How To Configure SAML 2.0 SSO on OBIEE 12c Using ADFS - Single Node
(Doc ID 2248571.1)
Last updated on APRIL 15, 2021
Business Intelligence Suite Enterprise Edition - Version 18.104.22.168.0 to 22.214.171.124.0 [Release 12c to 12g] Information in this document applies to any platform.
To Provide End to End steps to be performed to implement SAML 2.0 Web SSO for OBIEE 12c using ADFS as Identity Provider ( IdP )
This is a Service Provider Initiated SSO which means the user directly access the Analytics (SP ) URL that gets re-directed to ADFS for Authentication.
This document is based on the following example environment:
Service Provider (SP) : OBIEE 126.96.36.199 on Linux - spbi.<domain>
Identity Provider (IdP) : ADFS 2012 on Windows 2012- idpadfs.<domain>
The main purpose of the document is to provide complete end to end steps involved in configuring SAML 2.0 SSO for OBIEE 12c using ADFS, Any issues while implementing these steps are not necessarily handled by OBIEE product support Group. Based the issue the appropriate support team to be involved like Microsoft AD, ADFS, WebLogic or OBIEE.
This document is informational and intended for Administrators and Advanced Users.
This document covers very basic and typical SAML 2.0 implementation steps for OBIEE 12c.
This document does not cover all the implementation scenarios.
Before following the steps in this document , Ensure that the OBIEE environment is in working status. Check the user logins to Analytics from Default LDAP and External LDAP users (if any).
Please take complete domain backup before attempting to implement SAML.
This document is intended as a "cookbooK" enhancement to the documentation to fill in any gaps, missing or ambiguous information and to tie multiple documentation together in one location. It is not meant to replace the official documentation.
The server names , locations and passwords used in this document are for example, should not be copy and paste.
This document does not cover OBIEE Installation and SSL Configuration for OBIEE.
This document assumes the Windows 2012 Server already has Active Directory configured with proper Domain.
For Oracle Analytics Server (OAS), please use the approach documented in: SAML 2.0 and Kerberos Single Sign-On Configuration for Oracle Analytics Server (Doc ID 2761678.1)
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!