OMi RTSM Local Client Connection Should Support OMi Configured LDAP

Idea ID 1673141

OMi RTSM Local Client Connection Should Support OMi Configured LDAP

As of Operation Bridge 2018.05/10.70 you now have the option of downloading and using a local RTSM/UCMDB Java client for RTSM managament rather than running in your browser. Since most browsers other than Explorer no longer support Java this gives a good, and I've found much faster and more stable way to access the RTSM. The current version of the local client however only allows local user authentication and will not utilize the OMi LDAP configuration. This means you have to either log in as admin or set a local password for LDAP defined users. My idea is to add OMi LDAP support to the RTSM/UCMDB local client.

6 Comments
Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes
 
Frequent Contributor.
Frequent Contributor.

Makes total sense to me.

Micro Focus Contributor
Micro Focus Contributor

when ???

Micro Focus Contributor
Micro Focus Contributor

Check the published article in the Practitioner Notes:

https://docs.microfocus.com/itom/Operations_Bridge_Manager:2019.11/PN/pn5e6f95282dda33.01731855

or follow the following steps:

Access the UCMDB Client through the GW or LB
use protocol, http or https
use OBM defined port
use Target Env. OpsB

First use case (simple): RTSM access is limited to small number of admin users with full permission to OBM and RTSM.
1. Create your OBM users (local or LDAP) as you usually do.
2. Login to OBM as admin, select the user(s) that require full access to OBM and RTSM and provide them “Super-Admin” permissions.
3. Those users will have Server Administrator Privileges to RTSM as well as Full admin privileges to OBM.
4. Be careful!

Second use case (granular): Many users and groups with different roles require access to RTSM with different permissions.

1. In OBM: Create a Role with RTSM permissions
You can give access to “All” views or “Partial” as needed.
Create a group and assign itto the role.
Create a user(s) (Local or LDAP) and assign it to the group.

2. Login to UCMDB Local Client using “admin” or “sysadmin” user.
Go to Security –Roles Manager.
Select the role, select “UI Modules” in the Resource Types, and provide access to the UI Modules.
You cannot login if you do not select at least one UI Module

3. Go to the “General Actions” tab and provide access to “System Access Actions” so the user can login.
You cannot login if you don’t select at least “Access to UI”.
You cannot view any CI in your views if you don’t select “View CIs”

With this configuration, any OBM user assigned to the configured OBM role will be able to login via UCMDB Local Client and navigate through the different UI Modules permitted.

If you use a high resolution monitor, chances are that your UCMDB Local Client is hard to read. Here are the steps to resolve this issue:
1. Navigate to <UCMDB Local Client dir>/jre/bin
2. Right Click the javaw.exe file to access the file Properties
3.Select the Compatibility tab in the Properties window.
4. Select the check box to “Override high DPI scaling behaviour.
5. Choose “System” from the pull-down for “Scaling performed by”.
6. Select OK and relaunch the UCMDB Local Client to see the scaling improvement.

Micro Focus Contributor
Micro Focus Contributor

Hi all,

 

+What Faouzi has posted 

If you use CMS browser the problem will be similar, so you have to enabled the Single-Sign on in OMI, login with the Ldap user to OMI and try to relaunch the CMS ->then you will be able to login in with the LDAP user from the CMS.

Micro Focus Contributor
Micro Focus Contributor
Status changed to: Already Offered

Please check the detailed description by 

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.