Categories
- All Categories
- 15 Oracle Analytics Sharing Center
- 15 Oracle Analytics Lounge
- 208 Oracle Analytics News
- 41 Oracle Analytics Videos
- 15.7K Oracle Analytics Forums
- 6.1K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 76 Oracle Analytics Trainings
- 14 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
Why native user can't login when LDAP server down

Dear All,
I've some doubt about OBIEE12c security configuration in 2 scenario, and please share your advise.
Scenario1
We used OBIEE12c 12.2.1.x In case we configure external authentication with MS Active Directory
And sometime MSAD Server have a problem or network problem , so OBIEE Server can't connect to MSAD Server to authen.
So AD user can't login to BI system , this's make sense , but question is why weblogic or any native user can't login to BI system?
Do I need to configure something more to avoid native user issue when MSAD have issue or network issue.
Scenario2
We used OBIEE12c 12.2.1.x In case we configure external authentication with multiple such as MS Active Directory, LDAP1, LDAP2
And sometime external authen Server have a problem or network problem , so OBIEE Server can't connect to that external authen Server to authen.
Problem is all AD, LDAP user from all provider can't login to BI system and weblogic or any native user can't login to BI system too.
Do I need to configure something more to avoid native user issue when some external authen server have issue or network issue.
Thank you in advance
Chiaranon
Answers
-
Is the AD login provider your only provider, or do you have other authentication providers available in weblogic? What is the flag of the provider set to? If it is set to mandatory, then it has to be used for authentication, and if it is unavailable, then nobody can login. If you have multiple authentication providers, set them as requsite, so if the first one, ie AD is successful, then user gets logged on, but if it is unavailable, the next requisite authenticator will be able to let the user login.
0 -
Dear Sir,
Is this the same with scenario#1 , in case we have only one MS AD and we setup as Mandatory .
We use MS AD user together with weblogic native user and when MS AD down why our native can't use also , is this also depend flag mandatory and requsite as you mention?
Thanks
0 -
Yes indeed. Mandatory means it has to be satisfied so if that provider is not available, then all will fail.
0 -
Dear Sir,
Is you refer to this flag?
And which one should be select for these scenario
1. We need to use native and one MSAD (and in case MSAD down, native still can use)
2. We need to use native and multi MSAD or LDAP (and in case some MSAD down, other can use and native also can use)
Thank you
0 -
Use Requisite if you have multiple authenticators and make sure you don't have any as Required
0 -
Dear Sir,
We'll try but in document about setup SSL MSAD , they strictly recommend to sufficient, so we can ignore that because we have multiple right?
Thank you
0 -
You can use Sufficient instead of Requisite. Both are similar in this case.
0