Oracle® Identity Manager Connector Guide for BMC Ticket Management Release 9.0.4 Part Number E10393-01 |
|
|
View PDF |
Deploying the connector involves the following steps:
The following table lists the deployment requirements for the connector.
Item | Requirement |
---|---|
Oracle Identity Manager | Oracle Identity Manager release 8.5.3 or later |
Target systems | BMC Remedy AR System 6.0 |
External code files | The following JAR and DLL files from the BMC Remedy Admin Client installation directory:
arapi60.jar arutil60.jar arapi60.dll arjni60.dll arrpc60.dll arutl60.dll |
Target system user account | Create a user in Remedy with all the privileges assigned to the Demo user.
You provide the credentials of this user account while performing the procedure in the "Defining IT Resources" section. |
Configuring the target system involves the following steps:
Each target application has custom ticket form in Remedy.
User is required to add fields to provide information on Target Application Name, Access information for target application modules and User specific details on the HPD:HelpDesk Form.
There are two approaches, which can be used for this operation
Add the additional Fields on the HPD:HelpDesk Form.
Create a View of the HPD:HelpDesk Form and add the additional fields in view.
For more details on how to add fields on HPD:HelpDesk Form and to create a view, refer to Action request system 6.0 Developing ARSystem Application:Basic.
This section discusses the following topics related to Remedy encryption:
To enable encryption and set encryption options, you must include server encryption options in the ar.conf
file (UNIX) or the ar.cfg
file (Microsoft Windows). You can do this by using a text editor.
You can set the Encrypt-Security-Policy
encryption option. This is an integer value that indicates whether or not encryption is enabled. If this option is not in the ar.cfg
(or ar.conf
) file, then encryption is disabled by default. If encryption is enabled, then you can set encryption to any one of the following values to this option:
0: Encryption is allowed. Clients and servers with or without encryption enabled on them can connect to this AR System server.
1: Encryption is required. Only clients and servers that have encryption enabled on them can connect to this AR System server.
2: Encryption is disallowed. Regardless of whether or not encryption is enabled, clients and servers can communicate without encryption.
Sample Encryption Product Settings in the Configuration File
The following table explains sample settings for the options that you can add in the ar.conf
(or ar.cfg
) file.
Option Settings | Significance |
---|---|
Encrypt-Security-Policy: 1 | Encryption is required. |
Encrypt-Public-Key-Expire: 86400 | Public key duration is 1 day (86400 seconds). |
Encrypt-Symmetric-Data-Key-Expire: 2700 | Symmetric data encryption key duration is 45 minutes (2700 seconds). |
Encrypt-Public-Key-Algorithm: 5 | Public key encryption key strength is RSA-1024 (Performance Security). |
Encrypt-Data-Encryption-Algorithm: 2 | Symmetric data encryption key strength is RC4 128-bit (Performance Security). |
If you do not set these options, then the default values are used. Defaults for the level of encryption depend on the encryption product that you are using.
To enable Remedy encryption:
Exit or stop all AR System processes that are running.
To do this, open Control Panel, Administrator Tools, and Services. Stop each AR System process that is running.
In the ar.conf
file (for UNIX) or the ar.cfg
file (for Microsoft Windows), add the Encrypt-Security-Policy
option with a setting of 0
(encryption is allowed) or 1
(encryption is required). Add other options in the file as required.
The default UNIX directory for the ar.conf
file is ar_install_dir
/conf.
In Microsoft Windows, the ar.cfg
file is stored in the ar_install_dir
\conf
directory. Here, ar_install_dir
is the installation directory for ARSystem on the AR server.
Caution:
If you set theEncrypt-Security-Policy
option to 1
(encryption is required), then communication is not allowed for any server or client that has not been upgraded to use encryption.Restart the AR System server.
When the AR System server is started, it checks encryption licensing and encryption configuration settings, if encryption is enabled. If the appropriate Remedy Encryption product licenses are not detected or if invalid configuration settings are detected, then one or more of the following error messages are displayed.
If encryption is disabled, then encryption error checking does not occur and encryption errors are bypassed. Error messages are listed in the order in which they are detected.
The connector files to be copied and the directories to which you must copy them are given in the following table.
File in the Installation Media Directory | Destination Directory |
---|---|
lib/JavaTask/xlBMCRemedyTicket.jar |
OIM_home/xellerate/JavaTasks
|
lib/ScheduleTask/xlBMCRemedyTicketRecon.jar |
OIM_home/xellerate/ScheduleTask
|
Files in the resources directory |
OIM_home/xellerate/connectorResources
|
xml/BMCTicketConnector_DM.xml |
OIM_home/xlclient
|
After you copy the connector files:
Copy the following files from the BMC Remedy Admin Client installation directory (for example, C:/Program Files/AR System
) to the OIM_home
/xellerate/ThirdParty
directory:
arapi60.jar arutil60.jar arapi60.dll arjni60.dll arrpc60.dll arutl60.dll
Include OIM_home
/xellerate/ThirdParty
in the PATH
environment variable.
Note:
While installing Oracle Identity Manager in a clustered environment, you copy the contents of the installation directory to each node of the cluster. Similarly, you must copy theconnectorResources
directory and the JAR files to the corresponding directories on each node of the cluster.Note:
In this guide, the term Oracle Identity Manager server refers to the computer on which Oracle Identity Manager is installed.Configuring the Oracle Identity Manager server involves the following procedures:
Note:
In a clustered environment, you must perform this step on each node of the cluster.Changing to the required input locale (language and country setting) involves installing the required fonts and setting the required input locale.
You may require the assistance of the system administrator to change to the required input locale.
