This documentation supports the 9.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Configuring the Kerberos module

This topic provides instructions for configuring the Kerberos module.

To configure the Kerberos module

  1. Configure BMC Atrium Single Sign-On so that it uses Kerberos authentication:
    1. From the Realms panel, select BmcRealm and click Edit.
    2. Verify the User Profile settings are correct for your application. For more information, see User Profile section in the Realm-Editor.

    3. In the Realm Authentication panel, click Add Realm Authentication – Kerberos.
      For information about Kerberos authentication parameters, see Kerberos configuration parameters.

      Ensure that you specify the same SPN as you used when you created the keytab file or specify the same user identify that was mapped to the BMC Atrium Single Sign-On SPN when using a password. If you have issues related to SPN, see Invalid-service-principal-name-in-Kerberos-authentication.

    4. Remove the default Internal LDAP authentication from the Realm Authentication panel.
    5. Restart the BMC Atrium Single Sign-On server.
  2. To verify the Kerberos authentication, enter the BMC Atrium Single Sign-On URL in the following format in a web browser:
    https://<fully.qualified.domain.name>:<port>/atriumsso/UI/Login?realm=BmcRealm.

Kerberos configuration parameters

When adding or editing a Kerberos module, the following parameters are available:

Some content is unavailable due to permissions.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*