• What is dbt_artifacts?

    dbt_artifacts is a package for modeling a dbt project and its run metadata. It includes the following models to help you understand the current state of a dbt project and its performance over time. It...

  • Data migration from the Salesforce to snowflake Data warehouse by using Matillion

    Purpose of the Article: This blog explains how to load the data from Salesforce to Snowflake Intended Audience: This article will help our Organizational level kind of developers working on data migra...

  • WiMAX-A Study of Security Analysis

    ...

  • WiMAX-A Study of Mobility

    1. Introduction The wireless market is growing rapidly; being pushed through wireless connectivity demand various wireless connectivity means are emerging (WLAN/802.11, WMAN/802.16a, WWAN/802.16d) [IE...

  • Weblogic Upgrade

    Patch Name wls1036_upgrade_generic.jar Reference https://www.youtube.com/watch?v=Be6hrYTANQE Just Click Next and Next MAKE SURE ALL OBIEE SERVICES ARE DOWN AND CLOSED IN PROCESS Open CMD prompt C:Mid...

Tags

bics installation OBIEE obiee 11g installation guide Oracle

Categories

mobile logo

OBIEE configuration with LDAP

a
22
December

OBIEE configuration with LDAP

December 22, 2016
In BI, OBIEE
By admin

1.      SET WEBLOGIC LDAP

Log on to the WebLogic Console as the weblogic adminsitrator account: http://[BI SERVER]:7001/console

  • Navigate to the following screen “Security Realms > myRealm”:

Click on the “Providers” tab and then click on the “Lock and Edit” button:

Click on the link for “DefaultAuthenticator”:

  • Set the “Control Flag” parameter to “SUFFICIENT”

  • Click the “Save” button

1.1      CREATE NEW IDENTITY PROVIDER

  • Navigate back to the “Providers” tab by clicking the link at the top of the page:

  • Click on the “New” button to create a new Identity Provider:

  • Set the following “Name” and “Type” before hitting the “OK” button: Name: ADAuthenticator

Type: ActiveDirectoryAuthenticator

 

  • You should see you new Identity Provider listed, click on the “ADAuthenticator” link to do some further configuration:

  • Set the “Control Flag” parameter to “SUFFICIENT” and then click the “Save” button

  • Once saved, go to the “Provider Specific” tab:

1.2      Set the Active Directory configuration

Host: NG Active Directory Server [AD Server Hostname or IP address]

e.g my network xx.xx.xx.xx

Port: 389

Principle [DN for OBI service account, used for connecting to AD to authenticate] e.g.  my network CN=Administrator, CN=Users, DC=corp, DC=miaz, DC=com

Credential: *************

Confirm Credential: ******

User Base DN:  [DN for the location of users within AD]

 Example my network  CN=Users, DC=corp, DC=miaz, DC=com

All Users Filter:
 (&(sAMAccountName=*)(objectclass=user))  * Leave Blank Preferable and will be added automatically.

User From Name Filter: (&(sAMAccountName=%u)(objectclass=user))  * Leave Blank Preferable

User Name Attribute: cn or sAMAccountName 

Group Base DN:  [DN for the location of groups within AD]

My Network example cn=Builtin,dc=corp,dc=miaz,dc=com

Click the “Save” button

Return back to the “Providers” tab (by clicking the link at the top) and then click the “Reorder” button:

  • Move “ADAuthenticator” to the second or First in the list
  • Click on the “OK” button
  • Now click “Activate Changes”

1.3      Restart services and then Open User and Groups and it should get populated with AD users

Groups also get populated

2.      ENABLE “VIRTUALIZATION”

NOTE: This step is required to enable the use of multiple Identity Providers and also to ensure that users will still be able to log in to OBIEE even if the WebLogic “Admin Server” went down

  • Log on to Enterprise Manager as the [BI ADMIN USER] account: http://[BI SERVER]:7001/em

  • Expand “WebLogic Domain”, right-mouse click on “bifoundation_domain” and then choose the following menu option:
  • Security > Security Provider Configuration

In the middle of the screen, click the “Configure” button:

Click the “Add” button to add the following 3 custom properties:

  • Click the “OK” button at the top-right
Observe the success message to confirm the parameters have been applied:

user.login.attr sAMAccountName

username.attr sAMAccountName

virtualize true

 

3. TUNING ACTIVE DIRECTORY FOR LARGE ORGANISATIONS

If you have a very large Active Directory tree structure, then it might cause performance issues during the login process as it takes an extended period of time for authentication and authorisation to complete.

The settings documented in this section can significantly improve performance.

In one example (where users/groups were spread over 150 sub-trees in Active Directory) these settings reduced login times from 5-6 minutes down to just a few seconds.

