CA Spectrum and CA Embedded Entitlements Manager



Similar documents
CA Cloud Service Delivery Platform

CA VPN Client. User Guide for Windows

CA Cloud Service Delivery Platform

CA NetQoS Performance Center

CA Spectrum and CA Service Desk

Upgrade Guide. CA Application Delivery Analysis 10.1

CA Nimsoft Monitor. Probe Guide for Performance Collector. perfmon v1.5 series

CA Technologies SiteMinder

CA Spectrum. Microsoft MOM and SCOM Integration Guide. Release 9.4

CA Performance Center

CA Unified Infrastructure Management Server

CA Nimsoft Service Desk

CA Change Manager Enterprise Workbench r12

CA APM Cloud Monitor. Scripting Guide. Release 8.2

CA Nimsoft Monitor. Probe Guide for Cloud Monitoring Gateway. cuegtw v1.0 series

CA Nimsoft Monitor. Probe Guide for CA ServiceDesk Gateway. casdgtw v2.4 series

CA Nimsoft Monitor. Probe Guide for Active Directory Response. ad_response v1.6 series

CA Nimsoft Monitor. Probe Guide for Lotus Notes Server Monitoring. notes_server v1.5 series

How To Install Caarcserve Backup Patch Manager (Carcserver) On A Pc Or Mac Or Mac (Or Mac)

CA Nimsoft Monitor. Probe Guide for DNS Response Monitoring. dns_response v1.6 series

CA Cloud Service Delivery Platform

CA SiteMinder. Directory Configuration - OpenLDAP. r6.0 SP6

CA Clarity PPM. Connector for Microsoft SharePoint Release Notes. v2.0.00

CA Nimsoft Monitor. Probe Guide for Internet Control Message Protocol Ping. icmp v1.1 series

CA Nimsoft Monitor. Probe Guide for Microsoft Exchange Server Response Monitoring. ews_response v1.1 series

CA Spectrum and CA Performance Center

Unicenter NSM Integration for BMC Remedy. User Guide

CA Nimsoft Monitor. Probe Guide for URL Endpoint Response Monitoring. url_response v4.1 series

CA Nimsoft Monitor. Probe Guide for Java Virtual Machine Monitoring. jvm_monitor v1.4 series

Nimsoft Monitor. dns_response Guide. v1.6 series

CA ARCserve Backup for Windows

CA Clarity PPM. Connector for Microsoft SharePoint Product Guide. Service Pack

CA SiteMinder. SDK Overview. r6.0 SP6/6.x QMR 6. Second Edition

CA SMF Director. Release Notes. Release

CA Process Automation

CA Unified Infrastructure Management

CA Desktop Migration Manager

CA Clarity Project & Portfolio Manager

CA Nimsoft Monitor. Probe Guide for E2E Application Response Monitoring. e2e_appmon v2.2 series

CA Unified Infrastructure Management

CA Nimsoft Unified Management Portal

CA Nimsoft Monitor. Probe Guide for iseries System Statistics Monitoring. sysstat v1.1 series

BrightStor ARCserve Backup for Linux

Arcserve Cloud. Arcserve Cloud Getting Started Guide

Mobile Time Manager. Release 1.2.1

Chapter 1: How to Configure Certificate-Based Authentication

CA Clarity Project & Portfolio Manager

ehealth Psytechnics Integration for User Guide r6.0 SP3

Connector for CA Unicenter Asset Portfolio Management Product Guide - On Premise. Service Pack

CA Mobile Device Management 2014 Q1 Getting Started

CA SiteMinder. Web Agent Installation Guide for IIS 12.51

CA SiteMinder. Web Agent Installation Guide for IIS. r12.5

CA Mobile Device Management. How to Create Custom-Signed CA MDM Client App

BrightStor ARCserve Backup for Windows

CA Spectrum Active Directory and Exchange Server Manager

CA Identity Manager. Glossary. r12.5 SP8

CA Spectrum Active Directory and Exchange Server Manager

CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam

CA Unified Infrastructure Management

Intuit Field Service Management ES

CA Performance Center

Chapter 1: How to Register a UNIX Host in a One-Way Trust Domain Environment 3

CA Nimsoft Service Desk. Compatibility Matrix

Unicenter Service Desk

Unicenter Patch Management

CA Process Automation

Web Admin Console - Release Management. Steve Parker Richard Lechner

DevTest Solutions. Local License Server. Version 2.1.2

BrightStor ARCserve Backup for Windows

CA Workload Automation Agent for Microsoft SQL Server

CA SiteMinder. Federation Security Services Release Notes. r12.0 SP3

CA Asset Portfolio Management

CA Cloud Storage for System z

CA XOsoft Replication for Windows

CA Data Protection. Content Provider Development Guide. Release 15.0

CA Clarity PPM. Resource Management User Guide. v

CA Unified Infrastructure Management

Unicenter TCPaccess FTP Server

CA Nimsoft Monitor. Probe Guide for Apache HTTP Server Monitoring. apache v1.5 series

