OBIEE 12c: Application Roles Do Not Take Effect for Active Directory Users when the User Name Attribute is sAMAccountName
(Doc ID 2117570.1)
Last updated on AUGUST 27, 2021
Applies to:
Business Intelligence Suite Enterprise Edition - Version 12.2.1.0.0 and laterBusiness Intelligence Reporting and Publishing - Version 12.2.1.1.0 to 12.2.1.1.0 [Release 12c]
Information in this document applies to any platform.
Symptoms
ACTUAL BEHAVIOR
---------------
Unable to assign user membership to the Application Roles in Fusion Middleware Control ( EM ).
The users appear with different ID's, but not actual names that appear in Weblogic Console.
For example:
In EM, a user, Jane Doe, is added to an Application Role (for example, BIAdministrator). The User was located using the Display Name option (for example, Display Name > Starts With = Jane).
When the user logs into /analytics as 'jdoe', which is the sAMAccountName value, the user does not acquire the Application Role (for example, in My Account > Roles and Catalog Groups.
The users only sees Authenticated User and BI Consumer listed, and there is no Administration link in the Global Header.
EXPECTED BEHAVIOR
-----------------------
Should be able to assign users to the Application Roles
STEPS
-----------------------
The issue can be reproduced at will with the following steps:
- Install OBI 12c
- Migrate 11g Repository to 12c -
https://docs.oracle.com/middleware/1221/core/BIMIG/GUID-73D55C46-A09A-4A0F-994B-0CCE9C0342F6.htm#BIMIG-GUID-73D55C46-A09A-4A0F-994B-0CCE9C0342F6 - Configure AD as provider using sAMAccountName user attribute
- Try adding users to Application Roles in FMW Control.
- Login to Analytics and check the Roles assigned to the user in FME Control do not appear under My Account page.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |