Out of support This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Configuring Kerberos authentication in High Availability mode

To configure Kerberos authentication with the BMC Atrium Single Sign-On server running in High Availability (HA) mode, you must perform the following procedures:

  1. Configure HA mode the for BMC Atrium SSO server, and ensure you can reach the server through the load balancer (LB).
  2. Configure MIT Kerberos authentication with Microsoft Windows Active Directory.  For more information, see Configuring-Kerberos-authentication-with-Active-Directory.
    1. Generate a keytab for the service principal.
    2. Map the Kerberos service name.

    3. Configure the BMC Atrium SSO server.

      Note

      Though, the overall steps for configuring Kerberos authentication in HA mode are the same as in Configuring-Kerberos-authentication-with-Active-Directory, you must change the following steps:

      • When you create the keytab file in step 2a and the SPN mapping in step 2b, use the name of the load-balancer host instead of the name of the BMC Atrium Single Sign-On server host..
      • When you open the BMC Atrium Single Sign-On application in a browser, use the host name and port number of the load-balancer instead of the host name and port number of the BMC Atrium Single Sign-On server; for example, https://<Loadbalancer>:<port>/atriumsso/UI/Login?realm=BmcRealm.

       

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*