2 Replies Latest reply: Aug 8, 2012 1:19 AM by Saurabh Pandey RSS

Issue with Authentication alias (Field ID 117)

Saurabh Pandey
Hi,

 

We did LDAP integration between Remedy 7.1 and Tovoli Directory Server 6.1 (TDS) for authenticating remedy users.

We are now caught up in an issue with field id 117. If you have used this field before for any of your business requirements, would request you to please share your experience and any possible ways of troubleshooting it:

Below are steps which we had performed:


1) In Remedy all login ids have been created in following format: <firstname.lastname>
2) TDS however stores the login ID's as employee ids eg. A1266673.
3) Based on the new security policies, user will have to use employee ids for login from all applications.
4) Since Remedy already has huge database of users, it will be impossible to update login ids in entire ITSM (Tickets, approvals, configurations, SLA etc)
5) We decided to use the feature of "authentication alias" and created "Authentication Login Name" with field ID 117 on user form.
6) This field was updated with the corresponding employee ids of the users.
7) Users were then able to successfully login to remedy using their employee ids defined in "Authentication Login Name" field and in TDS.
8) It however was not able to map the permissions and other details of the existing user and was treating it as a different user all together. As per the Authentication Alias functionality, it should use Authentication Login Name (field id 117) only for authenticating user and then in remedy it should use the login name field for permissions and performing  regular operations.

 

I have reffered page 102 of "BMC Remedy Action Request System 7.1.00 Configuring guide" for configuring authentication alias.

 

Would need your suggestions on how should we troubleshoot this issue?

 

Thanks,

Saurabh Pandey

  • 1. Re: Issue with Authentication alias (Field ID 117)
    LJ LongWing

    Saurabh,

    This has been a point of confusion for many years...but basically what your problem is is that you want them to log on using the alias, but have Remedy use the value in field 101, and that's not the way it works.  The way it works is that they log in using the ID in 101, but the AREA uses the name in 117 instead...so if the requirement is that they log into EVERYTHING using A1266673, then that needs to be in 101, and the alias is of no use to you...but if you still want them to log onto Remedy using first.last, your current setup works fine...they can provide first.last in their username field...provide their PW for AXXXX, and remedy will authenticate them just fine.  If however they need to log on with the AXXXX ID...I would recommend looking at RRR LoginConv (probably not quite the correct name)...but it will convert all of your logins from A to B for you.

  • 2. Re: Issue with Authentication alias (Field ID 117)
    Saurabh Pandey

    Hi lj,

     

    Thanks for your inputs.

     

    I was using the incorrect field (117) for login and hence it was not working. We tried logging in with 101 and it worked. I also verified plugin logs and it confirmed that when user logs in using firstname.lastname (remedy login name), the AREA plugin actually calls the TDS with the "Authentication Login Name" of the user.

     

    This would meet our requirements Thanks again for all your help and support.

     

    Thanks,

    Saurabh Pandey