Idea ID: 1673141

OMi RTSM Local Client Connection Should Support OMi Configured LDAP

Status : Already Offered
over 2 years ago

As of Operation Bridge 2018.05/10.70 you now have the option of downloading and using a local RTSM/UCMDB Java client for RTSM managament rather than running in your browser. Since most browsers other than Explorer no longer support Java this gives a good, and I've found much faster and more stable way to access the RTSM. The current version of the local client however only allows local user authentication and will not utilize the OMi LDAP configuration. This means you have to either log in as admin or set a local password for LDAP defined users. My idea is to add OMi LDAP support to the RTSM/UCMDB local client.

Tags:

  • Please check the detailed description by 

  • Hi all,

     

    +What Faouzi has posted 

    If you use CMS browser the problem will be similar, so you have to enabled the Single-Sign on in OMI, login with the Ldap user to OMI and try to relaunch the CMS ->then you will be able to login in with the LDAP user from the CMS.

  • Check the published article in the Practitioner Notes:

    https://docs.microfocus.com/itom/Operations_Bridge_Manager:2019.11/PN/pn5e6f95282dda33.01731855

    or follow the following steps:

    Access the UCMDB Client through the GW or LB
    use protocol, http or https
    use OBM defined port
    use Target Env. OpsB

    First use case (simple): RTSM access is limited to small number of admin users with full permission to OBM and RTSM.
    1. Create your OBM users (local or LDAP) as you usually do.
    2. Login to OBM as admin, select the user(s) that require full access to OBM and RTSM and provide them “Super-Admin” permissions.
    3. Those users will have Server Administrator Privileges to RTSM as well as Full admin privileges to OBM.
    4. Be careful!

    Second use case (granular): Many users and groups with different roles require access to RTSM with different permissions.

    1. In OBM: Create a Role with RTSM permissions
    You can give access to “All” views or “Partial” as needed.
    Create a group and assign itto the role.
    Create a user(s) (Local or LDAP) and assign it to the group.

    2. Login to UCMDB Local Client using “admin” or “sysadmin” user.
    Go to Security –Roles Manager.
    Select the role, select “UI Modules” in the Resource Types, and provide access to the UI Modules.
    You cannot login if you do not select at least one UI Module

    3. Go to the “General Actions” tab and provide access to “System Access Actions” so the user can login.
    You cannot login if you don’t select at least “Access to UI”.
    You cannot view any CI in your views if you don’t select “View CIs”

    With this configuration, any OBM user assigned to the configured OBM role will be able to login via UCMDB Local Client and navigate through the different UI Modules permitted.

    If you use a high resolution monitor, chances are that your UCMDB Local Client is hard to read. Here are the steps to resolve this issue:
    1. Navigate to <UCMDB Local Client dir>/jre/bin
    2. Right Click the javaw.exe file to access the file Properties
    3.Select the Compatibility tab in the Properties window.
    4. Select the check box to “Override high DPI scaling behaviour.
    5. Choose “System” from the pull-down for “Scaling performed by”.
    6. Select OK and relaunch the UCMDB Local Client to see the scaling improvement.