Categories
- All Categories
- 15 Oracle Analytics Sharing Center
- 15 Oracle Analytics Lounge
- 208 Oracle Analytics News
- 41 Oracle Analytics Videos
- 15.7K Oracle Analytics Forums
- 6.1K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 76 Oracle Analytics Trainings
- 14 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
OBIEE 12c - LDAP config
Answers
-
I was able to reduce to a smaller set of users by using the MEMBEROF syntax. My AD users are logging in fast now!
HOWEVER, my "weblogic" user occasionally takes about 1 minute to log into console/EM. Any idea?
0 -
That is nothing to do with the authentication itself but in general the console, and particularly EM, can take a while to load into memory and run on the server.
0 -
I said it was authentication because when logging into EM, it displays a small message of what it's doing (Login in progress, Identifying Targets, etc.). In my case, it was stuck at "Authentication..." for about 1 minute and then goes through.
Anyway, the issue seem to have gone away by reordering the Authentication Provider. I put the DefaultAuthenticator first, then MSAD. Previously, I had MSAD, then DefaultAuthenticator.
0 -
Yes, when using internal and external authenticator, you want to have weblogic authenticator first. They should also both be set to "sufficient".
Like in the other answers above, to do what you desire to do (have external LDAP users but control roles/groups in OBIEE) you just set up custom application roles and assign the LDAP users to those roles. Then you can control access in catalog manager based on the different roles.
0 -
Most of the documents/articles I've read suggested using the external authenticator (AD) first. That's why I had it that way. Anyway, I'll be keeping an eye on the authentication performance. But so far so good!
Yes, you are right I could also manage users using the app roles in OBIEE. However, I'll just stick with the standard practice by using groups in AD. That way when a new user needs access, someone from AD can add him/her to the group and I don't need to do anything.
0 -
May be its tooo late to answer this question. In my experiecen The slowness happens because of nested groups a user belongs to in AD.
Try to change this setting to zero
It should speed up the process.
Thanks
Venkata Rachuri
0 -
It was set to 0.
0