Hi All ,
I have Configured SSO in OBIEE with SAML and siteminder .
SAML respose file is passing the Username (abc123) , of the entered EMAIL ID (miller.john@domain.com) from Active Directory , to OBIEE .
So , I created a user 'abc123' in OBIEE , assinged this to Administrators and BIAdministrators groups .
It seems the SSO is working . After hitting OBIEE analytics URL (http://localhost:9704/analytics) , its redirecting to siteminder agent gateway (SSO login Page) .
After Loggin in with EMAIL ID (miller.john@domain.com)and password , its getting redirected to the OBIEE analytics page .
Which is throwing "Error 403--Forbidden" .
sawlog0 and nqserver log files are giving below error :
Error in getting roles from BI Security Service
System user validation failed - the system user profile could not be found in the identity store.
Error retrieving user/group data from Oracle BI Server's User Population API.
Error searching roles in the backend to resolve GUIDs during user population manager initialization
Error initializing/loading existing Catalog: /u01/app/obiee/instances/instance1/bifoundation/OracleBIPresentationServicesComponent/coreapplication_obips1/catalog/SampleAppLite.
AND at the end its keep on logging below error in sawlog0.log :
Unable to get a system user connection to BI Server (attempt 101 of 500). Sleeping for 4 seconds before trying again.
I Performed the below troubleshooting's , nothing resolved the issue .
1. Resetting BISytemUser password in console and EM .
2. Providers - > defaultAuthenticator - > control flag … SUFFICIENT
3. Added weblogic user under
weblogic Domain -> bifoundaton_domain -> Security -> Applicaton Role -> BISystem
4. Added custom property “virtualize=false” in Identity store configuration in EM
5. Performed GUID refresh .
6. Checked all services (Admin , managed servers and BI components are up and running)
Please Help .
