I recently created some BPM scripts for the BMC Remedy Action Request System 7.1 web client. This Tech Tip contains some of the things that I learnt.

My favourite part of this exercise was proving that the person from BMC who said "we have already tried, and found that it is impossible to script ARS with VuGen" was totally wrong.

Note that the information should be equally relevant whether you are creating VuGen scripts for LoadRunner, or for use as BPMs for BAC.

BMC Remedy Mid-Tier 7.1 login page

Recording and Script Generation

Remedy ARS has both a Win32 client and a web-based client. The Win32 client communicates with the server using a proprietary protocol that is not supported by VuGen. Traffic can be recorded using the Windows Sockets vuser type, but the data is in an unintelligible binary format (just because you can record an application with Winsock doesn't mean you should try to create a script using it).

Note that it might be possible to configure VuGen to record ARS by using the VuGen protocol development kit, and referring to the ARS API documentation, but time limitations prevented me from experimenting with this.

The Web (Click and Script) vuser type does not successfully record ARS, but it is possible to create a working script using the Web (HTTP/HTML) vuser type.

When recording, you must either use URL mode (so that each HTTP request is a separate function call), or change your recording settings to treat the MIME type "text/plain" as a non-resource (Recording Options > HTTP Properties > Advanced > Non-Resources). This will ensure that the calls to BackChannel are not recorded as EXTRARES.

VuGen 9.5 has an odd behaviour when generating code for the BackChannel requests. These appear as a web_custom_request with "Method=GET", but still have a Body parameter with the same value as the arguments passed in the URL (obviously GET requests should not have a body). As long as the HTTP method is GET, then this body may be safely removed.

Backchannel Requests

You may have already guessed that BackChannel requests are kind of important for ARS. These requests are sent behind the scenes to fetch data to display in the GUI and to update data on the server. This means that you will be scripting "blind" as VuGen will not show you what any pages look like in either the Tree View or the Test Results window.

Here is an example of a BackChannel request:

// Lookup of Incident # INC00000126798
    "EncType=text/plain; charset=UTF-8", 
URL decoded request:
https://remedy-ars.example.com/arsys/BackChannel/?param=416/GetEntryList/22/remedy-ars.example.com31/HPD:Incident Management Console22/remedy-ars.example.com13/HPD:Help Desk0/30/4\1\1\1000000161\99\302085700\13/1/9/30208570020/1/15/INC0000012679875/1/1/41/21/3212/17/9/24000100510/100000000110/10000057919/20000000510/100000000010/100000005610/100000016410/100000015110/100000008010/10000002179/20000000310/100000056010/10000057859/2000000049/24000100310/10000000999/240001002

JSON response:
this.result={n:1,f:[{t:0},{t:4,v:"JDS"},{t:4,v:"PPL000000132801"},{t:4,v:"Network Management Systems"},{t:4,v:"Test Environment: Please free swap space on following Production servers\r\n"},{t:4,v:"(03) 9663 4573"},{t:6,v:"2 Medium"},{t:4,v:"Test Environment: Please free swap space on following Production servers\r\n\r\jdsweb01.jds.net.au                             \r\jdsweb02.jds.net.au  \r\jdsapp01.jds.net.au                             \r\jdsapp02.jds.net.au                            "},{t:4,v:"PPL000000132801"},{t:4,v:"JDS Remedy Test Support"},{t:4,v:"Services"},{t:7,v:"1248074292"},{t:4,v:"(03) 9663 4573"},{t:4,v:"Systems"},{t:4,v:"JDS"},{t:6,v:"1 User Service Request"},{t:4,v:"ARS"},{ts:1249950456}]};

The data in the URL "param=" argument becomes a little clearer once you URL decode it.

  • The first part of the string (416/) is the length of the string, not including this first length parameter and the delimiter.
  • The second part of the string (GetEntryList) is the action that is being called on the server. Other possible values include:
    • GetURLForForm
    • GetEntry
    • GetEntryList
    • GetTableEntryList
    • GetCurrencyExchangeRates
    • SetEntry
    • SetEntryList
    • SetOverride
    • SaveSearch
    • ExpandMenu (used to populate a drop-down list)
    • CompileExternalQualification
    • ServerRunProcess
  • Each value after the action has a field length argument immediately before it e.g. "22/remedy-ars.example.com31/HPD:Incident Management Console". Note that 0 is a valid length, and a length value may be specified that includes muliple "/" characters (like the "212/" value in the request above).
  • Creating a BackChannel request that does not conform to this format may result in a "Network protocol/data error" response but, then again, it may not - the BackChannel requests don't always seem to be validated on the server.

