Documentation update To provide a better user experience, we have now created a separate documentation space for Helix Vulnerability Management. Users of Helix Vulnerability Management (includes BMC Helix Automation Console) can find the latest documentation at BMC Helix Vulnerability Management.

Configuring BMC Remedy Single Sign-on for TrueSight Automation Console

Supported in 20.08.01 onwards only

TrueSight Automation Console supports BMC Remedy Single Sign-On (Remedy SSO) from Patch 1 for 20.08 and onward.


This topic provides an overview of and instructions to configure TrueSight Automation Console to use BMC Remedy Single Sign-on (Remedy SSO) as an authentication system. 

If your TrueSight Server Automation is configured to use Remedy SSO, you can now log on to TrueSight Automation Console using the Remedy SSO credentials.

Currently, TrueSight Automation Console supports Local, Lightweight Active Directory Protocol (LDAP), and SAML types of Remedy SSO authentication only. For local and LDAP authentication, the session is discontinued when the user logs out.

Before using Remedy SSO, ensure that the following prerequisite tasks are complete: 

Prerequisites

See topic/instructions

Remedy SSO is implemented for TrueSight Server Automation

Implementing Remedy Single Sign-On authentication in TrueSight Server Automation documentation.

A realm for the desired authentication type is added in Remedy SSO for TrueSight Automation Console

Adding and configuring realms in Remedy SSO documentation.

Users configured in Remedy SSO (for local, SAML, and LDAP authentication types) must also be created in TrueSight Server Automation


Configuring authentication in Remedy SSO documentation.

If using LDAP, synchronize users with the LDAP server in TrueSight Server Automation. For details, see Synchronizing users with LDAP servers.

If Remedy SSO is configured to use HTTPS, then the Remedy SSO certificate needs to be added in TrueSight Automation Console

  1. Log on to BMC Remedy Single Sign-On administration console and obtain the certificate. 
    Ensure that you change the certificate file extension to *.crt.
  2. On the host where TrueSight Automation Console is installed, create a new folder, for example, cacerts in the truesight/application/common/certs location and copy and place the certificate.

  3. Run the following command to restart the identity-management and the Remedy SSO portal container one after the other.

    docker restart <container_ID>
  4. You can now successfully log on to TrueSight Automation Console using the Remedy SSO credentials.

Can I configure Remedy SSO after installing Automation Console?

Typically, you provide the Remedy SSO server URL while installing TrueSight Automation Console. However, if you do not specify the URL during installation, as an administrator, you can choose to specify the Remedy SSO details using the following REST API: 

POST/api/v1/config/rsso

For more details, see Using-REST-API.

Where to go from here

For instructions to log on to TrueSight Automation Console using BMC Remedy SSO, see Logging-in

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*