Page tree
Skip to end of metadata
Go to start of metadata

You can configure users who are a part of LDAP or Active Directory to be a part of BMC Atrium Single Sign-On so that they can log on to Operations Management.

BMC Atrium Single Sign-On configuration resources

For detailed information about configuring your LDAP users, see the following topics in the BMC Atrium Single Sign-On documentation:

Enabling LDAP for user authentication

Using an external LDAP user store

Configuring LDAP or Active Directory users in BMC Atrium Single Sign-On

Perform the following steps on the computer on which BMC Atrium Single Sign-On is installed: 

  1. Launch the BMC Atrium SSO Admin Console .
  2. Under Realms, select the appropriate tenant.
  3. In the Realm Editor screen, under Realm Authentication, select Add > LDAP / Active Directory.
  4. In the LDAP/Active Directory Editor dialog box, fill in the fields as explained at  Enable LDAP for user authentication  and click Save.
  5. In the Realm Editor screen, under User Stores, select Add>LDAPv3 User Store.


    When you update the credentials of your LDAP system, you must also update the Atrium Single Sign-On product with the same credentials.

  6. In the LDAPv3 (Active Directory) User Store Editor dialog box, fill in the fields for both the General and Search tabs as explained at  Using an external LDAP user store , and select Save.
  7. To verify a successful integration, in the Realm Editor screen, go to the Users tab and view all the Active Directory users.

Configuring LDAP or Active Directory users in BMC TrueSight Operations Management

  1. Log on to the TrueSight console as a Super Admin.
  2. Navigate to Administration>Authorization Profiles.
  3. Create a new authorization profile or edit an existing authorization profile to associate the user groups from Active Directory.
    See Managing authorization profiles for more information.
  4. Select the tenant that you configured in BMC Atrium Single Sign-On for Active Directory users and select Edit under User Groups
  5. Select Add and select the Active Directory user group from the list of user groups.
  6. Select OK and then Save.
  7. Select Yes to confirm changes to the authorization profile.
  8. Log out of the TrueSight console.
  9. Log back on to the TrueSight console as an Active Directory user.
  10. Log on to the Infrastructure Management server as an Administrator and perform the following steps:
    1. Edit the self_collector.mrl file located at /pw/server/etc/<cellname>/kb/collectors/ and add the groups to the permissions that are needed.

      r - Read-only

      w - Write

      x - Execute

    2. Save the self_collector.mrl file.
    3. Recompile the cell using the commands
      mccomp -n <cellname>
      mcontrol -n <cell> restart

Related topics

Managing users and access control

Managing users and user groups

Default users and user groups

Viewing user details

Editing and deleting authorization profiles