Error Messages and Verification

A successful BackChannel request will always return "this.result=", so it is a good first step to put a basic web_reg_find function before each BackChannel request to verify that this string appears in the HTTP response.

web_reg_find("Text=this.result", LAST);

Other possible responses start with "CurWFC.status" or "retry=this.Override". Some examples are:

  • CurWFC.status([{cId:1,t:2,m:"Network protocol/data error when performing data operation. Please contact administrator.",n:9350,a:""}]);
  • CurWFC.status([{t:2,m:"",n:1291039,a:"The incident location information is invalid. Use the menus on the Region, Site Group, and Site fields or the type ahead return function on the Site field to select this information."}]);
  • CurWFC.status([{cId:1,t:2,m:"Session is invalid or has timed out. Please reload page to log in again.",n:9201,a:""}]);
  • CurWFC.status([{cId:1,t:2,m:"Message not found",n:-1,a:""}]);
  • CurWFC.status([{cId:1,t:2,m:"User is currently connected from another machine",n:9084,a:""}]);
  • retry=this.Override([{cId:1,t:2,m:"User is currently connected from another machine",n:9093,a:""}]);

The difference between the last two messages is that the last message can be bypassed by acknowledging the message and continuing, while the second-last message cannot be bypassed and will prevent a user from opening the requested screen/module inside ARS.

When BackChannel returns an empty recordset (like from GetEntryList), it will look like "this.result={n:0};"

Save and Set functions may indicate success by returning "this.result=1" or "this.result=true".

But most of the time BackChannel will return data in a format with 1 elements (n=1), with the element being an array of values (f:[{t:0},{t:4,v:"JDS"},{t:4,v:"PPL000000132801"}]).

Here are some for known error messages:

// Known error messages
web_global_verification("Text=Authentication failed", "ID=AuthenticationFailed", LAST);
web_global_verification("Text=The incident location information is invalid", "ID=IncidentLocationInformationIsInvalid", LAST);
web_global_verification("Text=Network protocol/data error when performing data operation", "ID=NetworkProtocolDataError", LAST);
web_global_verification("Text=Please contact administrator", "ID=PleaseContactAdministrator", LAST);
web_global_verification("Text=Session is invalid", "ID=SessionIsInvalidOrHasTimedOut", LAST);
web_global_verification("Text=Message not found", "ID=MessageNotFound", LAST);
web_global_verification("Text=User is currently connected from another machine", "ID=UserIsCurrentlyConnectedFromAnotherMachine", LAST);	    

Code Snippets

For some reason ARS will create a hash of the password before sending it to the server. While it is possible to reinvent their hashing function, there is no point. When you parameterise the password, just put the hashed value in your parameter file, and ensure that all accounts have the same password.

	"Name=username", "Value=bpm01", ENDITEM, 
	"Name=pwd", "Value=pthkhphshjhkhk", ENDITEM, // welcome4
	"Name=auth", "Value=", ENDITEM, 
	"Name=timezone", "Value=AET", ENDITEM, 
	"Name=encpwd", "Value=1", ENDITEM, 
	"Name=goto", "Value=", ENDITEM, 
	"Name=server", "Value=", ENDITEM, 
	"Name=ipoverride", "Value=0", ENDITEM, 
	"Name=initialState", "Value=0", ENDITEM, 
	"Name=returnBack", "Value=null", ENDITEM, 

Timestamps are used in many requests. These are either in seconds or milliseconds since 1/Jan/1970. Be careful not to confuse a timestamp in seconds with a length argument after it for a timestamp in milliseconds. This will cause a "Network protocol/data error when performing data operation" error.

// Example in C
// Timestamp in seconds
lr_save_int(time(NULL), "pTimestamp_1"); // 1249950809
// Timestamp in milliseconds
web_save_timestamp_param("pTimestamp_2"); // 1249950434718
// Example in Java
// Timestamp in seconds
lr.save_int((int) (System.currentTimeMillis()/1000), "pTimestamp_1"); // 1249950809
// Timestamp in milliseconds
lr.save_string(System.currentTimeMillis() + "", "pTimestamp_2"); // 1249950434718

The following code example deals with the situation where the account is already logged onto the system. It will confirm the dialog window (SetOverride) and retry the request.

