Using AR for authentication

The AR System Data Store plug-in allows group information associated with BMC Remedy AR System server users to be retrieved and provided to BMC products. The AR authentication module and the AR user store are designed to be used together because it provides additional information for users authenticated against the AR System server.

Note

The AR user store provides read-only access to the user information stored in AR System server and read-only access to user and group lists and memberships.

Before you begin

  • Ensure that the AR System Data Store plug-in is installed.
  • Ensure that you have the server location and an administrator account since they are required to configure the AR user store..

Note

User management functionality, assigning group information that is retrieved from the AR System server to users that exist in another data store (for example, the internal data store), and saving changes involving information retrieved from the AR System server are not available.

To configure an AR module

Important

For the AR module, the flag is set to Sufficient.

When adding or editing an AR module, the following options are available:

  • Save to save your modifications.
  • Reset to remove your modifications and stay on the editor.
  • Help launches a browser that provides you with online help.
  • Cancel to cancel and return to the launch page.

Parameters

Description

Server Host Name

(Required) Provide the Full Qualified Domain Name (FQDN) for the server where the AR System server is located. The full host name includes the domain name (bmc.com) of the computer and the individual name of the server (yourServer).

Server Port Number

(Required) AR Server Port Number is the location where the AR System server is listening.

Note: Enter a value of 0 if the AR System server is using port mapping.

Default Authentication String

This string is only used when the AR module is placed downstream in a chain from another authentication module which prompts the user only for a name and password. In this situation, the value of this parameter is used to authenticate the user by re-using the credentials provided by the user along with this authentication string.

Allow AR Guests

If enabled, allows unknown or invalid users to authenticate to the AR System server as guests.

To configure an AR user store

Info

You must study these points if you want to configure an AR user store.

  • If you are using a persistent NameID element you cannot define AR User Store. You must use transient NameID element to define an AR User Store.
  • Existing profiles within the embedded LDAP User Store should be deleted before adding the AR User Store.
  1. Log on to the BMC Atrium SSO Admin Console.
  2. Click Edit BMC Realm.
  3. On the User Store panel, click Add to create a new AR user store.
    Alternatively, if you want to edit an existing AR user store, select the user store and click Edit.
  4. Select AR User Store.
  5. Provide the configuration parameters for the AR user store.
    <[^>]+?>","")"/>

    <[^>]+?>","")" class="contextID">

    Section

    Parameter

    Description

    Name


    Label for the AR user store.

    AR Server Host

    Host Name

    (Required) Provide the Full Qualified Domain Name (FQDN) for the server where AR System server is located. The full host name includes the domain name (bmc.com) of the computer and the individual name of the server (yourServer). Replace the default values (sample.bmc.com) with the host name of your server (for example, yourServer.bmc.com.

     

    Port

    (Required) Default: 0 Provide the port number where the AR Server is listening. The value of 0 is used when the AR Server is using port mapping.

    Administrative Access

    Name

    (Required) Provide the user name of an AR Server user store account that has AR System Administrator privileges.
    Empty or blank passwords for this internal user are not supported with a new user store.

     

    Authentication

    Provide the authentication string that is needed when the Administrator account is used to connect with the AR System server.

     

    Password and Confirm Password

    Password for the AR System administrative user of the AR Server user store account (for example, admin).

    Connection Pool

    Linger Time (seconds)

    (Required) Default: 60 Linger Time is the amount of time (in milliseconds) that a connection is allowed to remain unused in the pool before being closed.

     

    Pool size

    (Required) Default: 10 The Pool Size is the maximum number of connections the data store uses to service data requests for the AR System server.

  6. Click Save.

Note

When you create a new user or group in BMC Remedy AR System, the user or group is not immediately available in BMC Atrium Single Sign-On server due to caching of user and group information in BMC Atrium SSO.

The AR User Store Editor is used for both editing an existing user store's parameters and for creating a new AR user store. The AR User Store Editor has the following options:

  • Save to save your modifications
  • Reset to remove your modifications and stay on the LDAP page.
  • Back to Data Stores to navigate back to the Authentication tab.

After configuration is finished, the data store is immediately available to provide group information to users who are authenticating with the AR authentication module.

For more information about common problems, see Troubleshooting BMC Remedy AR System integration.

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Ben Kolp

    The link "Troubleshooting BMC Remedy AR System authentication." does not work. It brings you back to this page.

    Aug 01, 2016 07:33
  2. Punam Saxena

    Hi Ben Kolp,

    I checked the link mentioned in the document and it is working fine for me. However, the link that you had used in your comment does take me to the same page. Will you please check once again.

    Regards,

    Punam

     

    Aug 02, 2016 01:49