BIP - LDAP Integration

1 - About

This article talk about the security model configuration of BIP for a LDAP authentication and authorization management as for ADSI

3 - Property Description

Property Name Example Description
LDAP_PROVIDER_URL ldap://myserver.mycompany.com:3060/ Enter the URL for the LDAP server.
LDAP_PROVIDER_ADMIN_USERNAME Administrator Enter the administrator user name for the LDAP server.
LDAP_PROVIDER_ADMIN_PASSWORD welcome Enter the administrator password for the username entered.
LDAP_PROVIDER_USER_DN cn=xdo,dc=myserver,dc=com The LDAP distinguished name user suffix that distinguishes the group of users to have access to BI Publisher.
LDAP_PROVIDER_FACTORY com.sun.jndi.ldap.ctl.LdapCtxFactory The value of this property is the fully qualified class name of the factory class which creates the initial context for the LDAP service provider. It is used to select a particular LDAP service provider; it is not used by the provider itself. This property need not be set when the name argument to initial context methods is a URL.
LDAP_PROVIDER_GROUP_SEARCH (&(objectclass=groupofuniquenames)(cn=*)) The search criteria to locate the qualified groups. This will be based on your LDAP server schema.
LDAP_PROVIDER_GROUP_SEARCH_ROOT cn=OracleDefaultDomain,cn=OracleDBSecurity,
cn=Products,cn=OracleContext,dc=mypc11,dc=com
Indicates where in the tree structure to apply the group search criteria.
LDAP_PROVIDER_GROUP_ATTR_NAME cn Indicates which attribute contains the Group name.
LDAP_PROVIDER_GROUP_ATTR_MEMBER uniquemember Indicates which attribute contains the member names of the Group.
LDAP_PROVIDER_GROUP_ATTR_DESCRIPTION description Indicates which attribute contains the description of the Group.

Following is a sample Admin/Configuration/xmlp-server-config.xml file containing the LDAP properties:

<?xml version="1.0" encoding="UTF-8"?>
<xmlpConfig xmlns="http://xmlns.oracle.com/oxp/xmlp">
<property name="LDAP_PROVIDER_URL" value="ldap://myldapserver.com:3060/"/>
<property name="LDAP_PROVIDER_ADMIN_USERNAME" value="orcladmin"/>
<property name="LDAP_PROVIDER_ADMIN_PASSWORD" value="welcome1"/>
<property name="LDAP_PROVIDER_USER_DN" value="cn=xdo,dc=myserver,dc=com"/>
</xmlpConfig>

4 - Documentation / Reference

5 - Support

Bad configuration log message

[110309_010708609][][EXCEPTION] javax.naming.AuthenticationException: [LDAP: err
or code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext er
ror, data 525, vece ]
viz/bip/ldap.txt ยท Last modified: 2017/09/14 13:33 by gerardnico