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

CA Workload Automation Agent for Remote Execution

CA ARCserve Backup for Windows

CA ARCserve Replication and High Availability

CA Nimsoft Monitor. Probe Guide for Sharepoint. sharepoint v1.6 series

etrust Audit Using the Recorder for Check Point FireWall-1 1.5

CA Clarity PPM. Demand Management User Guide. v

CA Nimsoft Monitor Snap

CA Clarity PPM. Financial Management User Guide. v

Single Sign-on to Salesforce.com with CA Federation Manager

BrightStor ARCserve Backup for Windows

CA SiteMinder. Agent for IIS Installation Guide. r12.0 SP3

CA Clarity PPM. Business Objects Universe Developer Guide. v

CA Nimsoft Monitor. Probe Guide for File and directory checking. dirscan v3.0 series

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

CA Workload Automation Agent for Databases

CA ARCserve Backup for Windows

CA SiteMinder. Upgrade Guide. r12.0 SP2

CA ehealth. Monitoring the Cisco BTS Softswitch User Guide. r6.1

CA ARCserve Replication and High Availability for Windows

Transcription:

CA Spectrum and CA Embedded Entitlements Manager Integration Guide CA Spectrum Release 9.4 - CA Embedded Entitlements Manager

This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your informational purposes only and is subject to change or withdrawal by CA at any time. This Documentation may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of CA. This Documentation is confidential and proprietary information of CA and may not be disclosed by you or used for any purpose other than as may be permitted in (i) a separate agreement between you and CA governing your use of the CA software to which the Documentation relates; or (ii) a separate confidentiality agreement between you and CA. Notwithstanding the foregoing, if you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise make available a reasonable number of copies of the Documentation for internal use by you and your employees in connection with that software, provided that all CA copyright notices and legends are affixed to each reproduced copy. The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicable license for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility to certify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed. TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION AS IS WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT WILL CA BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY LOSS OR DAMAGE, DIRECT OR INDIRECT, FROM THE USE OF THIS DOCUMENTATION, INCLUDING WITHOUT LIMITATION, LOST PROFITS, LOST INVESTMENT, BUSINESS INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF CA IS EXPRESSLY ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. The use of any software product referenced in the Documentation is governed by the applicable license agreement and such license agreement is not modified in any way by the terms of this notice. The manufacturer of this Documentation is CA. Provided with Restricted Rights. Use, duplication or disclosure by the United States Government is subject to the restrictions set forth in FAR Sections 12.212, 52.227-14, and 52.227-19(c)(1) - (2) and DFARS Section 252.227-7014(b)(3), as applicable, or their successors. Copyright 2014 CA. All rights reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

CA Technologies Product References This document references the following CA Technologies products: CA Spectrum CA Embedded Entitlements Manager (CA EEM) Contact CA Technologies Contact CA Support For your convenience, CA Technologies provides one site where you can access the information that you need for your Home Office, Small Business, and Enterprise CA Technologies products. At http://ca.com/support, you can access the following resources: Online and telephone contact information for technical assistance and customer services Information about user communities and forums Product and documentation downloads CA Support policies and guidelines Other helpful resources appropriate for your product Providing Feedback About Product Documentation If you have comments or questions about CA Technologies product documentation, you can send a message to techpubs@ca.com. To provide feedback about CA Technologies product documentation, complete our short customer survey which is available on the CA Support website at http://ca.com/docs.

Contents Chapter 1: CA Spectrum Integration with CA EEM 7 About the CA Spectrum Integration with CA Embedded Entitlements Manager... 7 Intended Audience... 7 How to Configure CA Spectrum/CA EEM Integration... 8 Register CA Spectrum Users with CA EEM... 8 Tip: Create CA Spectrum Users for Single Sign-On... 9 Configure OneClick to Connect to the CA EEM Server... 10 Support for Multiple Active Directory Domains... 11 Chapter 2: Troubleshooting CA Spectrum Integrations with CA EEM 13 Cannot Log In to CA Spectrum... 13 Configuration Test Fails... 13 Index 15 Contents 5

