This documentation supports the 9.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Configuring BMC Atrium Single Sign-On with mid tier deployed as a shared service

BMC Atrium Single Sign-On is the first step in authentication for BMC Remedy Action Request (AR) System. Before onboarding a tenant in BMC Remedy Mid Tier, BMC Atrium Single Sign-On must set the corresponding properties in BMC Atrium SSO Admin Console so that each mid tier tenant can be onboarded successfully.

Configuring BMC Atrium Single Sign-On to enable onboarding of a tenant

Perform the following tasks to enable multiple realms and map them to the web agent so that the mid tier can be deployed as a shared service in multi-tenant environment. After installing BMC Atrium Single Sign-On, BMC Remedy AR System, and BMC Remedy Mid Tier, you must enable onboarding of a tenant in BMC Atrium Single Sign-On so that the mid tier can onboard a tenant.

To enable onboarding of a tenant

  1. Install BMC Atrium Single Sign-On as a High Availability cluster — Perform the installation steps described in the topic.

    Note

    If you are not using BMC Atrium Single Sign-On as a High Availability (HA) cluster, see Installing-BMC-Atrium-Single-Sign-On-as-a-standalone for installation steps.

  2. Run the BMC Atrium Single Sign-On installer on the AR System server — Perform the BMC Atrium Single Sign-On integration with the AR System servers for each tenant in a cluster.
  3. Review AR System server external authentication settings — Before configuring BMC Atrium Single Sign-On, you must configure group mapping for external authentication in each BMC Remedy AR System server in a cluster.
  4. Run the BMC Atrium Single Sign-On installer on the mid tier — After you integrate AR System servers on the computers on which the AR System server is installed, you must run the BMC Atrium Single Sign-On installer on the computers on which the mid tier is installed.
  5. Enable multi-tenancy support — Set the value of the allow.tenant.admin and allow.multiple.realms parameters to true in the web.xml file.
  6. Add a tenant realm on the Realms panel — Add a new realm in BMC Atrium Single Sign-On so that single sign-on is seamlessly available for the new tenant. To add realms in a BMC Atrium Single Sign-On server, use the Realms panel on the BMC Atrium Single Sign-On Admin Console.
  7. Edit the tenant realm — Set the realm authentication, federation, or user stores configuration values by using the tabs on the Realm Editor form. The new realm does not contain the values necessary for authentication.

  8. Map the realm URLs to an agent — You must map the agent URLs to specific realms on the Agent Editor console for successful authentication using BMC Atrium Single Sign-On. This mapping helps the BMC Atrium Single Sign-On server to recognize requests from different tenants.

    Tip

    You can also enable automatic mapping of realm URLs to an agent.

  9. Configure BMC Atrium Single Sign-On settings for AR System — This step is used in conjunction with the AR Data Store to retrieve group information and other user attributes from the AR System server for each realm.
  10. (Optional) Run a health check on the BMC Atrium Single Sign-On installation — After you finish all the preceding steps, run a health check of your integration of BMC Atrium Single Sign-On with each mid tier.

You can now onboard a new tenant in BMC Remedy Mid Tier. After the mid tier is configured as a shared service, you can identify and authenticate user logon requests from different tenants by using BMC Atrium Single Sign-On.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*