Configuring single sign-on attributes for DASH

Configuring SSO is a prerequisite to integrating products that are deployed on multiple servers. All DASH server instances must point to the central user registry.

About this task

Use these instructions to configure single sign-on attributes for the DASH.

Procedure

  1. Launch the DASH Admin Console. For example: http://www.nm_gui_server_ip.com:16310/ibm/console.
  2. Navigate to Settings > WebSphere Administrative Console.
  3. Select Security, then click Global Security > Web and SIP Security > Single sign on (SSO).
  4. In the Authentication area, expand Web security, then click Global Security > Web and SIP Security (on the Authentication area) > Single sign on (SSO).
  5. Select the Enabled option if SSO is disabled.
  6. Deselect Requires SSL.
  7. Enter the fully-qualified domain names in the Domain name field where SSO is effective. If the domain name is not fully qualified, the DASH server does not set a domain name value for the LTPAToken cookie and SSO is valid only for the server that created the cookie. For SSO to work across Tivoli® applications, their application servers must be installed in the same domain (use the same domain name). See below for an example.
  8. Optional: Deselect the Interoperability Mode option.
  9. Optional: Deselect the Web inbound security attribute propagation option.
  10. Click OK, then save your changes.
  11. Stop and restart all the DASH server instances. Log out of the WebSphere Administrative Console.

Example

If DASH is installed on server1.ibm.com and Netcool Configuration Manager is installed on server2.ibm.com, then enter a value of .ibm.com.

What to do next

You enable SSO on Netcool Configuration Manager next.