Remedy - Server - Configuring AR System to run without the "Db-user" and "Db-password" parameters in the ar.cfg file

Version 3
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    Remedy AR System Server


    AR System


    Remedy AR System Server installation using the Windows Authentication mode.


    Due to security policies the Database User and Password used in the AR System installation cannot be present in the ar.cfg file.
    Can AR System run/work without having the Database User and Database Password parameters present in the ar.cfg file?
    Is there a way to use an alternative Database connection in order for this information not to be present in the configuration file?


    Please check the following procedure.
    Note, this procedure applies to Windows OS and MSSQL databases only.
    ARS can be installed using the Windows Authentication mode instead the SQL Authentication mode.

    The existing documentation provides the following information:

    Windows Authentication mode and the Microsoft SQL Server
    Choose one of the following authentication modes when you install the BMC Remedy AR System server:

    • Windows authentication — For SQL Server environments that support only Windows authentication mode.

      When you use the Windows authentication mode with SQL Server note the following:

      • To install or upgrade the BMC Remedy AR System Server on the Windows Server, you should log on the Windows Server with the domain account used for Windows authentication mode.
      • The domain account used with Windows authentication mode should be a full administrator on the Windows Server and should have db_securityadmin and setupadmin roles in SQL Server. The domain account should be Database Owner (dbo) of the BMC Remedy AR System database.
      • When the install or upgrade completes, it is possible to deny certain policies to the domain account used with Windows authentication mode for security reasons. The DBA should ensure that denying policies should not result in the loss of functionality. For any upgrades later, all the policy restrictions should be removed and the domain account should be returned to full administrator until the upgrade completes. 
    • Windows authentication or SQL Server authentication — For SQL Server environments that support mixed authentication mode.

    To find the supported authentication mode for your SQL Server environment, connect to the SQL Server instance from Management Studio > Server Properties > Security.


    Once ARS has completed the installation in the ar.cfg the parameters will be displayed, example:
    Db-user: {Domain_Name}\Administrator
    Db-Server-Port: 1433
    Db-Type: sqlserver
    Db-Host-Name: {DB_Hostname}
    SQL-Secure-Connection: T
    Db-password: I01lL3lRbza4eh1237OM3iVubVp+Zhu05XLuFsHwW8WQCtIUxTR1NFO5hhGitrKgdTA/0tVHr4uAbMrpkoZ9DTU070Up57UT5F8iuydzpSiK9H1Pq3JK2g==

    - We can remove the parameters Db-user and Db-password from the ar.cfg and save the file.
    - Also check in the Centralized Configuration form and remove them form the component com.bmc.arsys.server
    - Restart the AR System service.
    - The application will start and work as expected.

    Be aware that the permissions are taken at Service level, example:

              User-added image

    Note: If the OS user's password changes it will need to be update in the Service as well.




    Article Number:


    Article Type:


      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles