Skip to content
  • Register

    • Oracle Analytics Cloud and Server

    Home Oracle Analytics Oracle Analytics Forums Oracle Analytics Cloud and Server Oracle Analytics Cloud and Server

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Log In
    Register

    Quick Links

    Categories

    Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

    How to add Active directory users to a weblogic group created by us

    Received Response
    95
    Views
    9
    Comments
    Rank 3 - Community Apprentice
    edited Aug 13, 2024 6:14PM in Oracle Analytics Cloud and Server

    Hi ,

    Can any one has the solution or document related to

    Add Active directory users to a web logic group created by us

    Thanks & Reards

    BK

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Log In
    Register

    Answers

    • Mod

      Hi,

      You can't ...

      In a weblogic group you can add the weblogic users, but the AD users will not be available there ....

      The AD users will have their own AD groups (based on your config) so you can have both a weblogic group and an AD group and add both of them to your app role.

    • Rank 3 - Community Apprentice

      Hi  Gianni Ceresa,

      so my existing security is that users are added to some group names and each group is restricted to each report

      I mean one grp will have access to one report and others will not

      So now i have enabled the Active directory and it  is working fine.so please suggest some way to grp the AD users by  grp name and will restrict that group to reports, same as above functionality.

      Advance thanks

      BK

    • Rank 5 - Community Champion

      As Gianni already said, you need to create AD groups and add your AD users to those AD groups, then assign those AD groups to your reports as well. You will need to maintain two sets of groups, weblogic groups and AD groups.

      If you want to just have one set of groups, then you need to virtualize your groups via OVD. That is a lot more work to setup and configure.

    • Rank 3 - Community Apprentice

      Hi handat,

      Please advice me on this.

      If i  add AD users to multiple  AD group and restrict/access the different reports  through ADgroups.will it be fine ..?

      my question is shld i maintain old web logic users and groups. can i delete that old group or users(weblogic) as i will create same groups or users in AD

      as AD group or AD users will suffice them instead of web logic grps/users

      Thanks & regards

      BK

    • Mod

      Hi,

      The first thing to keep in mind: you don't assign security on groups but on application roles (the old webcat groups are officially not there anymore in 12.2.1.1 and deprecated since 12.2.1.0 and advised to not use anymore in 11.1.1.9 etc.).

      So assuming you have all the application roles you need, there is no reason to maintain the weblogic groups if all your users come from AD.

      The weblogic groups are interesting only if you still have weblogic users requiring that level of security.

      If you don't want to have to create all the groups in AD because too much work you can also get the association between a user and an application role from a database (where you maintain a kind of mapping table).

    • Rank 3 - Community Apprentice

      Hi Gianni,

      Am clear from your above brief statement, that I will not use Web logic groups/users if I maintain AD

      So I want to use the AD users and I don't want to request frequently  to  create AD group as it is with LDAP team

      and as well as time consuming process.

      As you had mentioned, user and role based mapping catch my attention. please, request you  let me  know how I can call roles while using the AD users and restrict them using role(I know how to restrict the users or group  using role).

      I mean, how to associate the AD users coming from AD and roles coming from  mapping table and how or where is the option to call (combine)

      Appreciate your support and help.

      Thanks & regards

      BK

    • Rank 5 - Community Champion

      Hi,

      There is one way you can define AD users to particular Groups, via configuring SQL Group Provider.

      In this case you have to maintain a physical table in your DB and you can assign a users to the respective groups and add the group to the respective Application Role. So the security will be applicable to those users under the groups.

      Check this out, https://docs.oracle.com/cd/E23943_01/bi.1111/e10543/privileges.htm#CJAEBEJC

      Thanks,

      Abinash

    • Rank 3 - Community Apprentice

      Hi Abinash,

      I followed  the doc you had referred and is excellent and am in final lap to achieve the goal, but Unable To See Database Groups In EM After Configuring Users In LDAP, Groups In Database

      error message am getting in the server log is Connection pool not usable and i referred this oracle doc which speaks same issue Doc ID 1603055.1 .I have followed all the steps   but still unable to retrieve the groups in EM.

      Please help me out as am in  final lap to achieve the Target.

      Thanks & Regards

      Kumar

    • Rank 5 - Community Champion

      Hi Kumar,

      I got a your reply bit late.. I hope now you have solved your problem. If not Please try to restart everything and check.

      Please let me know if you face any issues.

      Thanks,

      Abinash

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Log In
    Register