My Oracle Support Banner

"The login user does not have view permission on the master repository" Error when Using Enterprise Roles in ODI 12c (Doc ID 2488722.1)

Last updated on JUNE 16, 2022

Applies to:

Oracle Data Integrator - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Symptoms

External Authentication has been successfully enabled for Oracle Data Integrator (ODI) 12.2.1.3.0, and Enterprise Roles defined in the Microsoft Active Directory (AD) authentication LDAP have been mapped to ODI Roles.

However, the following error is received when trying to connect with an AD user that belongs to the mapped Enterprise Role:

com.sunopsis.core.SecurityAccessException: The login user does not have view permission on the master repository. You need to grant the user CONNECT profile first.
  at oracle.odi.core.security.SecurityManager.createAuthentication(SecurityManager.java:971)
  at oracle.odi.core.security.SecurityManager.createAuthentication(SecurityManager.java:385)
  at com.sunopsis.graphical.dialog.SnpsDialogLoginDetail.testConnection(SnpsDialogLoginDetail.java:784)
  at com.sunopsis.graphical.dialog.SnpsDialogLoginDetail.access$400(SnpsDialogLoginDetail.java:71)
  at com.sunopsis.graphical.dialog.SnpsDialogLoginDetail$2.performAction(SnpsDialogLoginDetail.java:311)
  at oracle.odi.ui.framework.event.OdiActionListener.actionPerformed(OdiActionListener.java:69)
  at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022)
  at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2348)
  at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402)
  at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259)
  at ...
  at java.security.AccessController.doPrivileged(Native Method)
  at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
  at ...

Steps to reproduce the behavior:

  1. Configure ODI to use Microsoft Active Directory (AD) for user authentication.
  2. Create a user in ODI Studio to match the Microsoft AD user, and successfully authenticate the user via AD.
  3. Define a GROUP in AD called "ODI-AD1" and assign user "A" to this group.
  4. Create a role in ODI called "ODI -AD1– ROLE"” and associate AD Group "ODI-AD1" and set Role Profiles.
  5. Login to ODI client with User "A". Observe the error message.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.