Omi10 and BSMC 10 LW-SSO login issue

I am unable to login in BSMC using LW-SSO with Omi10 . I am flowing this-


  1. Prerequisite: Obtain the following information from OMi:

    • OMi domain name. You need to know the domain name of the OMi gateway server to which BSM Connector sends data (for example,

      If the OMi gateway servers and the BSM Connector run in different subdomains, for example, and, specify only the name of the parent domain, which is in this example.

      BSM Connector and the OMi gateway server to which it is reporting must run in the same top-level domain.

    • LW-SSO token key. Obtain the token key defined in OMi as follows:

      1. In the OMi user interface, navigate to the Users and Permissions manager:

        Administration > Users > Authentication Management

      2. In the Single Sign-On Configuration group, view the value of the Token Creation Key (initString) setting.

      3. Record the value so it will be available to you later in this procedure.

        If the setting is not defined, work with an OMi administrator to Closeddefine it.
    • BSM Connector groups and roles. Define the groups and roles that are allowed to log into the BSM Connector:

      1. In the OMi user interface, navigate to the Infrastructure Settings manager:

        Administration > Setup and Maintenance > Infrastructure Settings

      2. Click Foundations and select Single Sign-On in the drop-down list.

      3. Set Add user groups information to LW-SSO token to true.

        The default group for BSM Connector is BSMC_ADMINS.

      4. Set Add user roles information to LW-SSO token to true.

  2. Use the lwsso-conf command to configure LW-SSO:

    lwsso-conf.[bat|sh] -lwsso_key <lwssoKey> [-lwsso_domain <lwssoDomainName>] [-lwsso_groups <group0> [<group1> ...]]


    • -lwsso_key <lwssoKey> is the token key (init string) generated in the OMi.

      Note: Single-sign on can only work if the token key that you type here is exactly the same as the token key on the OMi server.

    • -lwsso_domain <lwssoDomainName> specifies the domain of the associated OMi gateway server.

    • -lwsso_groups <group0> [<group1> ...] specifies the OMi users and roles that will have access to BSM Connector. Separate individual groups with spaces (for example, -lwsso_groups BSMC_ADMINS SUPERUSER).

  3. Restart ovc:

    ovc -restart

After configure the below steps, BSMC login with OMi 10 showing the error- "Access to the specified resource has been denied".
When i access BSMC without Omi login then it is working fine. I am missing something here?

I have checked on OMi side, there are no group created which mention above-BSMC_ADMINS. So May be this is the cause ?

Sumit Kumar

Parents Reply Children