workplace Catalog, i.e. </dwcatalog>/pluginsvr/pluginsvr_config.xml

                <name>ARSYS.AREA.RSSO</name> 
                <classname>com.bmc.rsso.plugin.area.RSSOPlugin</classname> 
                <pathelement type="location">/opt/bmc/digitalworkplace/pluginsvr/rsso-area-plugin-all.jar</pathelement> 
                 <configFile>/opt/bmc/digitalworkplace/conf/rsso.cfg</configFile>
  • Enable Remedy Single Sign-On Debug logging. For more information, see Working with logs .


BMC Digital Workplace Catalog - Remedy Single Sign-On Troubleshooting / Changing RSSO Default logging directory.

https://communities.bmc.com/docs/DOC-125881

BMC Digital Workplace - Remedy Single Sign-On Configuration Files Checklist. Working with RSSO logging

https://communities.bmc.com/docs/DOC-125922

Report

  • If you are not able to resolve this on your own, please raise a new case to BMC Support
  • File a new case in BMC Support Portal

BMC Support Page

Send diagnostics

  • Possible diagnostics

    • What's changed
    • Screen capture/Video
    • Messages/Errors/Behavior
    • Logs
    • Has this ever worked before?
  • Collect rsso.log, rsso-agent.log and dwp and dwp catalog logging while reproducing the issue.
  • Elaborate on how to reproduce the issue.
  • Provide screenshots and video, if possible.
Apply fix from BMC Support
  • BMC recommends to be on the latest and greatest available build and version there is.
  • If not possible, at least, try to be on the latest supported HF for a supported version.
  • There are some Managed Service Provider defects that were fixed in version 19.08 and later (on their latest HF)
Confirm with Support if a HF, Cumulative HF or an Upgraded is required.

Resolutions for common issues

Use BMC Communities to find the following Knowledge Articles (KAs). You can find KAs on BMC Communities using the KA number or access them using the direct links below.

You can also use bookmark the KAs.

Symptom

Link

Reference
Smart IT & BMC Digital Workplace with Remedy Single Sign-On showing spinning wheel after loginhttps://communities.bmc.com/docs/DOC-113992000158281
BMC Digital Workplace Advanced-How to Integrate BMC Digital Workplace Advanced with Remedy Single Sign-On?https://communities.bmc.com/docs/DOC-120256000163989
BMC Digital Workplace Advanced/Basic - Remedy Single Sign-On Integration broke on BMC Digital Workplace after BMC Digital Workplace upgradehttps://communities.bmc.com/docs/DOC-117139000167871
BMC Digital Workplace - Remedy Single Sign-On Configuration Files Checklist. Working with Remedy Single Sign-On logginghttps://communities.bmc.com/docs/DOC-125922000170977
If Smart IT and BMC Digital Workplace are on the SAME server Smart IT 18.08, Smart IT stops working after upgrading BMC Digital Workplace to 19.02https://communities.bmc.com/docs/DOC-115575000165330
BMC Digital Workplace Catalog - Troubleshootinghttps://communities.bmc.com/docs/DOC-123517000167608
After successful authentication with Remedy Single Sign-On user is getting redirected to the BMC Digital Workplace login pagehttps://communities.bmc.com/docs/DOC-107979000153733
Remedy Single Sign-On - BMC Digital Workplace user not redirected to BMC Digital Workplace after session timeouthttps://communities.bmc.com/docs/DOC-123481000174773
BMC Digital Workplace Catalog - Remedy Single Sign-On Troubleshooting / Changing Remedy Single Sign-On Default logging directoryhttps://communities.bmc.com/docs/DOC-125881000183979
BMC Digital Workplace Remedy Single Sign-On: ERROR (612): No such user is registered with this Server (1013)https://communities.bmc.com/docs/DOC-107754000155574
BMC Digital Workplace/SmartIT integrated with Remedy Single Sign-On and ADFS the login screen for Android/iOS shows blank/white screen on the mobile applicationshttps://communities.bmc.com/docs/DOC-65051000125913
BMC Digital Workplace Catalog - Remedy Single Sign-On Integration stopped working after BMC Digital Workplace Catalog upgrade to 19.02https://communities.bmc.com/docs/DOC-116921000167042
Remedy SSO - How to disable it temporarily and re-enable ithttps://communities.bmc.com/docs/DOC-123890000163062
BMC Digital Workplace Catalog Services are not visible in BMC Digital Workplacehttps://communities.bmc.com/docs/DOC-123244000170939
BMC Digital Workplace - How does Session Persistence work on Mobile Appshttps://communities.bmc.com/docs/DOC-126657000175711
BMC Digital Workplace Catalog: Unable to add the Catalog Sections in BMC Digital Workplace Client Admin Consolehttps://communities.bmc.com/docs/DOC-103354000148233
BMC Digital Workplace Catalog: Remedy Single Sign-On Automation scripthttps://communities.bmc.com/docs/DOC-106524000152211
BMC Digital Workplace Catalog: Remedy Single Sign-On logginghttps://communities.bmc.com/docs/DOC-117741000152382
BMC Digital Workplace Catalog getting error 623 with Remedy Single Sign-On version 19.05 or laterhttps://communities.bmc.com/docs/DOC-126068000176435
BMC Digital Workplace-Catalog with Remedy Single Sign-On: Images are not loaded in BMC Digital Workplace and result in error: user 'xxx' has no access to the realmhttps://communities.bmc.com/docs/DOC-126070000166426
BMC Digital Workplace Catalog - BMC Digital Workplace Catalog Server is not coming up after Remedy Single Sign-On Server alias changedhttps://communities.bmc.com/docs/DOC-126071000176067
Two Cookie Domains for Remedy Single Sign-Onhttps://communities.bmc.com/docs/DOC-123175000168372
BMC Digital Workplace Impersonation Issue With Remedy Single Sign-On With Impersonated Userhttps://communities.bmc.com/docs/DOC-120842000164818
BMC Digital Workplace Catalog: Session is not released when user logs out of BMC Digital Workplacehttps://communities.bmc.com/docs/DOC-126072000166564
BMC Digital Workplace Advanced-How to Integrate BMC Digital Workplace Advanced with Remedy Single Sign-On?https://communities.bmc.com/docs/DOC-120256000147399
Error, "An invalid domain [.xxxx.com] was specified for this cookie" is presented on loginhttps://communities.bmc.com/docs/DOC-103090000142047
Remedy Single Sign On - "Error: Could not register consumer 'ar_plugin' at server 'https://<rsso_server>:<port>/rsso/" - Cannot logon into MidTier after Remedy Single Sign-On Upgrade (18.08)https://communities.bmc.com/docs/DOC-121437000172660
Was this page helpful? Yes No Submitting... Thank you

Comments