Sunday, January 27, 2013

[OBIEE11g] - Configuring LDAP Server to provide OBIEE users


Prerequisites and best practices before starting any LDAP related changes

  • LDAP Server is installed and running
  • Users and groups and configured within the LDAP
  • Backup is taken for the following files :
    o C:\OBIEE11G\user_projects\domains\bifoundation_domain\config\config.xml
    o C:\OBIEE11G\user_projects\domains\bifoundation_domain\config\fmwconfig\*.XML (i.e. All xml files in that directory)
    o Some developers prefer to take the backup of the whole domain folder C:\OBIEE11G\user_projects\domains\bifoundation_domain , instead of just a few XML's if massive security changes are being tested.
  • Post the LDAP related changes if the weblogic server fails to bootup (which means an Administrator is locked out of whe WLS Console), the above files can be restored back (which is a last known good configuration) and previous state is restored. The errors look somewhat like this :
####<Sep 30, 2012 8:04:35 AM IST> <Notice> <WebLogicServer> <my-laptop> <AdminServer> <main> <<WLS Kernel>> <> <> <1354242875438> <BEA-000365> <Server state changed to FAILED>
####<Sep 30, 2012 8:04:35 AM IST> <Error> <WebLogicServer> < my-laptop> <AdminServer> <main> <<WLS Kernel>> <> <> <1354242875440> <BEA-000383> <A critical service failed. The server will shut itself down>
####<Sep 30, 2012 8:04:35 AM IST> <Notice> <WebLogicServer> < my-laptop> <AdminServer> <main> <<WLS Kernel>> <> <> <1354242875445> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
####<Sep 30, 2012 8:04:35 AM IST> <Info> <WebLogicServer> < my-laptop> <AdminServer> <main> <<WLS Kernel>> <> <> <1354242875473> <BEA-000236> <Stopping execute threads.>
C:\OBIEE11g>

The above log can be found at :

C:\OBIEE11G\user_projects\domains\bifoundation_domain\servers\AdminServer\logs\ AdminServer.log
In the same folder bifoundation_domain.log and AdminServer-diagnostic.log files provide further trouble shooting information which is quite self explanatory and can be googled in case of errors. These are all weblogic server logs.
The current document describes integration with an OpenLDAP directory. However it would be same for other kinds of LDAP directories.

OpenLDAP for windows can be downloaded from:

http://www.userbooster.de/en/download/openldap-for-windows.aspx

A LDAP browser can be downloaded from:

http://jxplorer.org/downloads/index.html
This can be used for browsing through the LDAP directory entries
The following snap shows the users in a LDAP explorer tool
Reorder by using the up keys

Posted by at
Labels: