Re: Want to implement Single Sign-On(SSO)
John Didn't state single user repository just authentication repository. SSO will allow you to setup multiple repositories (LDAP, RSA, CAC, Local, etc.). That's why my original question was what exactly is SSO going to be used for. If it is to provide LDAP capabilities for Mid-tier then there are better ways to handle this. If you are looking at implementing both Analytics and ITSM then SSO could work, but it is not without a lot of work to get it working right. If you are looking at SSO to automagically authenticate you to various apps based on your network login when you logged into the box then BMC SSO will not work for that. I have successfully setup SSO in a dev environment against multiple repositories. However, we pulled the plug on production because at the time it was not compatible with encryption and I didn't feel it was ready for prime time. This was for a 7.6.04 environment. Looking at Hari's original questions: 1. Hard to answer without knowing exactly what you are trying to do. 2. Java System Solutions is a third party that has designed a SSO plugin for AR System 3. Upgrading can be a good and bad thing for many reasons. SSO probably shouldn't be your driving force to upgrading to 7.6.04. Other queries: a. License questions are probably best asked to your BMC Account Manager. They know your account structure best. b. validation parameter? Not sure what you're looking for here c. BMC SSO has its own access manager/administration tool and doesn't require the use of Oracle Access Manager. BMC SSO is loaded on a separate web server from the mid-tier. It uses 32 bit were as Mid-tier can use 64 bit. No you can try to get these working on the same web server, but it is not recommended. I still would need a better understanding of the requirements to provide decent answers. Brian -Original Message- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of John Baker Sent: Tuesday, May 15, 2012 2:51 AM To: arslist@ARSLIST.ORG Subject: Want to implement Single Sign-On(SSO) Brian Ref: Single user repository I think BMC believe OpenSSO gives them a single user repository but it doesn't. Each product still requires user management, so a user that exists in AR System must be manually managed in SAP BOXI (BMC Analytics). One of the many features in SSO Plugin is the ability to automatically manage these third party repositories. John ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
Re: Want to implement Single Sign-On(SSO)
Can I ask what is your plan or method for doing it? Like do you need CAC? Certs, or just AD authentication? Do you require secure methods? 686 vice 389 (or what ever)? Just wondering Sent from my iPhone On May 15, 2012, at 2:51, John Baker wrote: > Brian > > Ref: Single user repository > > I think BMC believe OpenSSO gives them a single user repository but it > doesn't. Each product still requires user management, so a user that exists > in AR System must be manually managed in SAP BOXI (BMC Analytics). > > One of the many features in SSO Plugin is the ability to automatically manage > these third party repositories. > > > John > > ___ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
Re: Want to implement Single Sign-On(SSO)
What exactly are you looking to use SSO for? You can do LDAP authentication without SSO in place. If you're looking for the user to automatically be authenticated to Remedy Mid-tier based on their network login, BMC SSO will not do this to my knowledge. What the BMC SSO piece will give you is a authentication repository if you will of user accounts and passwords, which other BMC products can utilize (ITSM and Analytics). Theoretically if your logged into one you can use all without re-authenticating. I believe there are a few people on the thread that have used javasystems SSO tool and could chime in on its capabilities. Brian From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Hari Vishwakarma Sent: Monday, May 14, 2012 6:40 PM To: arslist@ARSLIST.ORG Subject: Want to implement Single Sign-On(SSO) ** Hi All, Hope you all are doing well, this is with reference to one of my requirement of implementing SSO in Remedy environment. My Current Remedy Setup is : Platform: OS= Windows 2003 Server Database= SQL Server 2005 Remedy AR Server = 7.5.004 Remedy ITSM Apps Version= 7.6.001 Users were LDAP authenticated. Midtier Env: OS= Windows 2003 Server Web Server= Apache Tomcat I want to implement SSO in my environment with my current setup. But i am not getting the clear picture of how to implement this.Till date, what i found that: 1. Can be achieved through customized SSO: In this, we need to write some external java class which will authenticate the users.Here, my question is "Is there any need of any extra web server depending on my current environment. I heard of web access manager by BMC,Oracle,etc".Plz suggest. 2. Third party provided SSO solutions. 3. To upgrade my existing version to 7.6.04, where BMC has provided the SSO solution. Other queries of mine are: a. SSO requires license or not, if yes, then shall we need to take a call with BMC for license. b. what validation parameter should i consider while implementing SSO. c. Shall we need any Web access manager for implementing SSO.And if i am going for Oracle web access manager, will it create some compatibility issue with SQL server 2005. Any help or any suggestions will contribute a lot. Thanks & Regards Hari E-mail:- hsvishwaka...@gmail.com _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