Chapter 1: CA Spectrum Integration with CA EEM This section contains the following topics: About the CA Spectrum Integration with CA Embedded Entitlements Manager (see page 7) Intended Audience (see page 7) How to Configure CA Spectrum/CA EEM Integration (see page 8) Support for Multiple Active Directory Domains (see page 11) About the CA Spectrum Integration with CA Embedded Entitlements Manager Single Sign-On lets CA Spectrum users integrate with LDAP (Lightweight Directory Access Protocol) and Active Directory user management systems. Single Sign-On is a separate component that uses the CA Embedded Entitlements Manager (CA EEM) solution. It is not configured as part of the CA Spectrum installation. Instead, you must activate it after you install CA Spectrum by modifying configuration settings from the Administration pages on the OneClick server. Intended Audience This guide is intended for administrators who want to set up authorization access for CA Spectrum with CA EEM. The CA Spectrum integration with CA EEM addresses the need for fine-grained access control to CA Spectrum enterprise applications and other applications integrated with CA Spectrum. Before using this guide to integrate CA Spectrum with CA EEM, you should have knowledge about CA Spectrum user management and you should be familiar with the OneClick Administration pages. No special knowledge of CA EEM is required to specify integration parameters from the CA Spectrum environment. However, some knowledge of how to configure integration parameters in the CA EEM environment is required. Chapter 1: CA Spectrum Integration with CA EEM 7

How to Configure CA Spectrum/CA EEM Integration How to Configure CA Spectrum/CA EEM Integration Follow this process to configure the integration of CA Spectrum and CA EEM: 1. Install CA EEM. Note: For more information, see the CA EEM documentation. We recommend that you install CA EEM on a separate machine. 2. Register CA Spectrum users with CA EEM (see page 8). 3. Configure the CA EEM server for single sign-on in OneClick (see page 10): a. Configure CA EEM server connection parameters. b. Test connectivity to the CA EEM server. c. Save connection parameters settings. Register CA Spectrum Users with CA EEM After installing CA EEM, register CA Spectrum users in CA EEM before you configure Single Sign-On settings for them. Follow these steps: 1. Open a browser and navigate to the CA EEM home page. 2. Log in as the CA EEM administrator. Default: EiamAdmin. 3. Click the Manage Identities tab. 4. Click the New User icon in the Users panel. 5. Add the CA Spectrum user to the CA EEM system by supplying values in the fields provided. Note: You can point CA EEM to an LDAP or Active Directory server from the Configure tab. CA EEM 12.0 and later can point to more than one LDAP or Active Directory server. For more information, see Support for Multiple Active Directory Domains (see page 11). 8 Integration Guide

How to Configure CA Spectrum/CA EEM Integration Tip: Create CA Spectrum Users for Single Sign-On Creating user accounts in CA Spectrum requires entering a password manually. This step may not be possible if CA Spectrum is integrated with CA Embedded Entitlements Manager for Single Sign-On. But if CA Spectrum is integrated with an LDAP server, you can create users with blank passwords. The LDAP server then handles user authentication. If your CA Spectrum deployment requires you to use SSO through CA EEM, and if EEM is integrated with an LDAP server, configure the LDAP server in CA Spectrum, and then configure SSO settings. Note: Configure EEM with the LDAP server first, and then configure CA Spectrum and create user accounts. Follow these steps: 1. Log in to the OneClick Web Console. 2. Configure the Web Console with your LDAP server as described in the Administrator Guide. 3. Launch the OneClick Console. 4. In the Users tab of the Navigation panel, select the top-level Users node and click Creates a New User. The Create User dialog opens. 5. Create a user account, but leave the password blank. Save the user account. 6. Repeat the previous steps to create all required CA Spectrum users. 7. Close the OneClick Console. 8. In the OneClick Web interface, click the Administration tab. 9. Click the Single Sign-On Configuration link. 10. Complete CA Spectrum configuration with EEM. 11. Restart the Tomcat server on the OneClick Web server host for the changes to take effect. Now LDAP users can log in to CA Spectrum and can be authenticated using the EEM Server. Chapter 1: CA Spectrum Integration with CA EEM 9

