Skip navigation
Share:|

Trending this month: LDAP Authentication with BPPM

BPPM provides the ability to allow users to authenticate using LDAP. This is becoming a very popular method for configuring users and groups to access BPPM.

 

 

If you want to enable LDAP-authentication with BPPM, please go through the following steps:

In pw\pronto\conf\ias.properties:

#-----------------------------------------------------------------
# Enable/disable LDAP login module.
# When it is enabled, "ldap_configuration.xml" file has to be filled.
#-----------------------------------------------------------------

  1. com.bmc.sms.ixs.enable.ldap.login=true

#-----------------------------------------------------------------
# Allow local, file-based, user groups to apply to LDAP authenticated users.
# When it is enabled, groups defined for users in the user_definitions.xml file
# will apply to the user when authenticating through LDAP.
#-----------------------------------------------------------------

  1. com.bmc.sms.ixs.allow.local.groups.for.ldap=true

#search for this group only in Ldap

  1. com.bmc.sms.ixs.search.ldap.group=IX Users,BPPM Users

This is an example of an ldap_configuration.xml file:

<ldap alias="SAM.COM">
         <host>kratos.sam.com</host>
         <port>389</port>
         <version>3</version>
         <baseDN>dc=sam,dc=com</baseDN>
         <connectionUserName>struong@sam.com</connectionUserName>
        <connectionPassword encrypted="true">jgDY86jLiVcnIw52M4m2tScjDnYziba1JyMOdjOJtrUnIw52M4m2tScjDnYziba1JyMOdjOJtrUnIw52M4m2tQ==</connectionPassword>

         <userIdAttribute>sAMAccountName</userIdAttribute>
         <useSSL>false</useSSL>
         <groupMemberAttribute>member</groupMemberAttribute>

<memberOfAttribute>memberOf</memberOfAttribute>
         <userSearchFilter>(objectClass=organizationalPerson)</userSearchFilter>
         <groupSearchFilter/>
    </ldap>

In the  ldap_ppm_group_mapping.xml make the following changes:

<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<!--
     Each entry's key is the LDAP group name and the value is the PPM group assigned to it.     E.g.

          <entry key="ldap_group1">PPM Group1</entry>
-->

<properties>
    
<entry key="IX Users">Full Access</entry>
     <entry key="BPPM Users">Full Access</entry>
</properties>

Properties.png

BPPMProperties.png

Or via an LDAP browser:

Mapping.png

Voilà, you should be now able to log into BPPM using the LDAP users.

If you encounter any difficulty, please do not hesitate to contact Customer Support for assistance.

 

LDAP Q&A
Users have had several questions about LDAP recently, which shows us you are using the feature and want to know more about it, so here are some quick questions and answers.

Q: Can we have separate BPPM role/permissions for different users under one LDAP group?
A: Yes it is possible to map LDAP user to BPPM group/role/permission. The way to do is is to map the LDAP group to BPPM user group.

Open the pw/pronto/conf/ldap_ppm_group_mapping.xml file using a text editor and create a map between the Windows Active Directory domain group and BPPM Server.

Replace the default entry:
<entry key="Group1">Full Access</entry>
with the actual values. Please only remove this line and add actual entries. Don’t edit any other line in the file.

For example, for a Windows domain group called ITgroup,. to map "ITgroup" to a ProactiveNet group called "BPPM Administrators" add the following entry to the ldap_ppm_group_mappings.xml file:

<properties>
<entry key="ITgroup">BPPM Administrators</entry>
</properties>

Note:

a) Note that IT group is in double quotes and BPPM Administrators is not in quotes. Follow the same syntax.

b) If there are multiple Windows domain groups, than add a new line entry in the ldap_ppm_group_mapping.xml file for each domain group. For example to map "SecondITgroup" to a ProactiveNet group called "BPPM Viewers" the ldap_ppm_group_mappings.xml file will look like:

<properties>
<entry key="ITgroup">BPPM Administratorss</entry>
<entry key="SecondITgroup">BPPM Viewers</entry>
</properties>

 

 

