Managing authentication modules
The basic building block of authentication in BMC Atrium Single Sign-On is the authentication module. These modules specify the type of authentication (LDAP, RSA SecurID, and so on) as well as deployment-specific values such as host names and port numbers.
To access the Module Instances page
Navigate to Access Control > BmcRealm link > Authentication > Module Instances link
Module instances can be created, edited, and deleted from the Module Instances table.
- New creates a new module instance.
- Delete removes the selected module instance.
- Clicking the module name navigates you to a page where you can modify the module instance.
To create a new module
- Navigate to the module instance page, Access Control > BmcRealm link > Authentication > Module Instances link
- Click New.
- Type a unique name for the module instance.
The name should be composed of alphanumeric characters and a few punctuation characters such as the underscore, but no spaces, commas, or ampersands. - Select the type of new module instance.
- Click OK to create an unconfigured instance and return to the Authentication page.
- Edit the module.
The module's configuration must be edited before it can be used within an authentication chain.
To edit a module
- Navigate to the Module Instance page, Access Control > BmcRealm link > Authentication > Module Instances link
- Click the name of the module instance.
A page is launched that allows you to configure module attributes.Note
See the sections on configuring that particular type of module. For example, Using LDAP for authentication.
To delete a module
- Remove the module from all authentication chains.
See Managing authentication chains for the information on removing a module from an authentication chain. - Navigate to the module instance page, Access Control > BmcRealm link > Authentication > Module Instances link
- Select the module instance check box.
- Click Delete.
Note
Failure to remove the module from all authentication chains generates an error similar to the following:
An error occurred trying to remove MarketingLDAP: Authentication instance Marketing LDAP is currently being used.
Comments
Log in or register to comment.