General Remedy SSO Questions including Disaster Recovery plan

Version 1
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Remedy Single Sign On


    COMPONENT:

    Remedy Single Sign On


    APPLIES TO:

    Remedy SSO FAQ



    QUESTION:

    General Remedy SSO Questions including Disaster Recovery plan


    ANSWER:

    1) Can we installl RSSO on one of our PROD Miditer for authenticating DEV ARS, Midtier, MyIT & SmartIT since we don't have latest OS in our DEV Midtier. Does this work out like across environments ?

    Ans:  BMC does not recommend to mix Production and Dev environment integrations whether it is RSSO or any other Remedy products

    2) Do we need to create a separate Database for SSO in Oracle or MSSQL for Remedy SSO ?

    Ans: Although you can use the same database as AR server's database for Remedy SSO data, we recommend that you create a separate database due to table name conflicts it may create between the applications.  For instance, there is a table name called CONFIGURATIONS in SmartReporting as well as Remedy SSO

    3) Is it possible to change the domain name of the database server that is used for RSSO?

    Ans:  Yes, the only change you have to do is in context.xml file (<tomcat>\webapps\rsso\META-INF  folder) indicating the new name of the database server;  Below is the text from this file.  You only need to change the 'databaseName' parameter

    -<Context>

    <!-- Validation thread runs every 2 minutes (timeBetweenEvictionRunsMillis) For connections which are idle more than 3 minutes 20 seconds (minEvictableIdleTimeMillis) Not validated if was checked within 60 seconds before (validationInterval) Also, if connection will be if used more than 30 seconds (removeAbandonedTimeout), it will be returned to pool (removeAbandioned) -->

    <Resource validationQuery="SELECT 1" validationInterval="60000" username="RSSO_USER" url="jdbc:sqlserver://clm-pun-030282:1433;databaseName=rsso;instanceName=MSSQL" type="javax.sql.DataSource" timeBetweenEvictionRunsMillis="120000" testWhileIdle="true" removeAbandonedTimeout="30" removeAbandoned="true" password="AES:e3e7b6197fe444838a7bc71fdf6ce7f7" name="jdbc/rsso" minEvictableIdleTimeMillis="200000" maxWait="15000" maxIdle="2" maxActive="10" logAbandoned="true" factory="com.bmc.rsso.dsfactory.RSSODataSourceFactory" driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" auth="Container"/>

    </Context>

    4) Does a Midtier Loadbalancer name anywhere in the RSSO integration?

    Ans:  No

    5) Can the Security Planning can be done after the installation ?

    Ans:  Planning of the security should be done prior to installing of Remedy SSO.  Please refer to Security planning link for Remedy SSO as below:  There may be additional security recommendations from your security expert which you may want to bring to our attention in case you have any queries from Remedy SSO perspective

    https://docs.bmc.com/docs/display/public/rsso91/Security+planning

    6) Also for some security reason’s we can’t provide RESOURCE role but we have similar role by our DBA which as the following components. Can you check is these components are sufficient or do we still need to GRANT RESOURCE role ? What DB user are you talking about?

    Ans:  For the DB user for RSSO database, the user need to be able to CREATE/ALTER/DELETE TABLE it should be fine. CREATE PUBLIC SYNONYM ALTER SESSION CREATE TABLE CREATE VIEW CREATE TRIGGER CREATE SEQUENCE CREATE DATABASE LINK CREATE SYNONYM DROP SYNONYM CREATE CLUSTER CREATE PROCEDURE CREATE SESSION CREATE SYNONYM CREATE TYPE

    7) Can we use same Tomcat instance on the Midtier or do we need separate instance for RSSO on the same Midtier server ?

    Ans:  Although a same Tomcat instance of Midtier can be used for Remedy SSO, BMC recommend a dedicated Tomcat instance for Remedy SSO

    8) How to plan a Disaster Recovery for Remedy SSO?
     

      Fail-over is not possible in embedded Remedy SSO server that is shipped with Truesight as it has its own database per instance as compared to external Remedy SSO instances which share a same database among its instances. Following must be implemented when setting up Disaster Recovery for external BMC Remedy SSO software (not the embedded one that is shipped with Truesight)
      
        
      
            (a) Setup more than one Remedy SSO server
      
            (b) Setup a Loadbalancer in front of these Remedy SSO servers.  You must match the domain of Truesight with BMC Remedy SSO.  So, you will have to create a DNS alias for Remedy SSO that shares the same               domain name with Truesight
      
            (c) Remedy SSO data is stored in a database.  You can create a fail-over for the database as well.   It doesn't matter for BMC Remedy SSO whether or not fail-over (cluster) has been setup on database because                 all it cares about is the JDBC connection
      

      

     


    Article Number:

    000133626


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles