Categories
- All Categories
- 15 Oracle Analytics Sharing Center
- 17 Oracle Analytics Lounge
- 218 Oracle Analytics News
- 44 Oracle Analytics Videos
- 15.7K Oracle Analytics Forums
- 6.1K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 81 Oracle Analytics Trainings
- 15 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
MSAD and WLS - can sign in as one, or the other, not both
I have configured Microsoft Active Directory (MSAD) as an authentication provider for my OBIEE 12c WLS. The current order of my providers is:
Default Authenticator (sufficient)
Microsoft Active Directory (sufficient)
Trust Service Identity Asserter
DefaultIdentityAsserter
As noted, the Control Flag for both the Default Authenticator and MSAD is set to SUFFICIENT.
The problem: With the providers in this order, I can sign in using the users defined in WLS, but not in MSAD. When I attempt to sign in using an MSAD user, the bi-server1-diagnostic.log contains the message "could not find user ann.baker in the identity store".
However, if I put the MSAD provider FIRST in the list, and then restart the services, I can sign in as a user from MSAD, but I cannot sign in as a user who is defined in WLS. The log shows me "The specified user credentials could not be authenticated."
So at the present time, I can only sign in with users who are contained in whichever provider is listed first.
What am I missing?
Answers
-
Did you enabled virtualization ( https://docs.oracle.com/middleware/bi12214/biee/BIESC/GUID-99968A33-0D49-41AE-83CC-A3CA4112E9F1.htm#GUID-0EDD6411-21BE-4C90-8337-88ADF97FEF11 )?
Get Outlook for iOS
0 -
Yup, that was the problem. I did not give that a second thought, because I knew that I had enabled virtualization earlier in the day. Just one problem with that: I had enabled virtualization on a different VM. Duh!
Thank you!
0 -
Count your blessings. That's the best kind of security error you can run into
0 -
Amen to that, brother.
0
