Setting up users and user groups

Remedy Single Sign-On (Remedy SSO) is an authentication system that supports various authentication protocols and provides single sign-on for users of BMC products. Remedy SSO is used in BMC Helix solutions (BMC Helix SSO) to support seamless authentication for users.  For more information about Remedy SSO and BMC Helix SSO, see Remedy SSO overview.

The SSO Tenant Administrator is responsible for setting up the details of all the users who are permitted to use the BMC Helix Capacity Optimization product. 

Single Sign-On can be configured to provide authentication using the following:

  • Local user management 
  • External authentication: LDAP or SAMLv2

The information in the following section provides instructions on setting up local user authentication. For details on setting up external authentication, see Configuring LDAP or SAML.

Setting up local user authentication

The Local User Management section in the Helix Single Sign-On console allows to you add local users and groups (roles) to a realm.

hsso_users.PNG

Adding a user 

In the Helix Single Sign-On console, click Local User Management > Users, and do the following:

  1. Select a realm from the Realm list.
  2. Click Add User, and add the following details:
    • Enter the login name for the user. The Login name is case insensitive. You cannot modify the login name after it is created.
    • In the User Name field, enter full name for the user.
    • Set the password for the user. Ensure that you do not include spaces at the beginning or end of the password. Spaces are allowed between the first and last password characters.
    • Retype the password.
    • (Optional) Provide a description of the user.
    • (Optional) Select this option to enable or disable a user in the BMC application. 
  3. Click Add.

Editing a user

  1. From the Users page, click Edit from the Action list for the user. 
  2. Make the required changes, and click Save

Searching for a user

  1. In the search field of the Users tab, enter the search criteria using the following format and then press Enter.
    text=<searchText/*> AND enabled=<true/false/*>

The following table describes how to use the search criteria:

Search criteria

Description

text=<searchText/*>

Use text= to enter a string to search for the value of one of the following fields:

  • User Name
  • Login Name
  • Description

You can pass a partial search value enclosed in % for text to search for all users having the partial search value in one of the User Name, Login Name, or Description fields.

You can use an asterisk as a wildcard to return all users.

Examples:

  • text=BMC returns users with the exact value of "BMC" in one of the 3 fields.
  • text=%BMC% returns users with "BMC" as a partial value, such as "BMCadmin" as User Name.
  • text=* AND enabled=true returns all enabled users.
enabled=<true/false/*>

Use enabled= to enter a string to search on users' enabled state.

You can use an asterisk as a wildcard to return users in any enabled state.

Examples:

  • enabled=false returns disabled users.
  • text=* AND enabled=* returns all users (enabled and disabled).
  • text=BMC AND enabled=true returns all enabled users with the exact value of "BMC" in one of the 3 fields.


Changing the user password 

If users forget their passwords or if a password is not kept secure, you can assign a new password.

  1. From the Users page, click Change Password from the Action list for the user. The Change Password window is displayed. 
  2. Enter the new password, then enter the password again in the Confirm Password field.
  3. Click Change Password.

Deleting a user 

From the Users page, click Delete from the Action list for the user. 

Managing groups

From the Group (Roles) tab, you can add groups (roles) to a realm, add users to groups (roles), and remove users from groups (roles).

hsso_groups.PNG

Adding a group (roles)

You can set up new users and assign them to groups. 

  1. In the Helix Single Sign-On console, click Local User Management > Groups (Roles).
  2. Select a realm from the Realm list.
  3. Click Add Group (Role), and add the following details:
    • Group (Role) Name: Enter the group (role) name. You cannot modify the group (role) name after it is created.
    • Description: Enter a description for the group (role) name.
  4. Click Save in the Action list.

Adding users to or removing users from a group

  1. From the Groups (Roles), Locate the group (role) and click Assign/Remove User(s) in the Action column.
  2. Use the appropriate procedure to assign or remove users to or from the group (role).
    • To assign users to a group (role): In the Available Users column, select the required or all users and click Assign to move the users to the Assigned users column. You can also search for users in the Search field. 
    • To remove users from a group (role): In the Assigned User column, select the required or all users and click Remove to move the users to the Available users column.  
  3. Click Done.

Deleting a group (roles)

From the Group (Roles) page, click Delete from the Action list for the group. 

Configuring LDAP or SAML

To enable integration with LDAP or SAML, contact the BMC SaaS Service Desk or your Onboarding Project Manager. For details, see Authentication options.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*