There are certain issues that need to be discussed when it comes to OBIEE and these are the following:
1. Defining security in the repository
When using the Oracle Business Intelligence application, there is an administration tool using which one can create new users and groups. Also permissions and authentication related issues can be handled and provided to the required users and communities. However, one must remember that if there are some privileges that have been given only to a certain user then that will be given more validity over any group privilege. Again, if there is any issue of conflicting privileges then the least limited privileges will be given precedence.
2. Authenticating external tables
If you want to make this feature functional then a table has to be created within the database. This table will then have columns which will specify the users, the passwords, communities or groups, display names and log levels. It will also have the data which is required to lay down security and privileges.
If this table has to be used for authenticating in OBIEE then a new connection pool has to be made in the physical layer so as to connect to this database. After this, you have to create an initialising block with the new created connection pool for this database or table. After this, the initialisation string has to be specified(select the user name, password, log number, name of group from the table where the username is âUSERâ and the password is âPASSWORDâ). Then you will have to put down the definitions for these variables that have been specified earlier. Ensure that the order is identical in both while working with the Oracle Business Intelligence.
3. Authenticating LDAP
There are many businesses that choose to use LDAP or Lightweight Directory Access Protocol for authenticating servers. Also, other companies prefer to use ADSI or Active Directory Service Interface for their work.
To set up LDAP, an LDAP server has to be created within the security manager. To do this, go to security manager, then to Action to New to LDAP Server. after this a LDAP dialog box will show up where the parameters which include the Name, Host name, Port Number, which version of the LDAP it is, Bind DN and Base DN have to be filled in.Settings can also be specified within the Advanced tab where the details for the connection time out, domain identifier., enabling or disabling the SSL have to be filled in. This has to be followed by creating an LDAP initialisation block which was to be connected to the LDAP server. here the system variable has to be defined as USER. Remember that the LDAP server can also only be used for importing the definitions of users and groups. this can be utilised if one doesnât want the LDAP to do any external process of authentication.
4. Authentication of databases
To authenticate the databases, the changes have to be first made to the NQSConfig.ini file. Go to the security section and then define the authentic database. after this, users have to be made in the repository which are identical to the users in the database. These users will then be assigned privileges following which this database has to be imported from the repository using the DSN belonging to that specific database. For the purposes of this specific -connection pool, a non shared log-on has to be made. Now use that connection pool to log into the database. If the connection is successful, it means that the database authentication has been successful.