Configuring tenants for the Presentation Server in Remedy SSO

TrueSight Presentation Server leverages Remedy SSO for authenticating users. In Remedy SSO, you can create tenants (realms), user groups, and users. After installing the Presentation Server, you can associate the user groups created in Remedy SSO with the Presentation Server authorization profiles. This enables the role-based authorization to features and components of the product.

Default realm in Remedy SSO

The special character * (asterisk)  is the top level tenant (realm) in Remedy SSO and is equivalent to the BmcRealm tenant in Atrium SSO.


Related topics

Configuring the general settings in the Remedy SSO server

Managing-authorization-profiles
Role-based access

From the TrueSight console, you can only view the user information. You must perform all modifications to the user information in Remedy SSO.

This section provides information about creating tenants in Remedy SSO and the steps to enable multi-tenancy on the Presentation Server.

Before you begin

To add tenants (realms) in Remedy SSO

  1. Log in to Remedy SSO as an Admin user.
  2. Click the Realm tab. 
    The default realm is displayed.

  3. Click Add Realm.

    Notes

    • To edit a realm, click the Edit icon icon_edit.jpg for the realm that you want to edit.
    • To delete a realm, click the Delete icon Delete icon.PNGfor the realm that you want to delete. Deletion of a realm results in deletion of all users, groups of the Local User Management authentication under the realm, and all active sessions in this realm. Note that active user sessions may be related to other IdPs as well.
    • Never delete the * tenant (realm) from the Remedy SSO server that is configured with the Presentation Server.
    • If you delete a tenant from the Remedy SSO, you must also delete any TrueSight Presentation Server component configured to use that tenant.

  4. On the General tab, enter the following realm details.

    Field

    Description

    Realm ID

    Unique realm identifier. Realm ID must not be more than 80 characters and can only include alphanumeric characters and the following special symbols:
    *, ., _, and -.

    Application Domain(s)

    The application domain name for the tenant (realm). The best practice is to have the same value for this field as for the Realm ID field.

    The application domain name is required for the two step login process in a multi-tenant Presentation Server environment.

    Ensure that you do not add the same application domain value for more than one realm.

    Notes:

    • The Application Domain(s) field does not accept the uppercase input. Any value entered is automatically transformed to the lowercase.

    • (Optional) If you are using Remedy SSO v18.08 or later, for all the custom realms (tenants) that you create, provide the comma separated FQDN host names of the TrueSight Presentation Serverand TrueSight Infrastructure Management server as shown in the image.  For example, if your realm is 'testrealm', the TrueSight Presentation Server hostname is 'tsps.abc.com' and TrueSight Infrastructure Management server hostname is 'tsim.abc.com'. Type all these values in the field.

      You do not have to do this for the default "*" realm (tenant). 

      custom_realm_application_domain.png

  5. Save the changes and ignore all other tabs and fields. They are neither required nor supported by the Presentation Server environment.

To enable multi-tenancy in Presentation Server

If you have not enabled multi-tenancy after installing or upgrading the Presentation Server, perform this task. For a single tenant Presentation Server environment, you need not enable multi-tenancy. For a multi-tenant Presentation Server environment, you must enable the msp parameter using the following procedure:

Failed to execute the [excerpt-include] macro.

Where to go from here

Configuring-user-authentication-for-the-Presentation-Server-in-Remedy-SSO

 

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*