This content has been marked as final. Show 4 replies
Have you created 4 different Roles for these 4 Groups in OBIEE? If not, do that and assign privileges in Analytics to those Roles only and remove the Authenticated User Role and BI Consumer Role from permissions. Also, are all users in AD in the same OU? What does your Group Base DN setting in Console for AD look like?
Please award points if helpful/correct.
I too faced such a issue in my 1st attempt, then resolved by setting "All Users Filter" & "Group base DN"
Note: to get right root structure of u r group base DN/user path -- try to login AD with admin user then generate ldif file then get the right path and then set it.
for more refer my blog steps,
Thanks for the reply.
Yes I have created 4 roles in EM and mapped these groups to those roles.
However, removing authneticated role and BIConsumer roles at Presenation level would not work since there are other authenticaiton systems coming up for OBIEE soon and then it would be a problem.
User Base DN: ou=XXUsers,dc=XXdomain,dc=com ( this is where all the corp users are at )
All Users Filter : Leave blank
User From Name Filter: Leave blank
Group Base DN : dc=XXdomain,dc=com ( this is where all the corp groups are at )
All Groups Filter: Leave blank
Group From Name Filter: (&(cn=%g)(objectclass=group))
Deva as per your blog you have setup All users filter for this group "01UREG1GPCOBIEE" ( I am assuming all the users who are accessing OBIEE exist here or is this just another group in AD .?)
All Users Filter:
User From Name Filter:
If we have 4 groups and use these group in All users Filter .? can we mention those 4 groups at a time here.?
I am using Apache LDAP Browser to get the DN paths.