Skip to main content

Oracle

OBIEE 12c – Access Prohibited for Active Directory User

by on April 13th, 2017 | ~ minute read

Assigning Active Directory User to a particular Role in Oracle Enterprise Manager (EM) does not acquire the Application Role in the OBIEE 12c. This issue can happen when the user Display Name and the sAMAccountName are not the same.

For example:
In the Enterprise Manager, a user, Joe Doe, is added to a BIAdministrator Application Role. The user was located using the Display Name option. The Display Name for this user is Joe Doe and the sAMAccountName is jdoe.

When the user logs into OBIEE as jdoe, the user does not acquire the Application Role and an Access Prohibited message is displayed like the one below:

AI at Perficient
Revolutionize Your Business With Generative AI

From product design and software development to virtual agents, content creation, and reporting, GenAI is transforming business. Our AI experts help you unlock GenAI’s full potential and drive growth.

Let’s Get Started

Cause:
This is identified as Bug 22232288 : OBIEE12C UNABLE TO ASSIGN USERS TO APPROLES WITH SAMACCOUNTNAME IN EM USING MSAD

Solution:
This issue is fixed in 12.2.1.2.0
For 12.2.1.0.0 and 12.2.1.1, apply Patch 22232288

An alternative workaround is to add a User to an Application Role in the EM using the Advanced Option approach.

For example:

  1. In the EM, Edit the Application Role, and click the Add button to display the Add Principal page.
  2. In the Add Principal page, select Search: Type = User, and the Advanced Option section will appear at the bottom of the page.
  3. In the Advanced Option section, check on the “Check to enter principal name here instead of searching from above… ” checkbox, and the Type, Principal Name, and Display Name fields will appear.
  4. Select Type = User, and enter the Principal Name of the User (for example, jdoe) and click OK. The User will be added as a Member of the Application Role with the correct Principal Name.
  5. Now you can try logging into OBIEE 12c with the user above and hopefully you should be able to access the dashboard.

 

Tags

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Raghu Syama

Raghu is the Senior Technical Architect of Perficient's National Oracle Business Intelligence Practice. He has extensive experience in architecting, designing, developing, and delivering enterprise software solutions, and commercial software products from concept to market. His area of expertise includes application programming, SOA, microservices, integrations, cloud and BI implementation. He has worked for several fortune 500 companies in his career and successfully led several projects from inception to completion by maintaining high quality standards. He has experience working with cross-cultural teams ensuring optimal utilization of resources. He has several certifications across multiple technologies from Oracle, AWS, Microsoft, and Redhat.

More from this Author

Categories
Follow Us