ITDA Manual RSSO configuration, this applies if user encounter following issues after Upgrade from version 2.7 to 11.x or if want to change RSSO servers in ITDA 1. During ITDA upgrade RSSO Configuration 2. ITDA login issues after upgrade 3. ITDA Indexer service is not able to start after ITDA upgrade 4. If just want to change RSSO servers in your current ITDA configuration |
If the enablesso CLI is ran manually on ITDA 2.7 or previous version, then during upgrade to 11.0 or 11.3, it will not ask for RSSO configuration. In such installation RSSO will not get configured properly and manual RSSO configuration needs to be performed in order to fix this. Manual RSSO configuration steps: 1. Configure below variable located in $BMC_ITDA_HOME/custom/conf/server/olaengineCustomConfig.properties file. sso.enable=false sso.type= sso.protocol= sso.host= sso.port= tsps.protocol= tsps.host= tsps.port= sso.realm= <<----- Case sensitive, if is not default realm .. please make sure is the same name as Real ID in RSSO console. sso.username= sso.password= tsps.protocol= tsps.host= tsps.port= EX: sso.enable=true sso.host=hostname.bmc.com sso.port=448 sso.realm=* sso.username=Admin sso.password=bixP5jC/PYIQCPyKQ7s0LA== sso.protocol=https sso.type=remedysso tsps.protocol=https tsps.host=hostname.bmc.com tsps.port=443 Note: Can get the encrypted password by running the utility located at $BMC_ITDA_HOME//utilities/EncryptPWD 2. Configure properties in below file. $BMC_ITDA_HOME/tomcat/webapps/console/WEB-INF/classes/rsso-agent.properties agent-id= sso-external-url= sso-service-url= Uncomment below only in case of custom tenant. #msp-deployment=true EX: agent-id=<FQDN of ITDA server> sso-external-url=https://clm-pun-XXXXXX.bmc.com:448/rsso sso-service-url=https://clm-pun-XXXXXX.bmc.com:448/rsso 3. Check the below file and please copy both tags (<filter> and <filter-mapping>) and paste after the last </filter> tag at the bottom of the web.xml file if not already added. $BMC_ITDA_HOME\tomcat\webapps\console\WEB-INF\web.xml <filter> <filter-name>RSSOFilter</filter-name> <filter-class>com.bmc.rsso.agent.RSSOFilter</filter-class> </filter> <filter-mapping> <filter-name>RSSOFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> 4. Add below properties tag in below xml file under <propertyBundle> tag. /opt/bmc/TrueSight/ITDA/itdaInstalledConfiguration.xml <property> <name>enable_rsso</name> <value>true</value> </property> <property> <name>rsso_protocol</name> <value>--https or http--</value> </property> <property> <name>rsso_host</name> <value>--RSSO FQDN--</value> </property> <property> <name>rsso_port</name> <value>--RSSP PORT---</value> </property> <property> <name>rsso_username</name> <value>Admin</value> </property> <property> <name>rsso_password</name> <value>--RSSO encrypted password--</value> </property> <property> <name>tsps_host</name> <value>-- TSPS host name FQDN--</value> </property> <property> <name>tsps_port</name> <value>--TSPS Port--</value> </property> <property> <name>rsso.realm</name> <value>--RSSO tenant * by default--</value> </property> EX: <property> <name>enable_rsso</name> <value>true</value> </property> <property> <name>rsso_protocol</name> <value>HTTPS</value> </property> <property> <name>rsso_host</name> <value>clm-pun-XXXXXXX.bmc.com</value> </property> <property> <name>rsso_port</name> <value>8443</value> </property> <property> <name>rsso_username</name> <value>Admin</value> </property> <property> <name>rsso_password</name> <value>Ub/zoNW2RNrSbDSwDJKQCg==</value> </property> <property> <name>tsps_host</name> <value>clm-pun-XXXXX.bmc.com</value> </property> <property> <name>tsps_port</name> <value>443</value> </property> <property> <name>rsso.realm</name> <value>*</value> </property> Restart the service of ITDA server component. Note: For custom tenant, update realm value accordingly. |