While performing the instructions described in the "Step 3: Copying the Connector Files and External Code Files" section, you copy files from the resources
directory on the installation media into the OIM_home
/xellerate/connectorResources
directory. Whenever you add a new resource bundle in the connectorResources
directory or make a change in an existing resource bundle, you must clear content related to connector resource bundles from the server cache.
To clear content related to connector resource bundles from the server cache:
In a command window, change to the OIM_home
/xellerate/bin
directory.
Note:
You must perform Step 1 before you perform Step 2. If you run the command described in Step 2 as follows, then an exception is thrown:OIM_home/xellerate/bin/batch_file_name
Enter one of the following commands:
On Microsoft Windows:
PurgeCache.bat ConnectorResourceBundle
On UNIX:
PurgeCache.sh ConnectorResourceBundle
Note:
You can ignore the exception that is thrown when you perform Step 2.In this command, ConnectorResourceBundle
is one of the content categories that you can remove from the server cache. Refer to the following file for information about the other content categories:
OIM_home/xellerate/config/xlConfig.xml
When you enable logging, Oracle Identity Manager automatically stores in a log file information about events that occur during the course of provisioning and reconciliation operations. To specify the type of event for which you want logging to take place, you can set the log level to one of the following:
ALL
This level enables logging for all events.
DEBUG
This level enables logging of information about fine-grained events that are useful for debugging.
INFO
This level enables logging of informational messages that highlight the progress of the application at coarse-grained level.
WARN
This level enables logging of information about potentially harmful situations.
ERROR
This level enables logging of information about error events that may still allow the application to continue running.
FATAL
This level enables logging of information about very severe error events that could cause the application to stop functioning.
OFF
This level disables logging for all events.
The file in which you set the log level and the log file path depend on the application server that you use:
BEA WebLogic
To enable logging:
Add the following line in the OIM_home
/xellerate/config/log.properties
file:
log4j.logger.Adapter.BMCTicket=log_level
In this line, replace log_level
with the log level that you want to set.
For example:
log4j.logger.Adapter.BMCTicket=INFO
After you enable logging, log information is written to the following file:
WebLogic_home/user_projects/domains/domain_name/server_name/server_name.log
IBM WebSphere
To enable logging:
Add the following line in the OIM_home
/xellerate/config/log.properties
file:
log4j.logger.Adapter.BMCTicket=log_level
In this line, replace log_level
with the log level that you want to set.
For example:
log4j.logger.Adapter.BMCTicket=INFO
After you enable logging, log information is written to the following file:
WebSphere_home/AppServer/logs/server_name/startServer.log
JBoss Application Server
To enable logging:
In the JBoss_home
/server/default/conf/log4j.xml
file, locate the following lines:
<category name="Adapter.BMCTicket">
<priority value="log_level"/>
</category>
In the second XML code line, replace log_level
with the log level that you want to set. For example:
<category name="Adapter.BMCTicket"> <priority value="INFO"/> </category>
After you enable logging, the log information is written to the following file:
JBoss_home/server/default/log/server.log
OC4J
To enable logging:
Add the following line in the OIM_home
/xellerate/config/log.properties
file:
log4j.logger.Adapter.BMCTicket=log_level
In this line, replace log_level
with the log level that you want to set.
For example:
log4j.logger.Adapter.BMCTicket=INFO
After you enable logging, log information is written to the following file:
OC4J_home/opmn/logs/default_group~home~default_group~1.log
As mentioned in the "Files and Directories That Comprise the Connector" section, the connector XML file contains definitions of the components of the connector. By importing the connector XML file, you create these components in Oracle Identity Manager.
To import the connector XML file into Oracle Identity Manager:
Open the Oracle Identity Manager Administrative and User Console.
Click the Deployment Management link on the left navigation bar.
Click the Import link under Deployment Management. A dialog box for locating files is displayed.
Locate and open the BMCTicketConnector_DM.xml
file, which is in the OIM_home
/xlclient
directory. Details of this XML file are shown on the File Preview page.
Click Add File. The Substitutions page is displayed.
Click Next. The Confirmation page is displayed.
Click Next. The Provide IT Resource Instance Data page for the BMC
IT resource is displayed.
Specify values for the parameters of the BMC
IT resource. Refer to the table in the "Defining IT Resources" section for information about the values to be specified.
Click Next. The Provide IT Resource Instance Data page for a new instance of the BMCRemedy
IT resource type is displayed.
Click Skip to specify that you do not want to define another IT resource. The Confirmation page is displayed.
See Also:
If you want to define another IT resource, then refer to Oracle Identity Manager Tools Reference Guide for instructions.Click View Selections.
The contents of the XML file are displayed on the Import page. You may see a cross-shaped icon along with some nodes. These nodes represent Oracle Identity Manager entities that are redundant. Before you import the connector XML file, you must remove these entities by right-clicking each node and then selecting Remove.
Click Import. The connector XML file is imported into Oracle Identity Manager.
After you import the connector XML file, proceed to the next chapter.
You must specify values for the BMC
IT resource parameters listed in the following table.
Parameter | Description |
---|---|
UserName |
User ID that is used to connect to the target system
The default value is |
Password |
Password for the user ID that is used to connect to the target system
Default value is blank. |
Host |
IP address or computer name of the BMC Ticket Management server |
Port |
TCP/IP port at which the BMC Ticket Management server is listening
The default value is |
TimeStamp |
Starting with the first reconciliation run, this parameter stores the time-stamp value at which the reconciliation run ends.
The default value is |
IsSecure |
Specifies whether or not the encryption feature is enabled
The value can be |
FormName |
Name of the form/view in the target system from which details of newly created and updated Ticket can be obtained |
Max_Retry |
The Maximum no of times the connector tries to connect target system. |
Delay |
The time gap to connect to Target system when Timeout occurs. |
After you specify values for these IT resource parameters, proceed to Step 9 of the procedure to import connector XML files.