Q: Do I have to restart the jserver every time I make changes to my LDAP configuration?
A: For versions prior to 9.0 you do, but with 9.0.2 we released Service Pack 2 (Version 9.0.22) which has a fix that does not require a restart of the jserver

https://docs.bmc.com/docs/pages/releaseview.action?pageId=349176102#ServicePack2(Version9.0.22)-ConfiguringtheLDAPserverdoesnotrequireaserverrestart

Instructions to download Service Pack 2 can be found here:
https://docs.bmc.com/docs/display/public/PN90/Downloading+Service+Pack+2

Q: With this new Service Pack 2 feature will the reset be available through a command line call?
A: The reset is done through the BPPM Operations console.  Options -> Administration -> Integrations (edit) -> Apply

Q: Is there any thought to enhancing BPPM LDAP to retry a command if it fails by going back to the server pool?
A: This idea is being tracked by RFE QM001651429.  BMC hasn't assigned a target BPPM version to this request at this time.

Q: When using LDAP is there logging of which specific server BPPM goes to for a request?
A: This is not logged presently. We have an enhancement request open for this QM001780455.  BMC is investigating whether it is feasible to get this into a future BPPM release.

Q: I have users who are not members of the BPPM Administrators groups are unable to access any event/device information under the “Devices” folder in the main accordion.  I have attempted to assign “all CI” permissions in their group definition, but when I do that, they ‘hang’ at login with the spinning “Loading Data” wheel in the main accordion and “application initializing” in the main window, what can I do?
A: This is identified as Defect QM001788242 which is corrected in BPPM Service Pack 2, please download and install the Service Pack at your convenience.
https://docs.bmc.com/docs/display/public/PN90/Downloading+Service+Pack+2

 

Didn’t answer your question? Let’s check our Knowledge Base for LDAP specific Knowledge Articles. http://www.bmc.com/support/knowledge-base/

KA395193  Change of Mechanism with 9.0.20 version of BPPM with respect to LDAP Refresh 

KA353587  ProactiveNet support for LDAP, AD or NIS users and group configuration

KA386757  How to perform LDAP authentication without mapping the LDAP group with BPPM.

KA354768  Unable to validate user. User doesn’t exist error when using LDAP user to login to BPPM Console

KA353902  LDAP authentication failing for BPPM. The ias0.log shows error 52e

KA396229  What is the correct syntax for the 'Group Search Filter' when configuring LDAP for BPPM?

KA367409  Configuring BPPM 8.6.02 server to authenticate to LDAP server. LDAP Group not being picked up as evidenced in the ias0.log file.

 

Computer.png

 

Popular Knowledge Articles:

KA359241  Both BPPM Admin and User console cannot login, "iadmin -lc" command cannot get reply

KA313851 ProactiveNet Agent supports failover but there doesn't appear to be any failover methodology for BMC PATROL Proxy - pproxysrv. Is there any failover methodology for pproxysrv?

KA347978  How can I ensure that a BPPM PATROL adapter has automatic workflow disabled? 

KA301274 Configuring SNMP Trap Receiver Monitor

KA313556 ProactiveNet to BEM Alarm Priority... Mappings between ProactiveNet and BEM - available slots.

 

 

Idea.png***** BMC Ideas *****Idea.png

Don't forget you can provide Ideas or enhancements you would like to see in our products. Tell us what you want!

Introducing Ideation
Accessing Ideas
Interacting with Ideas
Submitting Ideas

 

Feedback

Was this helpful?  Are there related topics I missed? Please add comments to share your experience.

Share:|

Webinars are back!

 

Our first topic for this series is, “Managing & Resolving Data Gaps in BPPM” and is scheduled for July 18th. This Webinar covers proper architecture and configuration to avoid data gaps in BPPM v8.6 and v9.0.  The process of troubleshooting and resolving data gaps is also covered.  Specific scenarios that cause data gaps are also included.

 

Topic: BPPM Webinar Series: Managing & Resolving Data Gaps in BPPM
Host: Cedric Rawls
Date and Time: Thursday, July 18, 2013 10:30 am, Central Daylight Time (Chicago, GMT-05:00)
-------------------------------------------------------
To register for the online event
-------------------------------------------------------
1. Go to https://bmc.webex.com/bmc/onstage/g.php?d=757799899&t=a&EA=_2f788%40bmc.com&ET=2373d7c734a806c933ee8e23fed6590c&ETR=ed309b8dedc5e9c38b6556e3b1ae096c&RT=MiM3&p
2. Click "Register".
3. On the registration form, enter your information and then click "Submit".

