OBIEE 12c: End to End Steps for Enabling SAML 2.0 SSO on OBIEE 12c using ADFS - Single Node (Doc ID 2248571.1)

Last updated on AUGUST 14, 2017

Applies to:

Oracle Business Intelligence Enterprise Edition - Version 12.2.1.0.0 to 12.2.1.0.0 [Release 12g]
Business Intelligence Suite Enterprise Edition - Version 12.2.1.1.0 to 12.2.1.2.0 [Release 12c]
Information in this document applies to any platform.

Goal

To Provide End to End steps to be performed to implement SAML 2.0 Web SSO for OBIEE 12c using ADFS as Identity Provider ( IdP )

This is a Service Provider Initiated SSO which means the user directly access the Analytics (SP ) URL that gets re-directed to ADFS for Authentication.

This document is based on the following example environment:

Servers:

Service Provider (SP) : OBIEE 12.2.1.2 on Linux - celvpvm05891.us.oracle.com

Identity Provider (IdP) : ADFS 2012 on Windows 2012- celvpvm03923.us.oracle.com

Scope/Assumptions

The main purpose of the document is to provide complete end to end steps involved in configuring SAML 2.0 SSO for OBIEE 12c using ADFS, Any issues while implementing these steps are not necessarily handled by OBIEE product support Group. Based the issue the appropriate support team to be involved like Microsoft AD, ADFS, WebLogic or OBIEE.

This document is informational and intended for Administrators and Advanced Users.

This document covers very basic and typical SAML 2.0 implementation steps for OBIEE 12c.

This document does not cover all the implementation scenarios.

Before following the steps in this document , Ensure that the OBIEE environment is in working status. Check the user logins to Analytics from Default LDAP and External LDAP users (if any).

Please take complete domain backup before attempting to implement SAML.

This document is intended as a "cookbooK" enhancement to the documentation to fill in any gaps, missing or ambiguous information and to tie multiple documentation together in one location. It is not meant to replace the official documentation.

The server names , locations and passwords used in this document are for example, should not be copy and paste.

This document does not cover OBIEE Installation and SSL Configuration for OBIEE.

This document assumes the Windows 2012 Server already has Active Directory configured with proper Domain.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms