Important

   

This space contains documentation for TrueSight Server Automation 8.9.03 and the later service packs for 8.9. For earlier releases, see BMC Server Automation 8.9.

Domain authentication

The Domain Authentication solution integrates TrueSight Server Automation with Active Directory without requiring users to obtain a Kerberos ticket—that is, a Windows user credential.

In Domain Authentication, TrueSight Server Automation clients (the TrueSight Server Automation Console or the blcred utility) accept a user's name, domain, and password. This information is passed to the Authentication Service, which delegates user authentication to the Active Directory domain controller. If the domain controller successfully authenticates the user, the TrueSight Server Automation Authentication Service issues the TrueSight Server Automation client an SSO session credential. The TrueSight Server Automation client application can then use the session credential to establish an authenticated secure session with the Application Server or a Network Shell Proxy Service identified by the service URLs in the session credential.

Domain Authentication provides greater flexibility than AD/Kerberos. A user logging into the TrueSight Server Automation Application Server can authenticate with a different user name than the user name used to log into the Windows system hosting the TrueSight Server Automation client application. For example, a user can log into Windows as Sally@DOMAIN.COM and then log into TrueSight Server Automation as Administrator@DOMAIN.COM.

For information about configuring the domain authentication, see Configuring Domain Authentication.

Was this page helpful? Yes No Submitting... Thank you

Comments