Installing the first node for an HA cluster
The following provides information and instructions for installing the first node for an HA cluster.
Before you begin
- Obtain the zipped BMC Atrium Single Sign-On files from the BMC product package via Electronic Product Download (EPD) or the BMC Atrium Single Sign-On DVD.
If there is already an installation of BMC Atrium Single Sign-On on the target computer, the installer will not allow another installation. Uninstall the existing version.
Note
The Apache Tomcat server used by BMC Atrium Single Sign-On cannot be shared with any product that integrates with BMC Atrium Single Sign-On. BMC recommends that BMC Atrium Single Sign-On be the only application in the Tomcat server.
- If you are using an external Tomcat, complete the prerequisites given in Prerequisites to install BMC Atrium Single Sign-On on an external Tomcat server.
- Prepare to run the installation program for your operating system. For example,
- You must update Terminal Services configuration options and configure the DEP feature if you are using Windows. For more information, see Prerequisites to install BMC Atrium Single Sign-On on the Windows platform.
- If you are using Linux, the user must have the following permissions:
- read/write/execute for the destination directory,
- to execute Java, and
- read/write to Tomcat directory (in case of using external Tomcat server instead of out-of-the-box Tomcat).
To install the first node for an HA cluster
Unzip the BMC Atrium Single Sign-On files.
Note
For UNIX and Solaris, unzip the file using the following command: $gtar xzvf BMCAtriumSSO.solaris.tar.gz.
- Run the installation program.
The setup executable is located in the Disk1 directory of the extracted files.- (Microsoft Windows ) Run setup.exe
- (UNIX and Solaris) Run setup.sh
- In the lower right corner of the Welcome panel, click Next.
- Review the license agreement, click I agree to the terms of license agreement, and then click Next.
- BMC Atrium Single Sign-On installer.
- Select the Install BMC Atrium Single Sign-On 9.0.00 check box and click Next.
- Accept the default destination directory or browse to select a different directory, and then click Next.
In the Host Name Information panel, verify that the hostname presented is the Fully Qualified Domain Name (FQDN) for the host, and then click Next.
Correct the value as needed.Important
Ensure that the host name does not contain the underscore ( _ ) symbol.
- In the BMC Atrium SSO Server Cluster Options panel, perform the following actions:
- Select Clustered BMC Atrium SSO Server.
- Select New Cluster Installation (First node).
- Click Next.
Enter a file name and location for storing the cluster configuration information and click Next.
This cluster configuration file is needed when subsequent nodes are added to the cluster.Important
This file contains sensitive information that is used when installing additional nodes.
- Enter the LDAP port number (8091), LDAP replication port (8092), LDAP administration port (8093), and click Next.
- Enter the load balancer URL and click Next.
For example:
https://loadBalancerFQDN:port/atriumsso
https://BMCLoadBalancer.bmc.com:8443/atriumsso Select one of the following Tomcat installation options, and then click Next:
Install New Tomcat (default)
Use External Tomcat.
Enter a cookie domain and click Next.
The domain value of the cookie should be the network domain of BMC Atrium Single Sign-On or one of its parent domains. For more information, see Default cookie domain.Important
- The higher the level of the selected parent domain, the higher the risk of user impersonation.
- You cannot use sibling domains or cross-domains with BMC Atrium Single Sign-On. For example, installing the BMC Atrium Single Sign-On server in the remedy.com domain and the AR System server in the bmc.com domain is not supported. You must move all your computers into the same domain.
- Enter a strong administrator password, confirm the password, and click Next.
The default administrator name is amadmin. Choose one of the following options:
Verifying the installation
- Verify that your BMC Atrium Single Sign-On installation was successful by accessing the BMC Atrium Single Sign-On URL.
- Navigate to Start > All Programs > BMC Software > BMC Atrium SSO > Administrator to launch the BMC Atrium SSO Admin Console.
The URL to open the BMC Atrium SSO Admin Console is:
https://<ssoServer>.<domain>:<port>/atriumsso
For example:
https://ssoServer.bmc.com:8443/atriumsso When you are prompted that you are connecting to an untrusted connection, add the exception and then continue.
Note
Browsers display this warning because you have not yet configured the SSO authentication as a trusted provider.
- Confirm that you can view the BMC Atrium Single Sign-On login panel.
Log on with the SSO administrator name (for example, amadmin) and password.
The BMC Atrium SSO Admin Console appears.Note
The amadmin is the default administrator user for BMC Atrium Single Sign-on. You can use the amadmin user only for accessing BMC Atrium SSO Admin Console. You cannot logon to your authenticating BMC applications using the amadmin user.
- Navigate to Start > All Programs > BMC Software > BMC Atrium SSO > Administrator to launch the BMC Atrium SSO Admin Console.
- Verify that your BMC Atrium Single Sign-On installation was successful by accessing the SSO load balancer.
For example:
https://ssoloadbalancer.bmc.com:8443/atriumsso}
The BMC Atrium SSO login screen appears. After you log on, the SSO server appears in the HA Nodes List. - (Optional) Create an administrative user account for BMC Products to perform search functions on the user store (for example, to list user names and emails).
- If you are using the BMC Atrium Single Sign-On server's internal LDAP, assign the BMCSearchAdmins group to the new user account.
- If you are using an external system for authentication (such as AR System, LDAP, or Active Directory), assign the BmcSearchAdmins group to either an already existing user account or a new user account.
Where to go from here
- If you reached this topic from Installing BMC Atrium Single Sign-On as a High Availability cluster, ensure to complete the rest of the process (Installing additional nodes for an HA cluster and HA post-installation activities).
- If you reached this topic directly, see Installing additional nodes for an HA cluster on a new Tomcat server.
Comments
Log in or register to comment.