This article show how to configure an Oracle BI Server to authenticate against Active Directory.
In the Oracle BI Administration Tool, the CN user used for the BIND DN in the LDAP Server section must have both ldap_bind and ldap_search authority.
Restriction on ADSI Servers
Importing of user information into the repository is supported on regular LDAP servers, but not supported on ADSI servers.
OBI EE can connect to an LDAP server and authenticate a user with user and password credentials, but it is limited in its ability to extract the groups defined within the LDAP server and to leverage these groups in the repository. The work around would allow the admin to reuse the groups in the LDAP server using the DBMS_LDAP package available within the Oracle Database. More … Accessing Groups in LDAP for use in Oracle Business Intelligence
Create a new Ldap server
Open Admintool > Menu > Security Manager
By checking the ADSI check-box, the attribute name change.
More about the parameters (Base DN, Bind DN, …) : see this article : Ldap - Configuration Parameters
The creation of the user and group
OBIEE is still unable when using ADSI as ldap to import the user and group. If you try, you will have this message :
You must create them manually in the repository.
With the authentication method, we get the user id and the password. To complete the security process, you have to set the GROUP system session variable with the help of a initialization block in the variable manager.