Using Multifactor Authentication (MFA) with RSSO for BLCLI in TrueSight Server Automation
Multifactor Authentication (MFA) with RSSO using remedySSO Authentication type profile is supported via BLCLI blcred cred -acquire -profile <profile with remedySSO authentication type> command.
Running this command will launch your system's default web browser to complete the RSSO authentication process. Once you log in successfully, a secure session is created and stored. This session can then be reused for subsequent BLCLI (BladeLogic Command Line Interface) commands using the same RSSO profile.
Prerequisites
- Make sure that the RSSO is enabled and configured in the blasadmin.
- If RSSO server is not using CA signed certificates, RSSO certificates needs to be imported on the server where blcli needs to be executed. For example, <NSH_path>/jre/Hb/security/cacerts
- The user must be enabled with RSSO Authentication.
- [Applicable only to Linux] A default web browser must be installed on the server. Additionally, the end user must set the DISPLAY environment variable before acquiring a TSSA session using the blcred -cred -acquire command.
Authenticating via RSSO Using CLI
To configure the authentication, you must add an authentication profile and aquire the session credentials.
- To add an authentication profile, use: blcred authprofile -add -profile <profile_name> -host <appserver_host>:<port> -type remedysso
- To acquire session credentials using the RSSO profile, use: macro:codeblcred cred -acquire -profile <rsso_profile_name>
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*