 

Once the host approves your registration, you will receive a confirmation email message with instructions on how to join the event.
-------------------------------------------------------
For assistance, please contact Cedric Rawls at: cedric_rawls@bmc.com

Future sessions in the series will cover other significant areas within our BPPM monitoring solution such as:

-        Duplicate Devices

-        Migration

-        Intelligent Incidents and Event Management

-        vSphere Monitoring

-        Administration of BPPM

 

Links to previous webinar series recordings are located below:
BPPM 8.6 Best Practices Webinars https://communities.bmc.com/docs/DOC-18448
BPPM 9.0 Best Practices Webinars https://communities.bmc.com/docs/DOC-21385

 

If you know of anyone who wants to be included in the notices/invites, please send an email to Cedric Rawls crawls@bmc.com.

 

Trending this month: SNMP Monitoring in ProactiveNet

 

We see many different types of issues with ProactiveNet and we do our best to help customers get up and running as quickly as possible.

 

One topic where we have received a few questions over the last month has to do with SNMP polling/monitoring within ProactiveNet.

Does BPPM 9.0 support SNMP get polling? The SNMP adapter is marked deprecated in the Admin Console and the SNMP Configuration Manager, based on the documentation, appears to only be a TRAP receiver. Is there a polling agent or KM we can use? What does BMC recommend for SNMP monitoring in PNET?

 

1) The SNMP Configuration Manager is a TRAP receiver in ProactiveNet

 

2) Even though the native BPPM SNMP monitor is marked deprecated we are still supporting it.

2a) See the 8.5 BMC ProactiveNet Administrator Guide for more information about the monitor wizard

                                http://documents.bmc.com/supportu/documents/66/31/166631/166631.pdf

 

3) Another option available is the Sentry Software's Monitoring Studio KM for PATROL

3a) See page 142 "SNMP Polling" of the Monitoring Studio KM for PATROL 8.6.53 User Documentation

                               http://documents.bmc.com/supportu/documents/60/87/246087/246087.pdf

 

 

Another user encountered questions about the SNMP Adapter in BPPM:

 

 

 

We have to configure the SNMP Event adapter in order to be able to receive SNMP traps in BPPM.  What are the details to install the adapter? Where do we find more information about configuring the SNMP Event Adapter?

 

 

The following guide references the SNMP Event and Impact Event Adapter Configuration in detail.

http://documents.bmc.com/supportu/documents/65/69/106569/106569.pdf - Chapter 5 Using the SNMP Adapter Configuration Manager

 

Should you encounter any issues after reading through the installation details, please contact support for further assistance. Customer_Support@bmc.com

Computer.png

 

Popular Knowledge Articles:

KA362420 - IBRSD services keeps intermittently crashing.

KA346929 - ProactiveNet server will not start since it ran out of disk space.

KA328581 - How can I clear all events and alarms from BMC ProactiveNet Performance Manager Server?

KA301444 - How to customize Max Heap Size or other JVM parameters for ProactiveNet Processes?

KA326828 - How can I view a custom event slot in BPPM operator console ?

 

Idea.png ***** BMC Ideas ***** Idea.png

                    (formerly known as Enhancement Requests)

 

BMC Ideas is a new way to provide enhancement requests within our growing BMC Communities. We are offering you the opportunity to submit on and vote for your requests for enhancement for your favorite BMC Products!  Check out these short video presentations detailing how to get started with BMC Ideas.

Introducing Ideation

Accessing Ideas

Interacting with Ideas

Submitting Ideas

Share:|

Coming Soon:

Our BPPM Webinar series hosted by Subject Matter Experts will resume in the near future, be sure to stay tuned for the dates and topics for our Webinar series.  If you have ideas about topics of interest you would like us to elaborate on, please let us know and we will investigate.

 

Trending this month: Database Questions

 

There have been issues opened around the BPPM Database, database version, questions on whether it can be migrated from Sybase to Oracle and vice versa.  So here are a few database basics to help in case you were wondering.