// Handle case where dialog window pops up saying "User is currently connected from another machine".
web_reg_find("Text=this.result", "SaveCount=TextCheckCount", LAST); // This happens normally.
web_reg_find("Text=User is currently connected from another machine", "SaveCount=LoggedInCount", LAST); // This happens when the account is already logged on.
	// https://{ServerName}/arsys/BackChannel/?param=170/GetEntryList/22/{ServerName}31/HPD:Incident Management Console22/{ServerName}15/AST:AppSettings0/16/4\1\2\2\1\2\2\1\2/0/2/0/2/0/1/21/313/1/9/400127400"
	"EncType=text/plain; charset=UTF-8", 
// RETURNS: retry=this.Override([{cId:1,t:2,m:"User is currently connected from another machine",n:9093,a:""}]);
// RETURNS: CurWFC.status([{cId:1,t:2,m:"User is currently connected from another machine",n:9084,a:""}]); // if this response is received, there does not seem to be a way to bypass it.
// RETURNS: this.result={n:1,f:[{t:4,v:"BMC.ASSET"},{ts:1249950451}]};

if (strcmp(lr_eval_string("{LoggedInCount}"), "1") == 0) {
	// User is already logged in.
	// Confirm dialog window and continue.
	lr_output_message("Account is in use by another session. Script will confirm dialog and continue. LoggedInCount: %s, TextCheckCount: %s", lr_eval_string("{LoggedInCount}"), lr_eval_string("{TextCheckCount}"));

	web_reg_find("Text=this.result=true", LAST);  
		// https://{ServerName}/arsys/BackChannel/?param=15/SetOverride/1/1"
		"EncType=text/plain; charset=UTF-8", 
	// RETURNS: this.result=true;

	web_reg_find("Text=this.result", LAST);
	web_reg_find("Text=User is currently connected from another machine", "Fail=Found", LAST);
	// https://{ServerName}/arsys/BackChannel/?param=170/GetEntryList/22/{ServerName}31/HPD:Incident Management Console22/{ServerName}15/AST:AppSettings0/16/4\1\2\2\1\2\2\1\2/0/2/0/2/0/1/21/313/1/9/400127400"
		"EncType=text/plain; charset=UTF-8", 
	// RETURNS: this.result={n:1,f:[{t:4,v:"BMC.ASSET"},{ts:1249950451}]};
	// RETURNS: CurWFC.status([{cId:1,t:2,m:"User is currently connected from another machine",n:9084,a:""}]); <-- this is returned if the dialog confirm did not work.

} else if (strcmp(lr_eval_string("{TextCheckCount}"), "1") == 0) {
	// Everything is working as expected. Continue script execution.
	lr_output_message("Account is not in use by another session, and everything is working as expected. LoggedInCount: %s, TextCheckCount: %s", lr_eval_string("{LoggedInCount}"), lr_eval_string("{TextCheckCount}"));
} else {
	// Did not find expected text
	lr_error_message("Error. Did not get \"user is currently connected\", but also did not get expected text. Something is wrong with Remedy ARS.");


Correlation is quite difficult for Remedy ARS. My approach was very manual:

  • Record the business process twice with the same input data, then WDiff to find request values that change between iterations.
  • Record the business process twice with different input data (different username, different "incident" data etc), then WDiff to find other request values that change.
  • VuGen will break long strings (like the BackChannel URL) into multiple lines. This will be a problem for you if you are trying to do a search and replace for values you are correlating/parameterising. I put all long strings onto a single line.
  • The BackChannel URLs are hard to read in their URL encoded form. I put the URL decoded value above in a comment above the URL.
  • I found that I had a clearer idea of what the application was doing during the business process when I cut and pasted the JSON response below each BackChannel request.
  • If you find that you have to do difficult string processing or use someone else's JSON library, you may find it easier to convert your C-based script into a Java-based script. Note that there are some bugs with HP's sed script that does the conversion. It does not add "new String[]{" to the end of the web_custom_request "URL" argument, when the URL agument spans multiple lines. It will also change any occurances of LASTID into LAST}}ID and LASTCOUNT into LAST}}COUNT.

Finally, you will be amazed at the values that look like they should be correlated that actually never change. Remember that the only way to be sure is to use WDiff (Tools > Compare with Script). Just don't expect these values to stay the same if the version of Remedy ARS changes, or you user profiles change.

Tech tips from JDS


I have worked on BMC Remedy ARS 7.5 and the above methods work perfectly for scripting via HP Loadrunner v12.53 with Web (HTTP/HTML) protocol

“Name=__RequestVerificationToken”, “Value=UIj/363uEPWAll/79gP7qlrdVxWj+9/rPqB9N3oGbnFjaRbH2riKT2XXDEmP6ev2XZ+XaUVBt1IDENJ4y3/WwyOVx2SuDfhndlIs1l0mn7OmeN6NgVdHij56qwEC4ulUfaNao8yi2at61vjoRwbK0ntSv2E=”, ENDITEM,
“Name=sso.Email”, “Value=sfaodev3@gmail.com”, ENDITEM,
“Name=sso.ValidationId”, “Value=5fe22d0f-dda4-4253-9ffd-0291b73c0a17”, ENDITEM,
“Name=sso.Password”, “Value=Passw@rd1”, ENDITEM,
“Name=sso.RememberMe”, “Value=false”, ENDITEM,
“Name=”, “Value=Sign In”, ENDITEM,
“Url=https://sfao.sagenephos.com/Content/Images/background.png”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,
“Url=https://sfao.sagenephos.com/Content/Images/accordian_buttons.png”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,
“Url=https://sfao.sagenephos.com/Content/Images/sprite.png”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,
“Url=https://sfao.sagenephos.com/Scripts/jquery/jquery.validate.unobtrusive.js?_=1398091223830”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,
“Url=https://sfao.sagenephos.com/Scripts/Controllers/Root/Company/CompanyDetails.js?_=1398091224241”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,
“Url=https://sfao.sagenephos.com/Company/GetStates”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,
“Url=https://www.google-analytics.com/analytics.js”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,
“Url=https://sfao.sagenephos.com/Content/Images/dropDownArrow.png”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,
“Url=https://sfao.sagenephos.com/Content/Images/QuestionIcon_Default_Dark.png”, “Referer=https://sfao.sagenephos.com/”, ENDITEM,

I tried correlation as shown below:


This doesn’t work, can some one help me to proceed.

Cool, thanks. Really helped us out here with our LoadRunner programming :-)

Stephan Wiesner


I am working on this application,
I done with the scripting,did the correlation part.
when I run it ..In the run-time viewer I am facing “The XML page Cannot be displayed error”.
Remaining pages are working fine.
how to resolve that.


“Name=encpwd”, “Value=0”, ENDITEM, in the LoginServlet will enable you to write the password in clear text. Then you won’t need your test users to have the same password

can you please place some sample script and default correlations in BMC application

Hi All,

I’m having many troubles in record a script for Remedy 8.1 with LR 11. There is a token that doesn’t come with the server response then I’m not to correlate this and as a consequence the script fails. I’ve spent many time looking for a solution but so far no sucess.

Does anyone have been through this? I will appreciate any help!

I am able to run my script and it shows Passed transaction, but the connected users are not showing up in Remedy Administrator console? Please guide me.

We were trying to do performance test for AR system thin.There were lot of Back channel request.
Can some body suggest me what needs to be correlated in the back channel request.

Hi ,
Here we can parametrise the password by replacing the encpwd to 0
“Name=username”, “Value=bpm01”, ENDITEM,
“Name=pwd”, “Value=pthkhphshjhkhk”, ENDITEM, // welcome4
“Name=auth”, “Value=”, ENDITEM,
“Name=timezone”, “Value=AET”, ENDITEM,
“Name=encpwd”, “Value=1”, ENDITEM,
“Name=goto”, “Value=”, ENDITEM,
“Name=server”, “Value=”, ENDITEM,
“Name=ipoverride”, “Value=0”, ENDITEM,
“Name=initialState”, “Value=0”, ENDITEM,
“Name=returnBack”, “Value=null”, ENDITEM,

see the difference

“Name=username”, “Value=bpm01”, ENDITEM,
“Name=pwd”, “Value=welcome4”, ENDITEM, //pthkhphshjhkhk
“Name=auth”, “Value=”, ENDITEM,
“Name=timezone”, “Value=AET”, ENDITEM,
“Name=encpwd”, “Value=0”, ENDITEM, //1
“Name=goto”, “Value=”, ENDITEM,
“Name=server”, “Value=”, ENDITEM,
“Name=ipoverride”, “Value=0”, ENDITEM,
“Name=initialState”, “Value=0”, ENDITEM,
“Name=returnBack”, “Value=null”, ENDITEM,
Now you can use the original password and you can parameterize it


I am having same kind of issue as yours but if i run the script using the user id which one i had used to record the script it works fine but when i use differnt user id it gives me “=Network protocol/data error when performing data operation” contact administrator.