How to Configure CA Spectrum/CA EEM Integration Configure OneClick to Connect to the CA EEM Server Before configuring OneClick to connect to the CA EEM server, create policy configurations that let the host connect to the CA EEM Server. For more information, see the CA EEM documentation. Follow these steps: 1. Log in to the OneClick web server. 2. Click Administration in the menu bar on the OneClick home page. The system verifies your administrator credentials. 3. Click Single Sign-On Configuration in the Administration Pages panel on the left. The Single Sign-On Configuration page opens. 4. Select CA EEM in the Choose SSO Option section. The CA EEM Single Sign-On Configuration section opens. 5. Specify the following parameters for connecting with the CA EEM server in the CA EEM Server Connectivity section: CA EEM Server Hostname Specifies the host name of the CA EEM server you want to connect to. OneClick Server Domain Name Specifies the domain where the OneClick server resides (for example, ca.com). Note: If you are trying to inter-operate between ehealth and CA Spectrum using CA EEM or CA SiteMinder, a second-level domain or greater is required for the cookie domain. Cookies are restricted to a certain domain level for security reasons. According to "RFC 2901" and "RFC 2965", cookies cannot be set to a top-level domain (such as.com,.org,.gov). A minimum of second-level domain is required. For more information, consult the RFC documentation. If a domain name ends with a two letter country code, a minimum of a third-level domain is required. A cookie that is set to a second-level domain is visible at all of its third-level domains. However, a cookie that is set to a third-level domain is not visible at its parent second-level domain or at other sub domains. If no domain name is specified when a cookie is written, the cookie domain attribute defaults to the domain name where the application resides. Spectrum Application Name in CA EEM Specifies the name of the CA Spectrum application in CA EEM, enabling you to set up rules in CA EEM. Enter spectrum in this field. Proxy URL Specifies the URL to be used for proxy connectivity. 10 Integration Guide

Support for Multiple Active Directory Domains 6. Select Yes in the Authentication Logging section to enable logging to either the Tomcat log or to a specified log location for debugging connectivity issues. 7. (Optional) Perform the following steps to test the configuration: a. Complete the Test Username field and the Test Password field with appropriate credentials for testing the connection to the CA EEM server. b. Click Test. The OneClick Console notifies you when proper authentication occurs. 8. Click Save. CA Spectrum verifies whether the CA EEM single sign-on conflicts with any other SiteMinder single sign-on option. If a conflict is detected, you see an error. Otherwise, a dialog asks you to restart the web server. 9. Click OK. 10. The system saves the information to an eem-sso.conf configuration file in the Tomcat directory. You can find the file at the following location: $SPECROOT/custom/sso/eem-sso.conf 11. Restart Tomcat to let the changes take effect. OneClick is configured to connect to CA EEM server. Support for Multiple Active Directory Domains CA Spectrum leverages the multiple Active Directory domains feature of CA EEM to authorize users from multiple domains. CA EEM 12.0 and later versions support this feature. For example, User1 and User2 are two users belonging to different domains, "Domain1.com" and "Domain2.com" respectively. With this feature, user1 and user2 can connect to OneClick. When you create these users in OneClick, supply user names that are identical to the principal names of these users in CA EEM. If the principal name of "User1" of "Domain1.com" in CA EEM is "Domain1.com\User1", in CA Spectrum create this user as "Domain1.com\User1". If the principal name of "User2" of "Domain2.com" in CA EEM is "Domain2.com\User2", in CA Spectrum create this user as "Domain2.com\User2". Two users with the same user name can exist in more than one domain. Include the domain prefix for such identical users during the OneClick authentication. For example, supply "Domain1.com\User1" and "Domain2.com\User1". When a user with the same user name is not present across domains, during the OneClick authentication domain prefix before the user name is not mandatory. Note: Do not use the "User@Domain" format to configure principal name in CA EEM, CA Spectrum supports only the "Domain\User" format. Chapter 1: CA Spectrum Integration with CA EEM 11

Support for Multiple Active Directory Domains As a result, when User1 and User2 of two different domains try to access the OneClick, CA Spectrum sends an authentication request to CA EEM. When CA EEM successfully authenticates these two users by resolving its actual domain, CA Spectrum authorizes them to access the SpectroSERVER. CA EEM 12.0 supports the following two configuration types to enable the multiple Active Directory domains feature: Active Directory Domain Active Directory Forest For more information about configuring multiple domains in CA EEM, see the CA EEM 12.0 Implementation Guide. 12 Integration Guide

Chapter 2: Troubleshooting CA Spectrum Integrations with CA EEM This chapter describes how to respond to potential authentication problems with the CA Spectrum CA EEM integration. Cannot Log In to CA Spectrum Symptom: User unable to authenticate to CA Spectrum. Solution: Verify that the user name and password have been entered correctly in CA Spectrum. Configuration Test Fails Symptom: Unable to authenticate with CA EEM though the CA Spectrum configuration test. Solution: Verify that the proper user name, password, server name, and port have been entered. Chapter 2: Troubleshooting CA Spectrum Integrations with CA EEM 13

Index A Active Directory 8, 11 C CA Spectrum integration with CA EEM about 7 process of configuring 8 CA Spectrum users, register in CA EEM 8 connecting OneClick to the CA EEM server 10 contacting technical support 3 customer support, contacting 3 D domains, multiple 11 I integration issues, troubleshooting 13 intended audience 7 S support, contacting 3 T technical support, contacting 3 Index 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information