BMC ProactiveNet integrates with BMC Atrium Single Sign-On, an authentication system that supports many authentication protocols and provides single sign-on and single sign-off for users of BMC products. BMC Atrium Single Sign-On allows users to present credentials only once for authentication and subsequently be automatically authenticated by every BMC product that is integrated into the system.
BMC Atrium Single Sign-On uses agents which are integrated into each of the BMC products. These agents perform the following functions:
The following integration architecture diagram shows BMC product integration with BMC Atrium Single Sign-On.
The diagram shows that users provide authentication credentials to access one BMC product with an integrated BMC Atrium Single Sign-On Agent. Authentication is routed through a BMC Atrium Single Sign-On component in standalone server mode. Restricted access to other integrated BMC products is validated through a single sign-on token.
BMC recommends the following conditions for BMC ProactiveNet Server single sign-on integration:
pw ssocommands. For more information, see the BMC ProactiveNet Command Line Interface Reference Guide.
You must create BMC ProactiveNet users and user groups in BMC Atrium Single Sign-On and assign users to user groups. The user groups that are created on BMC Atrium Single Sign-On need to be present and mapped on BMC ProactiveNet. The group name is used as mapping for retrieving the permissions in BMC ProactiveNet.
The same user name cannot exist in BMC ProactiveNet Server and Atrium Single Sign-On. Configuration item-based access control describe access control when BMC ProactiveNet is integrated with BMC Atrium Single Sign-On in a single-server or multiple-server deployment.
In a multiple-server deployment, with a BMC ProactiveNet Central Server and more than one BMC ProactiveNet Child Server, you can integrate with the BMC Atrium Single Sign-On server for seamless access from the central server to child servers, and from the child servers to the central server. Without single sign-on, you provide authentication credentials for each server you want to access. With single sign-on integration, you provide authentication credentials only once and then you have access to the whole system.
Complete single sign-on integration with each BMC ProactiveNet Central Server and Child Server to ensure functionality across the deployment.
For details about single sign-on configuration, see BMC ProactiveNet Installation and Configuration Guide.
For details about
pw sso commands, see BMC ProactiveNet Command Line Interface Reference Guide.
For details about post-installation configuration, see BMC ProactiveNet User Guide.