Thanks Deva ,
Peratining to your statements , could you let me know teh following
just map it via weblogic EM create application role and map it u r AD users (users to role mapping)
------------- How I can do that ...any links or steps process. I couldn't find thsi is the link you provided. Suppose there ia a used "David " and "Steve" coming from AD . Now I have to assign David as BI Admin and Steve as BI Author so that they can login to Analtics and do their respective work.
Also say I need to create my own groups/roles for data/row level security as well . So I may think of creating two group/roles like US_Read and US_Write for just accessing and another is writing/editing. So how I can do that in EM and assign Steve and Mark comiung from AD to these roles/groups.
Note: Try to keep u r AD users --AD Group as Flat type
--------------- This is a very good approach but how do I keep user and AD group in flat file and manage the security in Analytics . Any help here.
Apologies for reviving old thread. I had the same problem as stated here and managed to find a solution. The application role does not appear in presentation services for the user after logging in, even though the user has been assigned to the application role in EM.
The reason is due to case sensitivity of the username when logging in through presentation services. If you do not log in with the same case as is defined for the user in the LDAP repository, then OBIEE cannot reference the roles that have been applied to the user.
The solution can be found in WebLogic Console (http://<<server>>:<<port>>/console). Navigate to Home -> bifoundation_domain -> Security -> General -> Advanced. There is an option called "Enable Principal Equals Case Insensitive. Set this option to true (ticked). Apply changes. You should now be able to log in with the user, without having to worry about case sensitivity, and defined application roles should be applied in presentation services.