Skip to content
  • Register

    • Oracle Analytics Cloud and Server

    Home Oracle Analytics Oracle Analytics Forums Oracle Analytics Cloud and Server Oracle Analytics Cloud and Server

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Log In
    Register

    Quick Links

    Categories

    Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

    Migration from OBIEE 12c (12.2.1.2) to OAS 6.4, is it possible?

    Received Response
    291
    Views
    2
    Comments
    Rank 1 - Community Starter
    edited August 2024 in Oracle Analytics Cloud and Server

    Hello,


    A client has a 12c (12.2.1.2) environment and want to migrate it to OAS 6.4.

    For multiple reasons he can't upgrade it to 12c (12.2.1.4).

    After checking the security in Enterprise Manager, I can see that he has the old roles defined (BIAdministrator, etc.) and has not the latest exportArchive.sh tool.

    I can use the export_service_instance command from WLST to get a valid BAR file with a password, but for the Security I'm not sure how to proceed to get a valid role definition for OAS 6.4. The Migration Tool seems to be made for 11g only.

    Is there a standard solution to this "wonderful" scenario please?


    Thanks.

    Answers

    • Rank 5 - Community Champion

      For the most part, my previous observations have been that you can just plop into new versions your catalog and RPD with no issues. The same is definitely not true for security.


      You could take a full barfile export from 12c. Then on a new vanilla 6.4 instance import (bi-sac-config-mgr/snapshots/Snapshots.html) only "Classic Content (RPD,Catalog,Folders)"

      Dont touch the security. You really don't want to get into having to re-build security and interfacing with MOS for what exactly is required for the new roles. For OAS 5.5 you could re-build the OOTB roles like this, but its probably changed with 6.4

      #Grant permissions to the defult roles

      $DOMAIN_HOME/bitools/bin/grantPermissionSetsToBIRole.sh -r BIServiceAdministrator -p bilifecycle.admin,bip.administrator,bisecurity.GBUAdmin,bisecurity.admin,customScripts.admin,infer.administrator,obips.administrator,obis.administrator,obisch.administrator,oracle.bi.dss.CustomKnowledge.admin,oracle.bi.dss.SystemKnowledge.admin,pod.admin,rdc.admin,rdc.monitor,sac.advanced.approle.administrator,sac.approle.administrator,sac.snapshot.administrator,va.admin,dataReplication.access

      $DOMAIN_HOME/bitools/bin/grantPermissionSetsToBIRole.sh -r BIContentAuthor -p bisecurity.author,bip.author,obisch.author

      $DOMAIN_HOME/bitools/bin/grantPermissionSetsToBIRole.sh -r DVContentAuthor -p actio.author,va.author,bisecurity.author,bip.author,obisch.author

      $DOMAIN_HOME/bitools/bin/grantPermissionSetsToBIRole.sh -r BIConsumer -p oracle.bi.dss.CustomKnowledge.consumer,oracle.bi.tech.dv.consumer,bisecurity.author,bip.consumer,rdc.consumer

      $DOMAIN_HOME/bitools/bin/grantPermissionSetsToBIRole.sh -r DVConsumer -p va.interactor



      So you are then in 6.4 with your rpd and catalog upgraded. So next you need to go to EM and translate / scribe / copy over the roles and group mappings you used to have in 12c.


      Then go to yourbi.com/analytics -> Administration -> "Manage Privilege's" (Manage privileges and rights given to users and groups.) and review and re-build any customizations that were there in 12c. Mapping role limitations to subject areas etc.


      Then you have the whole mess of other stuff to also chip away at. You need to migrate weblogic data sources if BIP is being used.


      Next re-customize all config files: instanceconfig.xml, NQSConfig.INI, config.xml, bridgeconfig.properties,obis.properties, customlinks.xml, etc etc.


      Another possible partial solution to the whole security mess is you could try doing the vanilla 6.4 install. Then do a full barfile snapshot. Then import your whole 12c OBIEE barfile including the security. Then take that original saved snapshot and restore the security back to 6.4 security and see where you are at from there.

    • Rank 1 - Community Starter

      Thanks for your answer.

      The main problem in my point of view is that the archive to migrate the Catalog has permissions on folders/files and the admin privileges set to the legacy roles (BIAdministrator, BIAuthor).

      Does your proposal solve this point please?


      At the moment, how I proceeded was to create the legacy roles in OAS 6.4 with the Enterprise Manager, and added those legacy roles to the new ones (for example BIAdministrator *manually created on OAS 6.4* is now a member of BIServiceAdministrator, etc.), then I exported the JAZN file.

      I then exported the JAZN file from OBIEE 12c 12.2.1.2 and copy-pasted all but the the technical roles and grants to the OAS file and re-imported it.

      This way I have the OAS 6.4 roles working as intended in the Enterprise Manager (policies, etc.), and all the OBIEE 12c 12.2.1.2 security in the Catalog permissions and the admin privileges working as they were on the OBIEE 12c environement of the client, as the old roles are members of the new roles.

      Note that this client a ~10 years old environement with more than 1'000 dashboards; this represents thousands of files and folders.

      But I would like to fully get rid of the old security roles without risk.


      What do you think?

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Log In
    Register