This discussion is archived
13 Replies Latest reply: Apr 10, 2013 8:22 PM by 1002394 RSS

How to integrate Active Directory with Primavera P6 8.2

965421 Newbie
Currently Being Moderated
Dear All,

I want to install LDAP for Integration with Active Directory for Primavera P6 8.2.

Some advice please should i install Oracle Internet Directory and or Oracle Directory Service Manager for AD Integration.
And should i install Fusion Middleware and or Service-Oriented Architectures (SOA) for integration for AD Integration.
And what is the step by step procedure for the above installation with separate database if required.

I want to install any above application or service on my weblogic environment.

you can find the status of my web applications and enterprise applications services on the Weblogic Server Administration Console.

p6 (Active)
p6help (Active)
p6tm (Active)
P6Tutorials (Active)
p6ws (Active)
pr (Active)
pr-help (Active)
PrimaveraAPI (Active)

Thanks in advance for your response.
  • 1. Re: How to integrate Active Directory with Primavera P6 8.2
    958146 Newbie
    Currently Being Moderated
    open your P6 admin console.. http://serverIP:p6portno/p6/action/adminconfig enter your admin user id and password, when you are login in admin console you can see there Authentication menu click there and expand the Primavera P6 Configuration, there you can see Authentication expand and click LOGIN*MODE* change NATIVE to LDAP.(double click on login mode)
  • 2. Re: How to integrate Active Directory with Primavera P6 8.2
    965421 Newbie
    Currently Being Moderated
    I have successfully submitted changes now please guide me how i can verify my authentication with AD.

    when i relogin my http://IPADD:8203/p6/action/login i received this following message:

    Primavera P6 was configured to use a different authentication mode than the database selected.

    please advice how can i create database for this authentication mode.


    Thanks,

    Edited by: 962418 on Oct 17, 2012 5:44 AM
  • 3. Re: How to integrate Active Directory with Primavera P6 8.2
    958146 Newbie
    Currently Being Moderated
    LDAP (Lightweight Directory Access Protocol) is directory-based authentication and is available for all P6 EPPM applications. In this mode, when a user attempts to log into a P6 EPPM application, the user’s identity is confirmed in an LDAP-compliant directory server database. Additionally, P6 EPPM supports the use of LDAP referrals with Oracle Internet Directory and Microsoft Windows Active Directory. Referrals chasing allows authentication to extend to another domain.
    If using LDAP mode, verify the following information:
    Server: The IP address or name of the LDAP server.
    Port Number: The port number of the LDAP server.
    Chase Referral: When selected, authentication will extend to another domain.
    Use SSL: When selected, P6 Progress Reporter will use SSL. If you wish to use a specific certificate for SSL encryption, select 'Use Certificate'
    Use Certificate: Select this option to use the certificate specified in the Configuration tab
  • 4. Re: How to integrate Active Directory with Primavera P6 8.2
    958146 Newbie
    Currently Being Moderated
    one more thing You cannot change passwords if you are running P6 EPPM in LDAP
  • 5. Re: How to integrate Active Directory with Primavera P6 8.2
    965421 Newbie
    Currently Being Moderated
    yes i check my all LDAP Connection settings are fine but i don't configure database for LDAP i have 1 instance database name is XE and Public group ID 1 Pubuser.

    how to i configure LDAP please advice on the following link.

    http://www.scribd.com/doc/56148782/25/Use-the-Authentication-Configuration-wizard-to

    go to page no 72 Configuring Authentication Modes
  • 6. Re: How to integrate Active Directory with Primavera P6 8.2
    958146 Newbie
    Currently Being Moderated
    To provision LDAP user information for P6 EPPM for the first time:
    Caution: Ensure that all users are logged out of P6 EPPM to avoid a reset of the P6 Administrator application settings.
    Note: Verify which global profile is set as the default since this will be assigned to all provisioned users.
    1) Log into the P6 Administrator application.
    2) From the Authentication tab:
    a. Fill in the appropriate settings under the Authentication folder, and make sure that Login Mode is set to NATIVE.
    b. Fill in the appropriate settings under Database instance, and make sure that Authentication Mode is set to NATIVE.
    c. Click Save Changes.
    3) Restart the application server instance.
    Note: If you do not restart the application server instance, the settings will be restored to the previous configuration after the next step.
    4) Log into P6 as a user with privileges to create a new user.
    5) Creating User Accounts for P6 EPPM to add a new user (in Native mode) that exactly matches an LDAP server user with rights to read the LDAP directory. Make sure to assign a global profile that contains privileges to add new users and search the LDAP directory and assign the appropriate project profiles and module access.
    6) Log back into the P6 Administrator application.
    7) From the Authentication tab:
    a. Change Login Mode to LDAP.
    b. Change Authentication Mode to LDAP.
    c. Right-click the LDAP Connection Settings folder and select Test Connection.
    d. Click Save Changes.
    8) Restart the application server instance
    Note: If you do not restart the application server instance, the settings will be restored to the previous configuration after the next step.
    9) Log into P6 as the LDAP user created in step 5.
    a. On the Users page, click the Add icon. The Add Users from LDAP dialog box appears for you to provision users from the LDAP repository:
    Note: You must have the Add/Edit/Delete Users privilege and the Provision Users from LDAP privilege to search the LDAP directory. You do not need the Provision Users from LDAP privilege to import users from an LDIF file.
    1. Either click the Load LDIF button, or enter an LDAP query (for example, uid=*) under Search users. If a search was previously performed by a user with the privilege to search the LDAP directory, the last query entered by that user will appear.
    2. If you clicked the Load LDIF button, browse to the location of the LDIF file, and click Open. If you entered an LDAP query, click Search.
    Note: Depending on your P6 administrative configuration settings, you might be prompted to log into the LDAP server.
    3. A list of users will appear, grouped by status. For example, LDAP repository users that do not exactly match P6 EPPM users will be grouped together. If users exist in the LDAP repository, the User Name, Actual Name, E-mail, and Phone fields are populated (if you previously mapped those fields through the P6 Administrator application settings).
    Note: The User Name field is equivalent to the Login Name field in P6. The Actual Name field is equivalent to the Personal Name field.
    4. Select the option next to each user account that you wish to import, or select the option in the fields bar to select all users. New and modified users are automatically selected.
    5. Click Import.
    Note: The new users will be assigned the default global profile.

    follow the above mentioned procedure and let me know if its working.

    Ajishlal
  • 7. Re: How to integrate Active Directory with Primavera P6 8.2
    965421 Newbie
    Currently Being Moderated
    I will give you update soon i am just move to other side.
    Thanks
  • 8. Re: How to integrate Active Directory with Primavera P6 8.2
    965421 Newbie
    Currently Being Moderated
    Dear Ajishlal,

    Sorry for contacting you back after such a long time as I was assigned to some other project for this time.

    Regarding your last reply, I followed the stepts. Everything went ok till step 8 i.e. the Authentication Modes/Login Modes were changed to LDAP and after provided the LDAP Server details the test connectivity was also successful. But when i restarted the P6 Server tried to login P6 or Adminconfig (as in step 9) it is not accepting as user account. I am unable to log in using any userid/password. What should I do? What could be the problem? Please advice.

    Regards
  • 9. Re: How to integrate Active Directory with Primavera P6 8.2
    Pablo Oyarzo - Oracle Expert
    Currently Being Moderated
    The account should exists in P6 database (native) and also in the LDAP server. Do you know if the account exists in the P6 database and ldap serveR?
  • 10. Re: How to integrate Active Directory with Primavera P6 8.2
    965421 Newbie
    Currently Being Moderated
    Thanks Ajishlal for the reply.

    Yes I have created the same account (even the passwords are same) in both the Native mode and the LDAP (Active Directory) but still after changing the mode to LDAP it is not allowing me to loging using that account.

    To have a clear picture I am sending you the details of my installation with screen shots, if you can point out where the problem is.

    I have created a user account with all Administrative rights in my LDAP/Active Directory with the user name "primavera" as seen in the following screen shot link
    http://i.imgur.com/DQ2PUhd.png

    Then I have created the same user "primavera" with all Administrative rights in the P6 (while in the Native mode). The details of the users can be seen in the following two screen shot links
    http://i.imgur.com/eoCreqh.png
    http://i.imgur.com/4fP8B1K.png

    Now after creating these users I login to the P6 Admin config page to change the settings.
    My LDAP/Active Directory machine IP is 192.168.3.19. And I have done the settings in the Authentication tab as you can see in the following screen shot with successful test connection message
    http://i.imgur.com/vpOoYpo.png

    The screen shot of the Configurations tab can also be seen in the following screen shot
    http://i.imgur.com/r8Fx5GC.png

    Now after making these changes I restarted the P6 instance and tried to Login as user "primavera" but it is giving error. And not only this but I can not connect with any of the users. The error it gives is "Invalid Username or Password".



    Can you advice where I am making a mistake?

    Thanks & Regards
  • 11. Re: How to integrate Active Directory with Primavera P6 8.2
    965421 Newbie
    Currently Being Moderated
    I have Checked WebaccessLog during start primavera, on LDAP Authentication Mode, i got the following error, please find the link below for details.

    http://i.imgur.com/eRfCh8e.jpg

    Edited by: 962418 on Apr 4, 2013 5:03 AM
  • 12. Re: How to integrate Active Directory with Primavera P6 8.2
    jmft2012 Explorer
    Currently Being Moderated
    it was the host exception shown.
    try to change to the ip address as you defined in the ldap auth in the admin application.
  • 13. Re: How to integrate Active Directory with Primavera P6 8.2
    1002394 Newbie
    Currently Being Moderated
    Try these adjustments and it should work

    1. verify under CONFIGURATION - CUSTOM - P6 CONFIGURATION - DIRECTORY SERVICE ............ That you service port number is that of your port for the weblogic server......... ex t3://localhost:7001

    Restart server and try again

    If not change these

    User Name to: YOURDOMAIN\primavera

    base directory to: dc=YOUR DOMAN NAME, dc=LOCAL OR COME
    EXAMPLE: dc=pcsg, dc=local

    USER_NAME: sAMAccountName

    ACTUAL NAME: displayName

    That should be it

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points