Information
This documentation supports the 23.1 version of BMC Helix Single Sign-On, which is available only to BMC Helix customers (SaaS). To view an earlier version, select the version from the Product version menu.

Manually installing BMC Helix SSO


This topic describes how to install BMC Helix Single Sign-On by manually running the installation scripts. 

Before you begin

Before you install BMC Helix SSO, ensure that your environment meets the hardware and software requirements described in System-requirements

Manual installation overview

Manual installation of the BMC Helix SSO comprises of the following stages:

  1. Deploy Remedy SSO on Tomcat web server
  2. Manually create a database for Remedy SSO
  3. Set up a database for Remedy SSO
  4. Encrypt the database password
  5. Configure the Remedy SSO web server

Task 1: To deploy BMC Helix SSO on the Tomcat web server 

  1. Install Tomcat.
  2. Deploy rsso.war to the <Tomcat>/webapps/rsso folder.

Task 2: Manually create a database for BMC Helix SSO

The database is usually configured through the installer. However, when you install BMC Helix SSO by running scripts or automation tools, you must configure the database manually.

Perform one of the following tasks to create a database:

To manually create a Microsoft SQL Server database

  1. Make sure that SQL Server is configured for SQL Server authentication and not integrated for Windows authentication.
  2. Run the following script:

    CREATE DATABASE <database>
    CREATE LOGIN user WITH PASSWORD = <pwd>, DEFAULT_DATABASE = <database>
    USE <database>
    CREATE USER <user> FOR LOGIN <user> WITH DEFAULT_SCHEMA = dbo
    EXEC SP_ADDROLEMEMBER DB_OWNER, <user>

To manually create an Oracle database

  1. Create a new schema for BMC Helix SSO. At the time of installation, select a new database.
  2. Run the following script:

    CREATE USER <user> IDENTIFIED BY <pwd>
    GRANT CONNECT, RESOURCE TO user IDENTIFIED BY <pwd>
  3. (Oracle 12c) For Oracle 12c, you must additionally grant a quota on tablespaces for the user. To do this, run the following script:

    ALTER USER <user> quota unlimited on <tablespace name>

To manually create a PostgreSQL database

Run the following script:

CREATE DATABASE "<database>";
CREATE ROLE "<user>" WITH LOGIN PASSWORD '<pwd>';
GRANT ALL PRIVILEGES ON DATABASE "<database>" TO "<user>";
GRANT ALL ON ALL TABLES IN SCHEMA public TO "<user>";

Task 3: To set up a database for BMC Helix SSO

After you create the database, perform the following steps to set up your database:

  1. Copy rsso-database-all.jar from Disk1/lib to some place on your system, for example, copy to C:\ directory.
  2. Create the database.properties file with the following content:

    database-type=<database_type>
    db-url=<database_jdbc_url>
    db-user-id=<db_user_name>
    db-password=<db_user_password>
    #db-password must be plain text value

    The database-type value and db-url format are specific to a database type. The following examples show how to properly set values for these parameters: 

    Example: SQL Server database
    database-type=MsSql
    #db-url=jdbc:sqlserver:// <DB_server_hostname>:<Port> ;instanceName= <instance_name> ;databaseName=<database_name>
    db-url=jdbc:sqlserver://AMS3-SQ-DEV01:1433;instanceName=DEV01;databaseName=whthat_dev_ar
    Example: Oracle database
    database-type=Oracle
    #db-url=jdbc:oracle:thin:@[host][:port]:SID
    db-url=jdbc:oracle:thin:@localhost:1521:XE
    Example: PostgreSQL database
    database-type=Postgres
    #db-url=jdbc:postgresql://[host]:[port]/[database]
    db-url=jdbc:postgresql://localhost:5432/rsso
  3. Ensure that the correct version of Java (Java 8, 11, or higher) is in the system path.
  4. Navigate to the directory where the rsso-database-all.jar and database.propeties files are located, and run the following command: 

    java -jar rsso-database-all.jar database.properties

    The output displayed in the console with no errors encountered  indicates that the BMC Helix SSO database tables are successfully created or upgraded. You can log in to the database management tool to verify that the tables exist.

Task 4: To encrypt the database password 

Success

Best practice
To configure BMC Helix SSO with the database settings, we recommend that you encrypt the database password.

  1. Open the command line window, and navigate to the <TOMCAT_HOME>/rsso/WEB-INF/lib.
  2. Run the following command:

    java -jar rsso-ds-<version_number>.jar <password_to_encrypt> <key_to_encrypt_the_password>

Task 5: To configure the BMC Helix SSO web server 

  1. Go to the BMC Helix SSO Tomcat folder and stop the Tomcat server.
  2. Edit the <Tomcat>/webapps/rsso/META-INF/context.xml and configure the following parameters:

    Parameter

    Description

    url

    Set to the value of the db-url parameter that you used to set up your database.

    username

    Set to the value of the db-user-id parameter that you used to create your database.

    password

    Set to the value of the db-password parameter that you used to set up your database.

    Success

    Best practice
    We recommend that you use the encrypted password value. The format of the encrypted password value is as follows: AES:<encrypted password>

    driverClass

    This value depends on your database.

    • (Microsoft SQL Server) Set the value to com.microsoft.sqlserver.jdbc.SQLServerDriver
    • (Oracle) Set the value to oracle.jdbc.driver.OracleDriver 
    • (PostgreSQL) Set the value to org.postgresql.Driver
  3. Copy the following jdbc driver libraries to the <tomcat>/lib folder:
    • sqljdbc<version_number>.jar
    • ojdbc<version_number>.jar
    • postgresql<version_number>.jar
  4. Restart the Tomcat server.

Where to go from here

Verifying-the-installation


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Single Sign-On 23.1