Home
Administrator Guide
This guide describes how to install the HCL OneTest™ Server software.
Configuration of the server software
You can find information about the tasks that you must perform after you installed the server software to configure HCL OneTest™ Server.
User administration
After you install HCL OneTest™ Server, you must consider how the software manages users and authentication.
Configuration of multi-factor authentication in Keycloak
As a Server Administrator, you can configure multi-factor authentication that is provided by Keycloak so that the authenticity of the users is validated when they sign in or log into HCL OneTest™ Server.
Setting up a one-time password policy as MFA in Keycloak
As a Server Administrator, you can set up a one-time password (OTP) authentication policy in Keycloak as part of the multi-factor authentication (MFA) to validate the authenticity of the users when they sign in or log into HCL OneTest™ Server.

Administrator Guide
This guide describes how to install the HCL OneTest™ Server software.
- Installation of the server software
  To get started working with HCL OneTest™ Server, you must first install the server software.
- Server software upgrade methods
  When you want to use the enhanced functionalities of HCL OneTest™ Server, you must upgrade HCL OneTest Server to the latest version.
- Migration of user data
  You can find information about the migration limitations and methods when you want to migrate data such as projects, test resources, configuration details of integrated applications, and so on. You can migrate data that is generated in an earlier version of HCL OneTest™ Server after you upgrade to or install the latest version, and then use that data in the latest version.
- Backup and restoration of the server data
  You must back up all your server data before you uninstall the current version of the server software or upgrade to the latest version of the server software. You must back up the server data to avoid data loss or inaccessibility of data.
- Uninstallation of the server software
  When you no longer require HCL OneTest™ Server, you can uninstall the server software. You can uninstall the server software depending on the platform on which you installed the server software.
- Configuration of the server software
  You can find information about the tasks that you must perform after you installed the server software to configure HCL OneTest™ Server.
  - User administration
    After you install HCL OneTest™ Server, you must consider how the software manages users and authentication.
    - Enabling the Sign up link on the Login page of server
      You can enable the Sign up link when it is not visible on the Login page of HCL OneTest™ Server by using the Keycloak UI.
    - Default user administration
      You installed HCL OneTest™ Server and you want to know about how the software manages user access.
    - LDAP user administration
      After you installed HCL OneTest™ Server, you can use a Lightweight Directory Access Protocol and Active Directory HTTP server to manage users and authentication. Some of the following best practices, can help you to use an LDAP/AD server to manage user access to HCL OneTest Server.
    - Managing account settings
      You might want to change your password or other settings for your account.
    - Configuration of multi-factor authentication in Keycloak
      As a Server Administrator, you can configure multi-factor authentication that is provided by Keycloak so that the authenticity of the users is validated when they sign in or log into HCL OneTest™ Server.
      - Setting up a one-time password policy as MFA in Keycloak
        As a Server Administrator, you can set up a one-time password (OTP) authentication policy in Keycloak as part of the multi-factor authentication (MFA) to validate the authenticity of the users when they sign in or log into HCL OneTest™ Server.
      - Enabling the one-time password policy as the default MFA action in Keycloak
        After a Server Administrator sets up a one-time password (OTP) authentication policy in Keycloak, the Server Administrator must enable the policy so that Keycloak can deploy the OTP policy as the default multi-factor authentication (MFA) action.
      - Resetting the one-time password policy for a user in Keycloak
        If multi-factor authentication is enabled for HCL OneTest™ Server, and a user is not able to log in because the mobile device that generates an OTP is lost, the user must request the Server Administrator to reset their credentials. The Server Administrator must reset the credentials of the user so that the user can register the mobile device again.
  - Managing third-party licenses
    When you want to manage your acceptance of any third-party license agreements, you can change them from your Account Settings page on HCL OneTest™ Server.
  - Certificate authority: Importing and extending lists
    When you want browsers and other applications to access HCL OneTest™ Server, you must enable browsers to trust the certificate authority (CA) of HCL OneTest Server. For some applications that integrate with HCL OneTest Server, you must also extend the CA lists that are trusted by the applications.
  - Copying third-party application Jars to Kubernetes
    You can run API Suites in a project on HCL OneTest™ Server. If the API Suite uses a transport and the transport requires third-party application Jar files for a successful run, you must ensure that the third-party application Jar files are available at the test run time. To achieve this, you must copy the third-party application Jar files to the computer where HCL OneTest Server is installed on Kubernetes.
  - Changing the password seed
    As an administrator, you can change the password seed that is used when you install the server software to provide enhanced security to HCL OneTest™ Server.
  - Server extensions
    You can run specific tests in HCL OneTest™ Server by enabling the server extensions.
- Team space administration
  You can find information about team spaces including the initial team space on HCL OneTest™ Server along with the tasks that you can perform to administer a team space.

Setting up a one-time password policy as MFA in Keycloak

As a Server Administrator, you can set up a one-time password (OTP) authentication policy in Keycloak as part of the multi-factor authentication (MFA) to validate the authenticity of the users when they sign in or log into HCL OneTest™ Server.

Before you begin

You must have completed the following tasks:

Ensured that you are assigned a role as a Server Administrator of HCL OneTest™ Server. See Default user administration.
Installed HCL OneTest™ Server. See Installation of the server software.
Configured the licenses for HCL OneTest™ Server. See HCL license portal.

About this task

Keycloak provides an OTP policy that can be enabled and configured in Keycloak for the installed instance of HCL OneTest™ Server. You can refer to the Keycloak documentation about the OTP policies.

Procedure

Log in to HCL OneTest™ Server, if you are not already logged in.
Open Keycloak by entering /auth in the Address bar after the URL of your server instance, and then press the Enter key.

For example, if the URL of the server instance is https://<myserver.mycompany.com>, add /auth after the URL as in https://<myserver.mycompany.com>/auth

The Keycloak dashboard is displayed.
Click Administration Console.
Log into the Keycloak administration console by using the default username as keycloak and the password generated for you by Keycloak, if prompted.

The Keycloak console is displayed.
Change the realm to testserver, if it is not already in this realm.

The testserver realm dashboard is displayed.
Click Authentication in the navigation pane.

The Authentication page is displayed.
Click the Policies tab, and then click the OTP Policy tab.

The OTP Policy configuration settings are displayed.
Read the description provided for each of the fields by clicking and decide the values that you want to set for each of the fields, which are different from the default values listed.

You can save the changed configuration or use the default configuration without making any changes.

Results

You configured the settings or retained the default settings for an OTP policy in Keycloak.

What to do next

You must enable the OTP policy in Keycloak as the default option for authentication. See Enabling the one-time password policy as the default MFA action in Keycloak.