 

You can use either Sybase or Oracle as the BMC ProactiveNet database. You can use the Installation Guide as your reference to install either an Oracle backend or a Sybase backend. Sybase is integrated with BMC ProactiveNet.

 

See “Installing BMC ProactiveNet Server with Oracle as the database” on page 58 of the BMC ProactiveNet Installation and Configuration Guide available on our Support Web Site http://webapps.bmc.com/support/faces/az/prodversion.jsp?prodverseqid=316178&ic=0

 

If you are using Sybase ASA as the BMC ProactiveNet Database on a UNIX or Linux operating system, follow the appropriate steps for your shell to set up the environment so that you can run the Sybase client. This is detailed starting on page 113 of the ProactiveNet Installation and Configuration Guide mentioned under “Configuring the Sybase environment on UNIX or Linux”

 

There have been several questions about migrating the ProactiveNet database from one platform to another.  For example: Is it possible to migrate BPPM from the embedded Sybase database to an Oracle database?

There is no in-house or other BMC supported mechanism to migrate from Sybase to Oracle with BPPM. If you wish to move from Sybase to Oracle backend, a fresh install of BPPM would need to be performed.

 

We also see version questions about different database platforms, for example: What are the supported Oracle database versions for BPPM versions 8.6.02 and 9.0.00?  Does BPPM support Oracle version 11.2.0.3?

BPPM versions 8.6.02 and 9.0.00 supports Oracle version 11.2.0.2 and higher (within Oracle 11g).  BMC does not validate every patch version and the assumption is that Oracle would not regress.  While there are no known conflicts with Oracle 11g R2 Patch 3 (11.2.0.3), only Oracle 11g R2 Patch 2 (11.2.0.2) has been tested and validated by QA.

 

***NOTE*** BMC Software recommends that you back up the database regularly. Use any of the following utilities to create a backup of the BMC ProactiveNet database and restore the database when necessary:

BMC Database Recovery Manager for Oracle
RMAN
Any other Oracle recommended backup and recovery utility

 

Here are a few of our Knowledge Articles specifically about databases in ProactiveNet:

KA350479 - Command Syntax and Parameters for Database Validation using 'pw database validate' or 'dbvalid'

KA356762 - How to check the data collection in BPPM database

KA350682 - How can I install BPPM 8.6 with Oracle as the backend database? How can I specify it is an Oracle RAC database?

KA315829 - What is the default username/password for the ProactiveNet (Sybase) database?

KA316091 - Is it possible to export BMC ProactiveNet Performance Manager (BPPM) data to an external database?

KA329501 - The BPPM 'pw database archive' command returns error on windows.

KA313513 - How to backup ProactiveNet database while database is running?

KA311853 - What is the procedure to rebuild the ProactiveNet Database?

 

As you can see there are many questions about the ProactiveNet Database, if you have one that needs to be answered, please do not hesitate to contact customer_support@bmc.com, call us at 1-800-537-1813, or Chat with us online from various access points via www.bmc.com/support

 

Computer.png

Here are some of our general knowledge articles which have been helpful to other customers. Take a look to see if they may help you.

Popular Knowledge Articles:

KA355029- ProServices.log in a clustered environment shows "MCELL service is Not running" and "A CELL service is Not running"

KA287306 - How to Delete ProactiveNet Auto Sync Monitor Instances and devices from the system with respect to BMC Patrol Adapters?

KA317405 - Unable to add remote device or agent to BMC ProactiveNet Performance Management. 

KA328879 - BMC ProactiveNet Performance Manager unable to authenticate with LDAP server. LDAP user groups are not returned.

KA346952 - ProactiveNet takes a long to time start.

 

Idea.png***** BMC Ideas ***** Idea.png

NEW!

 

BMC Ideas is a new way to provide enhancement requests within our growing BMC Communities. We are offering you the opportunity to submit on and vote for your requests for enhancement for your favorite BMC Products!  Check out these short video presentations detailing how to get started with BMC Ideas.

