OBIEE Quick LDAP Configuration

http://ecapitaladvisors.com/blog/obiee-quick-ldap-configuration/

A common part of an OBIEE installation is configuring a client’s current LDAP server to pass users and groups into OBIEE. Here are the quick steps to configure a foreign LDAP in OBIEE:

• Login to weblogic console
• Click on Security Realms

• Click new to create the new LDAP entry.

• Type MSAD into the name field.
• For this scenario, Active Directory is selected as the type
• click ok.

• The new MSAD entry is now located at the bottom of the table.
• Click on the Default Authenticator link.

• Confirm that the control flag for the Default Authenticator is set to sufficient and return to the providers screen.

• Reorder the provider screen to look like below, MSAD being at the top of the table.
• After reordering, click on the MSAD link to view its settings.

• Confirm that the control flag for MSAD is set to sufficent
• Click the provider specific tab

• Enter the following details into the MSAD provider specific screen, adjusting to suit your specific environment:

Host: HOSTNAME.YOURCOMPANY.com

Port: 389

Principal: CN=obiee-svc,CN=Users,DC=corp,DC=YOURCOMPANY,DC=com

User Base DN: CN=Users,DC=corp,DC=YOURCOMPANY,DC=com

All Users Filter: (&(sAMAccountName=*)(objectclass=user))

User From Name Filter:(&(sAMAccountName=%u)(objectclass=user))

User Name Attribute:sAMAccountName

User Object Class: user

Group Base DN:CN=Users,DC=corp,DC=YOURCOMPANY,DC=com

• Log into weblogic enterprise manager
• Right click on bi foundation > Security > Security Provider Configuration

• Click the configure button on the identity store provider section of the page.

• Click the Add button and enter the following

Property Name: virtualize

Value: true

 

• Click OK.
• Restart BI Services.