Please advise.


Ravindra Reddy

Hi Visha,

I am even facing the Same Issue as yours,

Script is working fine with One user Id which was used during recording for multiple iterations as I m able to create the Incident Id thru script and can be retrieved those Id in application too.

But its throwing an same error for me like below when running with different userId which was not used during recording.

“if(getCurWFC_NS(this.windowID)!=null) getCurWFC_NS(this.windowID).status([{cId:1,t:2,m:”Network protocol/data error when performing data operation. Please contact administrator.”,n:9350,a:””}]);”

I am struggling with this issue and please help me to get out this issue if you have solution and you got it fixed when got the same issue.

You can directly reach me on #9980589208

Hi ravindra i’m trying to reach your mobile number its switched off from long time. could you please update your number. i have few doubts to get clarify from you.
Thanks In Advance!!

Ravindra Reddy


Here is my num, you can reach me out on #+91-9986946752.

Hi Stuart,
Thanks a lot for the post. Really handy!!
Howevwer, I am having some troubles to maintain scripts that were working before for Remedy 7.1 but now they don’t work. I will try to explain the problem.
I developed some scripts some time ago, and after the ARS server was restated (for manteinance purposes) they started failing.
I recorded the same business process again and realized that the BackChannel requests were made in a different way now. The same request that contained before the restart:


now contains:

645/GetEntryList/8/vxtbmc4119/SHR:OverviewConsole17/Default User View8/vxtbmc4130/CTM:CFG-ApplicationPreferences…

It looks like “17/Default User View” was added.
Also 5/1/1/01/0 was added to the request at some point.

The weird thing is that configuration of ARS and users was not modified, so I wonder why all the BackChannel requests have been modified, only because of a server restart.

Do you have any idea about what might be happening?


Scott Stevens

Its probably to late now, but so far my experience of the:

[{cId:1,t:2,m:”Message not found”,n:-1,a:””}]

Error is that somewhere one of your ‘fixed’ length strings has changed and is now a different length. I.e :

11/New Zealand

is now

11/New ZealandZ

Did anybody try to use Ajax TruClient protocol for RAS?
The problem I exeprienced was with VuGen failing to correctly replay switching of focus between tabs and windows and alway stack somewhere in the middle.

Yes, successfully created TruClient scripts for testing Remedy ARS. Tip: use custom XPath for object identification. Typical example from my script is: //div[@ardbn=”WorkType”]/a


This information has been so useful in working for BMC scripting with LoadRunner. I have done all enhancements but still getting an error for Incident Management scenario. I am getting the below error,
Message not found
As you mentioned it as a know error can’t we fix it. What is the next action to be taken to fix this.

Once again thanks for posting such useful information.

venkatram chada

I have tried with load runner and it has an inefficiency in recording the back channel data for remedy application even though it is a web based application.
your script will not work properly.

winsocks is not even an option for recording this application as it has all binary and hexadecimal code which is hard to read and corelate.
The other option is web click and script if you are lucky enough to record the script and play back , however u need a hell a lot of load generators to run the script.

with all these issue i faced, i opted to use silk performer.


I checked below URL
I am using VuGen 9.1 and BMC Remedy Action Request System 5.1. This Remedy is not accessible via Web.

How can i script the BMC Remedy Action Request System 5.1 by VuGen?

Can you pleae provide me any kind of input?



GREAT info, thanks!!!

David Cashion

Wow, I’ll agree…scripting Remedy isn’t easy, but it can be done. Great article!!!

Kaushal Dalvi

Would it be possible to directly send whatever all the necessary information required to, lets say, create a ticket, to the AR System server by socket programming?
Or maybe make a C Vuser script and use the AR API?
Excellent tech tip btw :)