Cannot Login to OBIEE following Implementation Of MS Active Directory LDAP Authentication
(Doc ID 1566463.1)
Last updated on APRIL 08, 2022
Applies to:
Business Intelligence Suite Enterprise Edition - Version 11.1.1.6.6 and laterInformation in this document applies to any platform.
Symptoms
- Cannot login to Analytics following implementation of LDAP authentication
- Implemented an MS Active Directory (AD) LDAP authenticator. Since doing so, users have been unable to access OBIEE.
ERROR
-----------------------"Invalid user or password" is received on trying to login (invalid user/password)
Other errors seen:
bi_server1-diagnostic.log
--------------------------------
[<timestamp>] [bi_server1] [ERROR] [OBI-SEC-00003] [oracle.bi.security.service] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: BISystemUser] [ecid: <ECID>,0:122:1:8:1] [WEBSERVICE_PORT.name: SecurityServicePort] [APP: bimiddleware#11.1.1] [J2EE_MODULE.name: bimiddleware/security] [WEBSERVICE.name: SecurityService] [J2EE_APP.name: bimiddleware_11.1.1] Error during initialization[[
oracle.bi.security.service.SecurityServiceException: SecurityService::validateSystemUserSystem user could not be authenticated
at oracle.bi.security.service.SecurityServiceBean.validateSystemUser(SecurityServiceBean.java:963)
.
Caused by: oracle.ods.virtualization.service.VirtualizationException: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 49 : [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 775, v1db1
.
Caused by: oracle.ods.virtualization.engine.util.DirectoryException: LDAP Error 49 : [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 775, v1db1
nqserver.log
--------------
[<timestamp>] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: <ECID>] [tid: 442aa940] Error Message From BI Security Service: oracle.bi.security.service.SecurityServiceException: SecurityService::validateSystemUserSystem user could not be authenticated
[<timestamp>] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: <ECID>] [tid: 442aa940] [nQSError: 43126] Authentication failed: invalid user/password.
[<timestamp>] [OracleBIServerComponent] [NOTIFICATION:1] [] [] [ecid: <ECID>] [tid: 4114e940] Could not connect to the authentication web service (taking OBIS offline) xx:xxx.xxx.xx[nQSError: 12002] Socket communication error at call=Connect: (Number=107) Transport endpoint is not connected [[
[nQSError: 12010] Communication error connecting to remote end point: address = <xx.xxx.xxx.xx>; port = 9704.
[nQSError: 46119] Failed to open HTTP connection to server <xx.xxx.xxx.xx> at port 9704.
]]
sawlog0.log
-----------------
]]
[<timestamp>] [OBIPS] [ERROR:31] [] [saw.connectionPool.getConnection] [ecid: ] [tid: ] Authentication Failure.
Odbc driver returned an error (SQLDriverConnectW).
State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused.
[nQSError: 43113] Message returned from OBIS.
[nQSError: 43126] Authentication failed: invalid user/password. (08004)[[
File:connection.cpp
Line:395
Location:
saw.connectionPool.getConnection
saw.webextensionbase.init
saw.sawserver
ecid:
]] - The issue can be reproduced at will with the following steps:
- Setup Active Directory authentication by following the steps seen in document:
- Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition 11g Release 1 (11.1.1)
- https://docs.oracle.com/middleware/bi12214/biee/BIESC/GUID-99968A33-0D49-41AE-83CC-A3CA4112E9F1.htm#GUID-662AE99F-C422-42CA-AC5E-49BA3055B593
> 3 Using Alternative Authentication Providers
> 3.4 Configuring Alternative Authentication Providers
> 3.4.2 Configuring Active Directory as the Authentication Provider
- Setup Active Directory authentication by following the steps seen in document:
OBIEE 12c Specifically section:
>Reconfiguring Microsoft Active Directory as the Authentication Provider
- See the errors in the logs when starting the OBI environment
- Receive the error "Invalid user or password" when any user tries to log in.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |