Installing Remedy SSO
This topic provides instructions for performing Remedy Single Sign-On (Remedy SSO) installation. You may perform a stand-alone or high availability (HA) installation.
The Remedy SSO cluster environment is implemented as a redundant system with session failover. In this model, if a node fails, the single sign-on load is transitioned to the remaining servers with minimal interruption.
When multiple Remedy SSO servers are installed and configured to operate as a cluster, a system failure is absorbed by the remaining cluster nodes.
The best practice is to run Remedy SSO cluster behind a firewall to protect the communication channels, such as access to the admin console. For security reasons, you must encrypt the communication between browser and Remedy SSO server cluster. The internal communication between other BMC products and Remedy SSO server cluster is not required to be encrypted.
Before you begin
- For installation prerequisites, see Preparing for installation.
If an installation of Remedy SSO already exists on the target computer, you will not be able to perform a fresh installation, but you can perform an upgrade if the version to be installed is higher than the currently installed version. You must uninstall the existing version if you want to perform a fresh installation of the same version. For more information about uninstalling Remedy SSO, see.
- Run Tomcat and the Remedy SSO installer from the same user group. For example, if Tomcat is running under root privileges, then run the Remedy SSO installer under the same privileges.
If Remedy SSO is configured to use the existing Remedy AR System database instance you must not use the AR System database name for Remedy SSO. Use a new database name for Remedy SSO to prevent the table name conflict for the Configuration table. If you are using Oracle, create a new database for Remedy SSO before running the BMC Remedy installer. At the time of installation select the new database. For more information about creating a database, see Setting up the database for Remedy SSO.
- Ensure that you have the following information before you start the installation.
|Check if you have:|
|Database type, such as MS SQL, Oracle, or PostgreSQL|
Database host name
|Database port number|
|Database instance name|
|Database admin name and password in case you plan to create a database user|
|Database username and password that Remedy SSO uses to access the database|
|Default username and password for the Admin console of Remedy SSO|
- BMC supports Remedy SSO 9.1.x with BMC Remedy Action System 9.x and 8.x.
- BMC supports Atrium Single Sign-On with BMC Remedy Action System 9.0 and earlier versions. Atrium Single Sign-On is not supported with BMC Remedy Action System 9.1.
Installing Remedy SSO
- Unzip the Remedy SSO.
Run the installation program based on your operating system.
- For Microsoft Windows, run setup.exe.
- For Linux, run sh setup.sh.
- In the lower-right corner of the Welcome panel, click Next.
- Review the license agreement, click I agree to the terms of license agreement, and then click Next.
- Accept the default destination directory or browse to select a different directory, and then click Next.
- Select BMC Remedy Single Sign-On <version number>, and then click Next.
- Browse to select the Apache Tomcat directory path where Remedy SSO application will be deployed.
Enter the database settings.
For Remedy SSO 9.1.01 version, do not select the database type as PostgreSQL as it is not supported on that release.
Assign a database user. The details of the user will be used by Remedy SSO to access the details of application configuration and user sessions. You may choose to provide the credentials for an existing database user with permissions to create tables or create a new user.
- Enter a cookie domain, and then click Next.
The domain value of the cookie must be the network domain of Remedy SSO or one of its parent domains.
- In the Installation Preview window, click Install.
- Log in with default credentials (URL: http(s)://<rsso_servername_FQDN>:port/rsso/admin; User Name: Admin; Password: RSSO#Admin#).
- After you log in for the first time, change the password.
Installing Remedy SSO in a high-availability environment
Starting from version 9.1.03.001, the Remedy SSO Admin UI does not need sticky sessions to function in an HA environment.
For earlier versions, the Remedy SSO Admin UI requires sticky session/Session Persistence in an HA environment. This is accomplished by enabling sticky session/Session Persistence on the load balancer. Different load balancers have different configurations to enable a sticky session/Session Persistence. Refer to the specific load balancer documentation or ask the vendor for detais about the configuration.
Note that when sticky session/Session Persistence is not enabled for the Remedy SSO Admin UI, the admin user behind the firewall can use a specific Remedy SSO server hostname to access admin UI instead of using the load balancer URL.
To install Remedy SSO in an HA environment
Before you install or upgrade Remedy SSO in an HA environment and if you choose to configure/use PostgreSQL, download PostgreSQL from their official site, and then install and configure it. When you run the Remedy SSO installer, select the external database option and not the embedded one.
- Ensure that Remedy SSO is installed successfully on the primary node as outlined in .
Unzip the Remedy SSO files on the additional node.
- Run the installation program.
Click Next to confirm the database settings. The database settings should be same as the settings used by the primary node.
In the window to assign database users, select the Use Existing User option.
When you add nodes, select the Use Existing User option and enter credentials that are used by the primary node.
- Complete the rest of the installation steps.
If you are configuring Remedy SSO for SAML authentication, set or update the SP certificate as follows:
Set the service provider (SP) certificate. For more information about setting the SP certificate, see.
Update the service provider (SP) certificate. The default Remedy SSO SP certificate is provided only for testing purpose and you must not use it in a production environment. For more information about updating the SP certificate, see.
Related blogs in BMC Communities
- Creating the database for Remedy Single Sign-On
- Migrating Remedy Single Sign-On to a new version of Tomcat