This topic provides instructions for performing a BMC Atrium Single Sign-On standalone installation. In this installation, a Tomcat server and JVM are installed and properly configured for use by the BMC Atrium Single Sign-On server. This installation method is the simplest and easiest to perform since all of the administrative and configuration details are performed by the installation program.
Before you begin (see page )
To install BMC Atrium Single Sign-On as a standalone (see page ) Where to go from here (see page )
Before you begin
Obtain the zipped BMC Atrium Single Sign-On files from the BMC product package via Electronic Product Download (EPD) or the BMC Atrium Single Sign-On DVD.
If there is already an installation of BMC Atrium Single Sign-On on the target computer, the installer will not allow another installation. Uninstall the existing version.
Prepare to run the installation program for your operating system.
For example, you must update Terminal Services configuration options and configure the DEP feature if you are using Windows. For more information, see Configuring Terminal Services and DEP parameters.
Note
The BMC Atrium Single Sign-On Tomcat server cannot be shared with any product (for example, the AR System server or the BMC Remedy Mid Tier) that integrates with BMC Atrium Single Sign-On. BMC recommends that you install BMC Atrium Single Sign-On on a different computer than the computer where you plan to install a BMC product (for example, the AR System server or the BMC Remedy Mid
1.
To install BMC Atrium Single Sign-On as a standalone
Unzip the BMC Atrium Single Sign-On files.
Run the installation program.
The setup executable is located in the Disk1directory of the extracted files.
(Microsoft Windows ) Run setup.cmd.
(UNIX ) Run setup.sh (which automatically detects the appropriate subscript to execute).
In the lower right corner of the Welcome panel, click Next.
Review the license agreement, click I agree to the terms of license agreement, and then click Next. Accept the default destination directory or browse to select a different directory, and then click Next. In the Host Name Information panel, verify that the hostname presented is the Fully Qualified Domain Name (FQDN) for the host, and then click Next.
Correct the value as needed.
Choose to install non-clustered or clustered Atrium Single Sign-On Server, and then click Next. Non-clustered Atrium Single Sign-On Server – Standalone Single Sign-On Server.
Clustered Atrium Single Sign-On Server – Implemented as a redundant system with session failover.
Clustered install requires at least two nodes. For more information, see Installing BMC Atrium Single .
Sign-On as a High Availability cluster (see page 55) Verify that Install New Tomcat is selected, and then click Next. The Tomcat server options are:
Install New Tomcat (default)
Use External Tomcat. See Installing BMC Atrium Single Sign-On on an external Tomcat server (see to install with this option.
page 72)
Note
When installing on Linux servers, you must configure JVM for Tomcat after the installation. For more information about configuring JVM, see Configuring a JVM for the Tomcat Server (see page
. 77)
Accept the default Tomcat HTTP port number (8080), HTTPS port number (8443), and Shutdown port number (8005), or enter different port numbers, and then click Next. If any of the port numbers are incorrect, a panel identifies the incorrect port number and requires you to return to the previous page to correct the values before proceeding with the installation.
Note
Home BMC Software Confidential
When installing on Linux servers, port selections below 1000 require the server to run as root, or use a port forwarding mechanism.
Enter a cookie domain, and then click Next.
The domain value of the cookie should be the network domain of BMC Atrium Single Sign-On or one of its parent domains. For more information, see Default cookie domain.
Note
The higher the level of the selected parent domain, the higher the risk of user impersonation.
Top-level domains are not supported (for example, com or com.ca ).
You cannot use sibling domains or cross-domains with BMC Atrium Single Sign-On. For example, installing the BMC Atrium Single Sign-On server in the remedy.com domain and the AR System server in the bmc.com domain is not supported. You must move all your computers into the same domain.
Enter a strong administrator password (at least 8 characters long), confirm the password, and then click .
Next
The default SSO administrator name is amadmin.
Note
Passwords with special characters must be specified in quotes.
For more information, see Administrator password. Review the installation summary and click Install.
Verify that your BMC Atrium Single Sign-On installation was successful by accessing the BMC Atrium Single Sign-On URL.
Navigate to Start > All Programs > BMC Software > BMC Atrium S.SO > Administrator to launch the BMC Atrium SSO Admin Console.
The URL to open the BMC Atrium SSO Admin Console is:
https://<ssoserver>.<domain>:<port>/atriumsso ,
For example https://ssoserver.bmc.com:8443/atriumsso
When you are prompted that you are connecting to an insecure or untrusted connection, add the exception and then continue.
Browsers display this warning because you have not yet configured the SSO authentication as Note:
a trusted provider.
Confirm that you can view the BMC Atrium SSO logon panel.
Home BMC Software Confidential
d.
14.
Log on with the SSO administrator name (for example, amadmin) and password.
The BMC Atrium SSO Admin Console appears.
(Click the image to expand it.)
) Create an administrative user account for BMC Products to perform search functions on the (Optional
user store (for example, to list user names and emails).
If you are using the BMC Atrium Single Sign-On server's internal LDAP, assign the BMCSearchAdmins group to the new user account.
If you are using an external system for authentication (such as AR System, LDAP, or Active Directory), assign the BmcSearchAdmins group to either an already existing user account or a new user
account.
Where to go from here
Installing or upgrading AR System server
To secure certificates with an external CA, see Managing keystores with a keytool utility (see page 239). To configure authentication, see Configuring after installation. For a specific authentication method, see the specific method. For example, for LDAP or Active Directory, see Using LDAP (Active Directory) for
. authentication