×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

 

This documentation supports the 19.02 version of Remedy Single Sign-On.

To view an earlier version, select the version from the Product version menu.

Remedy Single Sign-On 19.02 Integrating

Integrating Remedy SSO with BMC Client Management

Integrating BCM with Remedy SSO enables Remedy with Smart IT technicians to remote control BCM managed endpoints through the BCM browser-based console.

The Remedy SSO administrator typically provides the parameters needed to apply Remedy SSO settings in BCM. As a BCM administrator, ensure that the mandatory settings are met to ensure a successful integration.

To integrate with Remedy SSO, a BCM administrator must configure Remedy SSO parameters in the BCM console. After successfully configuring Remedy SSO with BCM, the Remedy with Smart IT administrator gets access to the BCM browser-based console to search for and remote control BCM managed devices.

IntegrationWithRSSO

Before you begin

As a BCM administrator who is integrating BCM with Remedy SSO, ensure that the following settings are met:

  • Remedy SSO parameter details
    • RSSO URL
    • Realm
    • Certificate Authority
    • Server Certificate

Mandatory settings

  • The minimum supported version of Remedy SSO is 9.1.01 and later.
  • The BCM master and the Remedy SSO server must be in the same domain. For example, if the BCM master server domain name is bcm.calbro.com, then the Remedy SSO domain name must be rsso.calbro.com.
  • BCM and the Remedy SSO server must use the same LDAP server. Otherwise, BCM is unable to check user permissions even if the user has successfully logged in through Remedy SSO.
  • The BCM master server must have a reservation in DNS and must be accessed using that DNS name; otherwise, the integration fails and the following message is displayed: Forbidden request! Goto url is wrong.
  • The same user must be present on both Remedy SSO and BCM master server; otherwise, the integration fails. For example, if AllenBrooks is authenticated through Remedy SSO, then a user AllenBrooks should be present on the BCM master server as well.

Considerations for configuring certificates

Communication between BCM and Remedy SSO can take place only over secured protocol (HTTPS). To enable communication by using HTTPS, you must obtain the HTTPS certificate from the Remedy SSO server.

You can supply a CA bundle that is trusted by your organization, pin the certificate downloaded from Remedy SSO, or use both.

A pinned certificate is more secure than a CA bundle; however, pinned certificates require more frequent renewal. BMC recommends that you use both a pinned certificate and a trusted CA bundle to verify the identity of the Remedy SSO server.

Remedy SSO parameters

As a BCM administrator, you must get the following settings from a Remedy SSO administrator. The following parameters are required to configure Remedy SSO with BCM.

ParameterDescription
EnabledDefines whether the Remedy SSO server authentication is activated.
RSSO Server URLEnter the URL for the Remedy SSO server. The Remedy SSO server URL must begin with https and have the same domain as the BCM master server. For example, use bcm.calbro.com and rsso.calbro.com.
RSSO Realm ID

A realm is a virtual identity provider used to authenticate a domain. Contact your Remedy SSO administrator for the Realm ID.

This field must not be empty. The Realm ID must exist on the Remedy SSO server.

Product IdentifierDefines the identifier for BMC Client Management. The identifier must be unique for each application that provides authentication through Remedy SSO server.
RSSO Token revalidation periodEnter the revalidation period in seconds. For more information, contact your Remedy SSO administrator. 
Certificate Authority BundleConfigures the list of certificate authorities that BMC Client Management must trust when connecting to a Remedy SSO server.
Server CertificateDefines the server certificate to accept when connecting to the Remedy SSO server. This certificate is taken from the Remedy SSO server and it must be pinned to use the certificate.

Note: You must configure a certificate on the BMC Client Management console using one of the options for security purposes.

To configure BCM to integrate with Remedy SSO

As a BCM administrator, you need the required parameters to configure Remedy SSO in BCM.

To apply the Remedy SSO settings, perform the following steps: 

  1. In the BCM console, go to Global Settings > System Variables.
  2. In the RSSO tab, enter the parameter values.
    1. Enable RSSO
    2. RSSO URL
    3. RSSO Realm ID
    4. Product Identifier
    5. RSSO Token revalidation period
    6. Certificate Authority
    7. Server Certificate
  3. Click OK.

Troubleshooting

IssueCause(s)Resolution(s)
BCM integration with Remedy SSO not successful

Incorrect Remedy SSO parameters

Remedy SSO server down

Contact Remedy administrator
Cannot authenticate into BCM browser-based console

Remedy SSO server down

Incorrect Remedy SSO credentials

Incorrect configuration in BCM

Contact Remedy administrator to ensure Remedy server is up and running

Contact BCM administrator to check whether Remedy SSO is correctly configured


Next step

Connect to the BCM browser-based console using Remedy SSO credentials

Was this page helpful? Yes No Submitting... Thank you
Last modified by Olha Horbachuk on Aug 31, 2020
integration

Comments

Log in or register to comment.

Integrating Remedy SSO with TrueSight Presentation Server
Integrating Remedy SSO with BMC Discovery
© Copyright 1991 – 2019 BMC Software, Inc.
© Copyright 1991 – 2019 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.