· Introducing Ideation

·Accessing Ideas

·Interacting with Ideas

·Submitting Ideas

Share:|

Welcome to the new monthly blog for users by BPPM Support.
Our new blog replaces our monthly newsletter by providing a more interactive forum here in our BMC Communities.  This blog is intended to cover topics that are trending in BPPM support over the past month, where we'll expand upon a top trending topic to provide some more clarity to a wider audience.

 

Trending this month: BPPM Data Consistency Report

One kind of issue we still hear a lot from customers is missing data issues.  There is a great new resource available to identify this situation, and we are trying to make sure everyone knows about it. This feature is being developed so look for more documentation regarding its functionality in the future.


BPPM 8.6 Service Pack 3 introduced a new Data Consistency Report. The report, while not documented in the Release Notes, is available in Service Pack 3. The Report is designed to identify data gaps of monitored instances. For example, the report contents will list the monitor instances that receive NO_DATA/NO_RESPONSE data values during polls.

 

NOTE: This is a replacement to the “runjava apps.SysInfo.SysInfo” command to report on data gaps in BPPM.

 

In a nutshell:

 

Add the following entries to \\Program Files\BMC Software\ProactiveNet\pw\custom\conf\pronet.conf:

#####
pronet.rate.datagapcheck.enable=1
pronet.rate.datagapcheck.emailNotification=1
pronet.rate.datagapcheck.checkinterval=60
pronet.rate.datagapcheck.xmlfileretention=30
pronet.rate.datagapcheck.senddetailedoutput=1
#####

 

  • The property pronet.rate.datagapcheck.enable  enables/disables data consistency report check.
  • The property pronet.rate.datagapcheck.emailNotification  turns on/off email notification.
  • The time interval pronet.rate.datagapcheck.checkinterval default value is 60 minutess. It is recommended to keep a large value to avoid any false positives.
  • The property pronet.rate.datagapcheck.xmlfilerentention defines the number of days to retain xml files.
  • A XML snapshot file is stored in pw/pronto/web/html/datagapsnapshots directory at the end of time interval. The file is stored as date+timestamp as file name.
  • The property pronet.rate.datagapcheck.senddetailedouput allows us to send detailed output via email notification.
  • The reports can be accessed with URL http://servername/jsp/DataGapStat.jsp.
  • The Rate process needs to be restarted for these changes to take effect:
    pw p r rate

 

Take a look:

The data graph for Processors monitor instance indicates gaps from Fri Aug 15 11.08.46 PDT 2012 to Fri Aug 15 11:38:47 PDT 2012 .

Graph1.png

The data values from Wed Aug 15 show the following:

ChartData.png

The email report indicates Processors monitor instance has data gaps.

Email Report.png

The Data Consisteny Report UI Data:

GUI Report.png

 

Knowledge Articles

In case you missed them, check out these other Knowledge Articles related to Data Collection and/or Reporting in BPPM:

 

 

KA369012 - How to delete data from BPPM Reporting Database?

KA363827 - How to get alerted when agents stop monitoring in ProactiveNet.

 

Elsewhere in BPPM, let’s take a look at some of the most commonly accessed Knowledge Articles. These are the top trending Knowledge Articles over the last month. Have a look to see if you this information may help you.

 

Popular Knowledge Articles:

KA325129 - Solaris agent crashes consistently on Solaris systems while monitoring processes and processors and when executing detail diagnostics command for top processes.

 

 

KA373700 - 'No instances were discovered. Monitor may not be supported on the remote agent.' when adding/editing a BPPM Adapter for BMC Performance Manager Portal

 

 

KA369400 - Why are we only setting up the PNservice in Failover Cluster Manager? Is there any other way to configure BPPM Server to move to other node when a key service is going down?

 

 

KA352822What Windows user rights are needed to run the BPPM Administration Console as a non-administrator user?

 

 

 

 

KA349241 BPPM reporting cell configuration problem - BMC-IMC080012E Unkown Client

 

BMCChat.jpg

 

Don’t Forget about BMC Chat

This feature launched in October 2012 is intended for short queries or quick answer type of questions. You can access the chat from various points along the www.bmc.com/support site.  Don’t worry, if you are not sure if your question is a quick one, ask us! If needed, we’ll spawn an issue and continue to work through a support issue.  This is another way we look to keep up with our customers and to be there when you need us!

Filter Blog

By date:
By tag: