Did you read through the documentation:
Basic process is as follows:
-Create Database for Remedy SSO
-Install Remedy SSO application on a server
-Configure Remedy SSO SAML authentication with AD Federated Services
-Create java keystore containing the self-signed cert
-Generate a server cert request
-Import the issued server cert and CA certificate chain into your keystore
-Configure tomcat to utilize SSL / HTTPS
-Configure Remedy SSO Realm
-Update the SP metadata at the Identity Provider
-Create the relying trust (AD team usually does this)
-Deploy SSO agents on AR System and Mid Tier
I think the most difficult part to get right is the configuration of the realm, SP metadata, and stuff on the A/D side. It took us several attempts to get this all working.
Thanks Ryan for your kind response.
If possible please could you elaborate on points 3-7.
Please could you provide detail for the below points:-
-Configure Remedy SSO SAML authentication with AD Federated Services......?
-Create java keystore containing the self-signed cert.?
-Generate a server cert request?
-Import the issued server cert and CA certificate chain into your keystore?
-Configure tomcat to utilize SSL / HTTPS?
Which operating system is running ARS? Because the settings on *nix and windows for AD are a bit different
To elaborate on what Ryan was talking about.
-After Remedy SSO install, you must establish SSL configuration for tomcat
The link above will help you create a java keystore and a certificate request. The certificate request is used to get a trusted cert. This is necessary to establish a link with AD FS. keep in mind when creating the keystore and certificate that you use FQDN and match case. The server name must be consistent in the cert, java keystore, and URL entries.
-Create the Realm and select SAML authentication type
-Import the IdP (AD FS) login URL, will be supplied by an AD FS admin or Active Directory admin. it should auto fill most of the entries for SAML.
-Get metadata URL to import into AD FS/IdP. The AD FS server will only except if the SSL configured correctly on your RSSO server.
-You will have to create a relying trust which is covered in this article https://docs.bmc.com/docs/display/rsso1802/Integrating+IdP+with+Remedy+SSO+for+SAML+IdP+initiated+login
-you will also need to import your trusted cert from your RSSO server on the AD FS server
-export the AD FS certs (do not export the private key) then import those certs into the same java keystore
I will go through the steps provided & will keep all posted.