3 of 3 people found this helpful
The Remedy server must be configured to use LDAP for authentication via the AREALDAP plugin. A user enters their credentials in the midtier, these are sent to the AR Server, the server invokes the plugin which checks them against the LDAP server. If successful they are logged in.
The AR server is configured to to perform authentication via the Remedy SSO plugin. A user browses to the midtier and is redirected to the RSSO server where they enter their credentials. The RSSO server is configured with an LDAP authentication source and uses this to validate the user, if successful they are granted a token and redirected back to the midtier. The midtier sends a call to the AR server with the credentials/token which the AR server receives and passes to the SSO plugin. The plugin calls the SSO server to check the credentials/token are valid and, if so, they are logged in.
That's a very high level view, glossing over many details and variations...
They both log the user into Remedy. So is one better than the other?
It's a business decision rather than a technical one. If you don't already have an SSO solution, or you don't plan to start using one in the near future, then I would say the AREA LDAP option is easier to implement as everything you need is installed with the Remedy server and just needs to be configured.
1 of 1 people found this helpful
Mark have already covered all the points. To add to his points, RSSO is also used as Single Sign On for all the application in an organization. So mostly when user login into windows using correct credentials, user can easily access other applications for which RSSO authentication is configured. Authentication remains the same which Mark have already mentioned above.
That is what we want to achieve. We want SSO, when the user launches the URL it recognizes their ID and automatically logs them into Remedy ITSM.
In that case you need SSO as this is not a feature provided by AREA LDAP on its own.