Page tree
Skip to end of metadata
Go to start of metadata

Use this command to perform the following functions:

  • Configure the Atrium Single Sign-On server on TrueSight IT Data Analytics.
  • Create users (along with associated user groups) existing in TrueSight IT Data Analytics on Atrium Single Sign-On.

If you have upgraded from an earlier version of the product, then you need to use this command to configure the Atrium Single-Sign On server. The inputs required for the configuration are the same as those required while running the installation wizard.

Best practice

If you are installing the product for the first time, use the installation wizard for configuring Atrium Single Sign-On. To do this, you need to perform a custom installation of the Console Server and then provide details of the Atrium Single Sign-On server that you want to configure. For more information, see Installing in a multiple-server environment.

Notes

  • When you run this command, the IT Data Analytics server is restarted.
  • After running the command, if you find that some users or user groups are not successfully created on Atrium Single Sign-On, then you need to manually create them in Atrium Single Sign-On. Alternatively, you can use the transferownership CLI command command to move objects owned by that user to another user in Atrium Single Sign-On.

To understand the syntax and examples, see:

Atrium Single Sign-On resources

To access information about installing and configuring Atrium Single Sign-On, see the online documentation for Atrium Single Sign-On  version 9.0.

  • To create, edit, or delete users by using Atrium Single Sign-On, see Managing users.
  • To create, edit, or delete user groups by using Atrium Single Sign-On, see Managing user groups.

Syntax

Note

Before you run the command, note the following points:

enablesso -d <hostName> -p <portNumber> -u <userName> -w <password> -sd <AtriumSSOHostName> -sp <AtriumSSOPort> -ss <AtriumSSOProtocol> -su <superusername> -sw <superuserpassword> -tenant <tenant> -usermigrationscope <usermigrationscope> [-passworddefaultsuffix <PasswordSuffix>]                                 
[-l <locale>] [-v] [-s]

  • Angle brackets (< >) indicate a variable value that needs to be user defined.

  • Square brackets ([ ]) indicate optional parameters.

The following table describes the parameters used in the syntax:

ParameterDescription
-d
Host name of the Console Server
-p
Port number of the Console Server.
-u
User name to use to connect with the Console Server.
-w
Password corresponding to the user name to use to connect with the Console Server.
-sd
Fully Qualified Domain Name (FQDN) of the Atrium Single Sign-On server.
-sp

Port number of the Atrium Single Sign-On server.

The default port is 8443.

For more information about the ports supported, see Communication ports and protocols.

-ss

Protocol to connect with the Atrium Single Sign-On server.

By default, the value is HTTPS.

-su

User name for connecting with the Atrium Single Sign-On server.

By default, the value is set to amadmin. Leave the default value unchanged.

-sw

Password for connecting with the Atrium Single Sign-On server (specified in the plain text format).

The password corresponding to the default user name is the same as what you provided while installing the Atrium Single Sign-On server.

-tenant

Name of the tenant (also known as Realm in Atrium Single Sign-On) that you configured while integrating TrueSight IT Data Analytics with TrueSight Operations Management. For more information, see Integrating with TrueSight Presentation Server.

If you want to use a standalone instance of the Atrium Single Sign-On server, then provide the name of the tenant that is present on the Atrium Single Sign-On server.

By default, the value is set to BmcRealm.

-usermigrationscope

Determines whether you want to create all or only the default users (including associated user groups) existing in TrueSight IT Data Analytics on Atrium Single Sign-On.

Depending on the scope that you decide, the value can be one of the following:

  • ALL: Create all users (and associated user groups) existing in TrueSight IT Data Analytics on Atrium Single Sign-On.
  • DEFAULT: Create default users only (and associated user groups) existing in TrueSight IT Data Analytics on Atrium Single Sign-On.
    The default users include – admin (super admin role), app admin (app admin role), and troubleshooter (troubleshooter role).

By default, the value is set to DEFAULT.

-passworddefaultsuffix

(Optional) Provide a suffix so that the password for users in Atrium Single Sign-On is set to the "user name_suffix".

The suffix provided will be case sensitive and will be appended to all the users in Atrium Single Sign-On.

The password in Atrium Single Sign-On must be at least seven characters long.

Example: If the user name is John and the suffix provided is BMC, then the password will be, John_BMC.

If you do not provide this input, then by default the "ITDA_USER" suffix is used.

-l

(Optional) Indicates the locale in which you want to display messages when the command is run.

You can set one of the following locales:

  • English
  • Simplified Chinese
  • German
  • French

By default, the messages are displayed in the locale of the system on which the CLI is run.

The value can be set to one of the following depending on the locale you choose:

  • English: en
  • Simplified Chinese: chs
  • German: de
  • French: fr

Example: If you want to set the locale as Simplified Chinese, you need to specify, l=chs.

-v
(Optional) Version of the IT Data Analytics product.
-s
(Optional) Indicates an HTTPS connection.

Example inputs

The following example provides the input for configuring the Atrium Single-Sign On server:

itda enablesso -d localhost -p 9797 -u admin -w admin12345 -tenant BmcRealm -sd clm-pun-016060.bmc.com -sp 8443 -su amadmin -sw bmcAdm1n -usermigrationscope ALL -ss https -passworddefaultsuffix default

Troubleshooting user mapping conflicts

After running the command, it is possible that you might not be able to log on to the product. Such a scenario can occur due to the difference in how the user, user group, and role mapping was handled prior to version 2.1.00 of the product.

The following table provides a comparison of the user authentication approaches in the different versions.

Version 2.0 and earlierVersion 2.1 and later
  • Users are mapped to both user groups and roles.
  • User groups are mapped with users only.
  • Users are mapped to user groups.
  • User groups are mapped to roles.


For more information, see Troubleshooting common issues.