Professional Documents
Culture Documents
Ldap Configuration: Technical Details For Scs
Ldap Configuration: Technical Details For Scs
LDAP CONFIGURATION:
This is not a business centric demonstration, but is intended to document and explaining how LDAP authentication works using OID as an example. This is only one small
part of Oracle BI Enterprise Edition’s security capabilities, and Sales consultants should review security documentation to adequately convey our overall message.
There are three configuration options (see below). The demonstration image has been set up with NQS (default). Other options include DATABASE and BYPASS_NQS.
NQS
Authentication is done by the Siebel Analytics Server. The First connection pool for this database is used for authentication. Users and Groups are maintained within the repository and
webcat. Access to data and objects are managed within these two files.
NOTE: For Siebel Analytics applications, the Siebel Analytics Server in turn can be set up to authenticate using Microsoft ADSI, an LDAP server, or a database.
See the topic “Setting Up LDAP Authentication in Analytics” on page 211 of the Installation and Configuration Guide.
DATABASE:
There are 2 types of Database Authentication. The first allows the use of a table or set of tables within the database to idenity users and passwords. In the configuration the SQL
Statement required to verfiry the userid and password is specified within the initialization block. The second type is to use database logons. The user is authenticated if the database
accepts their individual userid and password.
Specify the database name in the Physical Layer of the repository to be used for database authentication. When the user logs into the Siebel Analytics Server, the submitted logon
name and password is used to connect to the database. If this connection succeeds, the user is considered to be successfully authenticated.
BYPASS_NQS
In this model the data security is managed by the database. Each query is validated by the database.Authentication is against the database to which user queries are sent, using the
submitted user name and password. For example, if a user runs a query tool against the Siebel Analytics Server with the user name of “Test” and a password of “Test,” this user name
and password are used to connect to the underlying database server. If this represents a valid user to the underlying database server, the user is considered authenticated. The user’s
privileges are enforced by the underlying database server based upon the user name used to log in, as appropriate.
LDAP configuration. Configure the LDAP server. Note: You will likely
need to change the host name from oracle2go to
the IP address of your BIC2G: SE/SCE machine
(or other OID or LDAP server) as there may be
other oracle2go servers running on the network.