Single sign-on

Single sign-on is preconfigured in Netcool® Operations Insight® on Red Hat® OpenShift®. Federated repositories to support authentication for single sign-on are configured by default.

The following table lists the federated repositories, and list the default users and groups within these repositories. These default users are enabled by default.
Table 1. Federated repositories for single sign-on
Repository Default groups Default users Capability

InternalFileRepository

None

admin  

NetcoolObjectServer

This repository links to default Netcool/OMNIbus groups

root, ncoadmin, ncouser, nobody

Access individual Netcool Operations Insight components only

ICP_LDAP

icpadmins, icpusers

icpadmin, icpuser, impactadmin

Perform launch-in context actions across Netcool Operations Insight components. Needed to access Event Analytics functionality.

Users defined in any of these repositories can access individual Netcool Operations Insight components directly based on their role defined within the repository. For example, the ncoadmin user within the NetcoolObjectServer repository can log into WebGUI to perform tasks in the Event Viewer.

However, any user that needs to perform launch in context actions across Netcool Operations Insight components must be defined be in the ICP_LDAP repository and in either one of the groups icpadmins or icpusers.

Defining the user in the ICP_LDAP repository and in either one of the groups icpadmins or icpusers ensures that all of the relevant roles in Netcool/OMNIbus, Dashboard Application Services Hub, and Netcool/Impact are assigned to the user in order for launch in context actions to function properly.

Note: By design, users are permitted to be logged in simultaneously from different browsers and machines. This allows for a modern experience for users who use multiple devices to work.