We're trying to get 12c v12.2.1.2 running in Linux (Red Hat, FWIW). This is an upgrade from 11g 11.1.1.7 in Windows. So, a lot of moving parts.
We have it working, except we are unable to upload a new RPD into the server. I am actually trying to upload a new, completely empty .rpd file created with the 12c Admin tool. Here is the command we are using:
./datamodel.sh uploadrpd -I foobar.rpd -SI ssi -U user123
That returns the error:
uploadRpd Failed: Metadata Lock could NOT be acquired.
Note that user "user123" is a user identified in our enterprise LDAP store, which has been integrated with 12c as our primary authenticator. We can successfully log into the 12c dashboards using our LDAP IDs and passwords so we know that's working. We originally were trying to upload with user "weblogic", but that failed with the error, "An unknown exception occurred: null" which is completely unhelpful thanks Oracle!
And but so, it seems we got a little closer to success when using one of our regular IDs. Diving into the logs, I found this:
javax.ws.rs.WebApplicationException: HTTP 401 Unauthorized
at oracle.bi.restkit.security.auth.RequiredGroupAuthoriser.authorise(RequiredGroupAuthoriser.java:45)
at oracle.bi.lcm.rest.PotentiallySecureLcmEndpoint.authorise(PotentiallySecureLcmEndpoint.java:33)
So this has me thinking that user123 is not authorized to upload the RPD. It is in the BIAdministrators app role, but at this level of operation I really don't think app roles figure into it. My guess is that the user ID used to upload the RPD must somehow be in the default authenticator's Admin group (like "weblogic" is), but there's no way to accomplish that that I can see?
For what it's worth, in the Providers list for security realm "My Realm", we have:
Novell Authenticator (set to sufficient)
Default Authenticator (set to sufficient)
Trust Service Identity Asserter
Default Identity Asserter
Any and all help is appreciated.
