Connect to ALM using external authentication

Note: This topic is relevant for ALM Synchronizer for Agile Manager only. For details about the NextGen Synchronizer see NextGen Synchronizer, or search using the NextGen Synchronizer filter.

If you are still using ALM Synchronizer, we recommend migrating to the more robust NextGen Synchronizer embedded in Agile Manager's configuration area.

Synchronizer can connect to ALM using SiteMinder single sign-on (SSO) or smart card authorization.

Note: Entity links cannot be synchronized when using external authentication.

Linked entities will remain linked in their original endpoint, but the links will not be synchronized to the other endpoint.

To enable connections to ALM using external authentication, do the following:

On the ALM server

Modify the account settings for the user that connects to ALM from Synchronizer (such as synch_user@mycorp.com). Ensure that this user can log in to ALM using a name, and not only an email address.

For details, see the ALM Administrator Guide.

On the Synchronizer server

  1. Make sure that the Synchronizer server service is not run by the default Local System user. Instead, it must be run by the same Windows user who installed the Synchronizer server.

    You can check and edit this in the Windows Services dialog box. The service name is similar to Application Lifecycle Management Synchronizer.

    Caution: This same Windows user must also be the one to install certificates and run the Webgate Customization tool in the following steps.

  2. If you are using Smart Card authentication, install the SmartCardUser certificate on the Synchronizer server:

    1. Save the certificate to a file named server.cer, in the <Synchronizer installation>\java\bin directory.

      Tip: If the SmartCardUser certificate is a PFX file, you can import it to the Microsoft Management Console, and then export to a cer file.

    2. From the <Synchronizer installation>\java\bin directory, use the keytool command to import the server.cer file to the <Synchronizer installation>\java\lib\security\cacerts directory.

      For example:

      keytool.exe -import -v -trustcacerts -alias tomcat -file server.cer -storepass <password> -keystore <Synchronizer home>\java\lib\security\cacerts

  3. Using the Webgate Customization tool:

    On both the Web Server Settings tab and the Proxy Settings tab, configure access to ALM using external authentication from the Synchronizer server, by defining ALM server and Proxy server credentials.

    For details, see the ALM External Authentication Configuration Guide.

  4. Disable linked entity synchronization.

    Open the <Synchronizer installation directory>\dat\server.properties file for editing, and add the following line:

    disable.sync.entityLink=Y

  5. Restart the Synchronizer server.