Configuring BIApps 11.1.1.10.1 ExternalLDAP Authentication
Configuring BIApps 11.1.1.10.1 ExternalLDAP Authentication
Configuring BIApps 11.1.1.10.1 ExternalLDAP Authentication
authentication
By default, the BI system uses the Weblogic Server embedded LDAP. To
configure BI to use an external authenticator, see the Oracle Fusion
Middleware Security Guide for Oracle Business Intelligence Enterprise Edition
11g > Chapter 3 Using Alternative Authentication Providers.
2. Create the BI Applications Administrator and BIAppsSystemUser users in the
connect to the ODI Repository This user will also be created in the ODI
repository with SUPERVISOR privileges during script execution in step 4
below.
3. Update the oracle.biapps.system credential map to include the
BIAppsSystemUser user
Update the oracle.biapps.system credential map to include the
BIAppsSystemUser user as follows:
Run wlst.sh from MW_HOME/oracle_common/common/bin folder:
connect('<ADMIN_USER_NAME>', '<ADMIN_PASSWORD>', 't3://<host>:<port>')
updateCred(map='oracle.biapps.system', key='system', user='BIAppsSystemUser',
password='<Password_forBIAppsSystemUser>', desc="Credential")
./wlst.sh
<MW_HOME>/Oracle_BI1/bifoundation/install/createJPSArtifactsODI.py
external --ADMIN_USER_NAME <Administrator> --DOMAIN_HOSTNAME
<Hostname> --DOMAIN_PORT <Domain Port, e.g. 7001>
--DOMAIN_HOME_PATH <Domain Home Path, e.g. MW
Home>/user_projects/domains/bifoundation_domain> --OID_USER
cn=orcladmin --LDAP_URL <ldap://host:port> --USERBASE_PREFIX <User
base where users will be searched, e.g.,
cn=users,dc=us,dc=oracle,dc=com> --GROUPBASE_PREFIX <user group,
e.g., cn=groups,dc=us,dc=oracle,dc=com>
Where:
the external parameter is used to configure to the external LDAP system.
--ADMIN_USER_NAME : Weblogic Administrator user Name
--DOMAIN_HOSTNAME : BI Domain host name
--DOMAIN_PORT: BI Domain port
--DOMAIN_HOME_PATH : BI Domain home path
--OID_USER: OID user, e.g. cn=orcladmin
--LDAP_URL: external ldap url; format: ldap://host:port
--USERBASE_PREFIX : user base prefix; where users will be searched; e.g.
cn=users,dc=us,dc=oracle,dc=com
--GROUPBASE_PREFIX : user group prefix; e.g. cn=groups,dc=us,dc=oracle,dc=com
Example: ./wlst.sh /scratch/mw6826/Oracle_BI1/bifoundation/install/createJPSArtifactsODI.py
external --ADMIN_USER_NAME Administrator --DOMAIN_HOSTNAME slc01apw.us.oracle.com
--DOMAIN_PORT 7001 --DOMAIN_HOME_PATH
/scratch/mw6826/user_projects/domains/bifoundation_domain --OID_USER cn=orcladmin
--LDAP_URL ldap://scl14405.us.oracle.com:3060 --USERBASE_PREFIX
cn=users,dc=us,dc=oracle,dc=com --GROUPBASE_PREFIX
cn=groups,dc=us,dc=oracle,dc=com
b. Copy the jps-config-jse.xml file and cwallet.sso files from DOMAIN_HOME_PATH/odiclient-config/external to ODI_Home/oracledi/client/odi/bin on all machines where ODI
Studio clients have been installed.
c. Open the ODI_Home/oracledi/client/odi/bin/odi.conf file for editing: