Skip to Content

Remedy Single Sign-On authentication

 (Remedy SSO) is an authentication system for a multi-software environment that eliminates the need for logging in multiple times. When you integrate  with , you can log in to the  only once. The same session credentials are used later while logging in to .

Currently,  supports the following Remedy SSO authentication mechanisms: Local, Lightweight Active Directory Protocol (LDAP), and SAML.

To use the  authentication, do the following:

  1. Complete the prerequisite tasks.
  2. Configure TrueSight Server Automation - Data Warehouse to use Remedy SSO authentication.

Prerequisites 

Before using the  authentication, make sure that the following prerequisites are met:

  • Make sure that  is configured to use the HTTPS protocol.

    Do the following:
    1. Log in to the host where the Tomcat server for  is installed.

    2. Create a new keystore.

      keytool -genkey -alias tomcat -keyalg RSA -sigalg SHA256withRSA -keysize
      2048 -keystore rsso.keystore -storepass changeit -storetype JKS -providername SUN

    3. When you are prompted, enter the following details:

      Answer the questions:
      What is your first and last name?
      [Unknown]: <FQDN of the Remedy Single-Sign On Server>. The name must include the domain. Example, test.bmc.com
      What is the name of your organizational unit?
      [Unknown]: <organizational unit>
      What is the name of your organization?
      [Unknown]: <company>
      What is the name of your City or Locality?
      [Unknown]: <city>
      What is the name of your State or Province?
      [Unknown]: <state>
      What is the two-letter country code for this unit?
      [Unknown]: <country code>
      Is CN=<FQDN of Remedy SSO>, OU=<organizational unit>, O=<company>, L=<city>, ST=<state>, C=<country code> correct?
      [no]: yes
      Enter key password for <>
      (RETURN if same as keystore password): <ENTER>
    4. Navigate to the following path:
      <tomcat install directory>/conf/server.xml

    5. In a text editor, open server.xml and add the HTTPS-specific connector details.
      Example:

      <Connector
      protocol="org.apache.coyote.http11.Http11NioProtocol"
      port="9090" maxThreads="200"
      scheme="https" secure="true" SSLEnabled="true"
      keystoreFile="<Keystore location path>" keystorePass="<keystore password>"
      clientAuth="false" sslProtocol="TLS" sslEnabledProtocols="TLSv1.2, TLSv1.1, SSLv2Hello"/>
    6. Save the changes, and restart the Tomcat service.
    7. To verify that  is switched to the HTTPS protocol, launch the  URL using HTTPS. For example, https://localhost:9090
  • The version of  is 20.02.01 or later.
  • The version of  is 20.02.

  • For local authentication, users that are configured in  for the  authentication are also created in . For more information, see Configuring authentication.

  • For LDAP authentication, users are synchronized with the LDAP server in . For details, see Synchronizing users with LDAP servers.

  • To establish communication between  and :

    Do the following:
    1. Log in to the  with the admin credentials.
      URL example: test.bmc.com:<port_number>/rsso
    2. Click Realm. The list of available realms is displayed.
    3. Click the ID of the realm that you want to use for . Currently, only * realm is supported.
    4. On the Edit Realm page, navigate to the Application Domains field on the General tab.
    5. Add the domain name of the  computer. For example, test.bmc.com
    6. Save the changes.

  • Import the  certificate into the  keystore:

    Do the following:
    1. Copy the keystore that you generated to configure the Remedy SSO to the  host.

    2. Run the following command to export the  certificate from the  keystore.

      .\keytool -export -alias tomcat -keystore <KeystorePath> -rfc -file rsso.cert

      This command creates the rsso.cert file in the same directory where the keytool was run.

    3. Copy rsso.cert to the  host.

    4. Run the following command to import the rsso.cert file into the  keystore.

      .\keytool -import -v -trustcacerts -alias rsso -file <rsso.certExportedPath>\
      rsso.cert -keystore <tssadw_installation_directory>\jre\lib\security\cacerts -keypass
      changeit -storepass changeit

In addition to these prerequisites, we also recommend using separate Tomcat Servers for  and .

Configuring  for the  authentication

Do the following:

  1. Log in to the  console as a DWAdmin user.
  2. On the Configuration tab, select Remedy SSO Configuration.
  3. Click Add/Modify Remedy SSO Configuration.

  4. Specify values for the following fields:

    rsso_configurations.png

    The [confluence_table-plus] macro is a standalone macro and it cannot be used inline.

  5. Do one of the following:
    • Click Save to save the changes. The specified values are validated and the appropriate message is displayed. If you encounter any issues, do the following:
      1. On the Last Task Details page, click Run Again. The configured values are again validated.
      2. If you still face any issue, check the bds-ui log file at the following path: <TSSA-DW Home>/logs
    • Click Reset to clear the specified values.
    • Click Cancel to cancel the Remedy SSO configuration.
  6. Restart the following services:
    • Authentication Service

What's next

Log in to the  from the  login page. For details, see Launching-TrueSight-Smart-Reporting-Platform-as-a-reporting-user.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

TrueSight Smart Reporting for Server Automation 25.4