BMC Atrium Single Sign-On provides basic user and group management features with the internal LDAP server. These features allow an administrator to manage users, groups, and memberships in the groups.
From the User page, the administrator can create, delete, and manage group memberships.
BMC products can use the group membership capabilities of the BMC Atrium Single Sign-On system to provide authorization and authentication of users. If a BMC product does not use the group memberships of the BMC Atrium Single Sign-On system, then that product's documentation must be consulted to determine groups to privileges mapping.
To access the User page
Navigate to the following location:
- Open the Realm Editor.
- Click the Users tab.
New users can only be created when you are using the internal LDAP server for authentication. If an external source is used for authentication, new users must be created within that external system.
When creating a new user, each field that is marked with an asterisk is a required field.
To add a new user
- In the Realm Editor, click the Users tab.
Current AR System users created in your AR System server are already listed.
- Click Add to open the User Editor.
- In the User Id field, enter a unique identifier for the new user.
This value is used as the user ID when the user logs in.
- Specify the user's status.
The default is Active.
- Add the name attributes.
- The name attributes (First Name, Full Name, and Last Name) can be provided to BMC products to help identify user accounts by using terms that are more user-friendly. The actual use of these attributes, though, is dependent on the BMC product.
- You must assign an initial password of at least 8 characters when creating the account. After the password is created, the user can log into BMC Atrium Single Sign-On and update the password and their personal information through the following URL:
https://FQDNHostName:port/BMC Atrium SSO?realm=BmcRealm
- Click the Groups tab.
- From the list of available groups, add the user to group membership (for example, BmcAdmins).
- Click Save.
To access the Group page
BMC Atrium Single Sign-On provides predefined groups to help with the Administrator privileges that some BMC products might require. For example, the BmcSearchAdmin group provides privileges that allow a user to connect to the server to perform identity searches.
Navigate to the following location:
- Open the Realm Editor.
- Click the Groups tab.
To create a new group
Normally, BMC products install the groups that they need managed into BMC Atrium Single Sign-On as part of their installation. However, a situation might arise in which a group might need to be created or re-created.
- In the Realm Editor, click the Groups tab.
Current AR System groups created in your AR System server are already listed.
- Click Add to open the Group Editor.
- Enter a new, unique name for the group.
- Add available users to the new group.
- Click Save.
Comments
Log in or register to comment.