OBIEE 10G - How to configure BI Server against the LDAP of ADSI ?

About

This article show how to configure an Oracle BI Server to authenticate against Active Directory.

Prerequisites

In the Oracle BI Administration Tool, the CN user used for the BIND DN in the LDAP Server section must have both ldap_bind and ldap_search authority.

Restriction on ADSI Servers

Importing of user information into the repository is supported on regular LDAP servers, but not supported on ADSI servers.

OBI EE can connect to an LDAP server and authenticate a user with user and password credentials, but it is limited in its ability to extract the groups defined within the LDAP server and to leverage these groups in the repository. The work around would allow the admin to reuse the groups in the LDAP server using the DBMS_LDAP package available within the Oracle Database. More … Accessing Groups in LDAP for use in Oracle Business Intelligence

Steps

Create a new Ldap server

ADSI Check

_

By checking the ADSI check-box, the attribute name change.

The configuration

More about the parameters (Base DN, Bind DN, …) : see this article : Ldap - Configuration Parameters

_

The creation of the user and group

OBIEE is still unable when using ADSI as ldap to import the user and group. If you try, you will have this message :

_

Group

You must create them manually in the repository.

Users

With the authentication method, we get the user id and the password. To complete the security process, you have to set the GROUP system session variable with the help of a initialization block in the variable manager.

Documentation / Reference


Powered by ComboStrap