  • Log on to the WebLogic Console as the weblogic adminsitrator account: http://[BI SERVER]:7001/console

  • Navigate to the following screen “Security Realms > myRealm > Providers > Authentication” and click on the link for your “ADAuthentictor”:

  • Click the “Lock and Edit” button
  • Go to the “Provider Specific” tab and change the following parameters:
  • 
Use Token Groups For Group Membership Lookup: [Enable]

Cache Size: 3200

  • Click the “Save” button
  • Now go to the “Performance” tab of your authenticator and set the parameters as follows:

Max Group Hierarchies in Cache: 1000

Group Hierarchy Cache TTL: 600

Enable SID to Group Lookup Caching: [Enable]

Max SID TO Group Lookups In Cache: 5000

  • Click the “Save” Button
  • Click the “Activate Changes” button 
NOTE: You will need to restart, this will be done in the next section

4.     Open BIP or OBIEE and try one of the AD user and he/she should be able to login.

Post Tags:
Warning: Array to string conversion in /volume1/web/wordpress/wp-includes/link-template.php on line 2361 Call Stack: 0.2511 6404248 1. {main}() /volume1/web/wordpress/index.php:0 0.2511 6404560 2. require('/volume1/web/wordpress/wp-blog-header.php') /volume1/web/wordpress/index.php:17 3.6180 22961312 3. require_once('/volume1/web/wordpress/wp-includes/template-loader.php') /volume1/web/wordpress/wp-blog-header.php:19 3.6312 22971648 4. include('/volume1/web/wordpress/wp-content/themes/ayro/single.php') /volume1/web/wordpress/wp-includes/template-loader.php:106 4.1852 25079224 5. ayro_qodef_get_blog_single() /volume1/web/wordpress/wp-content/themes/ayro/single.php:9 4.1855 25079600 6. ayro_qodef_get_module_template_part($template = 'templates/single/holder', $module = 'blog', $slug = '', $params = ['sidebar' => 'default']) /volume1/web/wordpress/wp-content/themes/ayro/framework/modules/blog/blog-functions.php:459 4.1855 25079728 7. ayro_qodef_get_template_part($template = 'framework/modules/blog/templates/single/holder', $slug = '', $params = ['sidebar' => 'default']) /volume1/web/wordpress/wp-content/themes/ayro/framework/lib/qode.functions.php:907 4.1857 25080632 8. include('/volume1/web/wordpress/wp-content/themes/ayro/framework/modules/blog/templates/single/holder.php') /volume1/web/wordpress/wp-content/themes/ayro/framework/lib/qode.functions.php:888 4.1857 25080632 9. ayro_qodef_get_single_html() /volume1/web/wordpress/wp-content/themes/ayro/framework/modules/blog/templates/single/holder.php:3 4.3193 25460776 10. ayro_qodef_get_module_template_part($template = 'templates/single/parts/single-navigation', $module = 'blog', $slug = ???, $params = ???) /volume1/web/wordpress/wp-content/themes/ayro/framework/modules/blog/blog-functions.php:523 4.3193 25460920 11. ayro_qodef_get_template_part($template = 'framework/modules/blog/templates/single/parts/single-navigation', $slug = '', $params = []) /volume1/web/wordpress/wp-content/themes/ayro/framework/lib/qode.functions.php:907 4.3195 25462256 12. include('/volume1/web/wordpress/wp-content/themes/ayro/framework/modules/blog/templates/single/parts/single-navigation.php') /volume1/web/wordpress/wp-content/themes/ayro/framework/lib/qode.functions.php:888 4.3352 25332832 13. previous_post_link($format = '%link', $link = [0 => 'https://miaz-tech.com/wp-content/uploads/2016/05/shop-product-image-4.jpg', 1 => 600, 2 => 651, 3 => FALSE], $in_same_term = TRUE, $excluded_terms = '', $taxonomy = 'category') /volume1/web/wordpress/wp-content/themes/ayro/framework/modules/blog/templates/single/parts/single-navigation.php:27 4.3352 25332832 14. get_previous_post_link($format = '%link', $link = [0 => 'https://miaz-tech.com/wp-content/uploads/2016/05/shop-product-image-4.jpg', 1 => 600, 2 => 651, 3 => FALSE], $in_same_term = TRUE, $excluded_terms = '', $taxonomy = 'category') /volume1/web/wordpress/wp-includes/link-template.php:2278 4.3352 25332832 15. get_adjacent_post_link($format = '%link', $link = [0 => 'https://miaz-tech.com/wp-content/uploads/2016/05/shop-product-image-4.jpg', 1 => 600, 2 => 651, 3 => FALSE], $in_same_term = TRUE, $excluded_terms = '', $previous = TRUE, $taxonomy = 'category') /volume1/web/wordpress/wp-includes/link-template.php:2259

OBIEE Cache Management

Previous post

OBIEE Vs BI Publisher

Next post

Related Posts

OBIEE Deployment Options

[embeddoc url="http://ids-sol.co.uk/wp-content/uploads/2017/07/Cloud-Computing-and-OBIEE-v3.pdf" download="all"]...

MULTIPLE FACT TABLES

My current blog  looks...

OBIEE conditional format using arrows

OBIEE conditional format using...

Hadoop Integration with OBIEE 11g

The newest release of...

No Comments
Post a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.