Oracle

OBIEE 12c – Access Prohibited for Active Directory User

Assigning Active Directory User to a particular Role in Oracle Enterprise Manager (EM) does not acquire the Application Role in the OBIEE 12c. This issue can happen when the user Display Name and the sAMAccountName are not the same.

For example:
In the Enterprise Manager, a user, Joe Doe, is added to a BIAdministrator Application Role. The user was located using the Display Name option. The Display Name for this user is Joe Doe and the sAMAccountName is jdoe.

When the user logs into OBIEE as jdoe, the user does not acquire the Application Role and an Access Prohibited message is displayed like the one below:

Data Intelligence - The Future of Big Data
The Future of Big Data

With some guidance, you can craft a data platform that is right for your organization’s needs and gets the most return from your data capital.

Get the Guide

Cause:
This is identified as Bug 22232288 : OBIEE12C UNABLE TO ASSIGN USERS TO APPROLES WITH SAMACCOUNTNAME IN EM USING MSAD

Solution:
This issue is fixed in 12.2.1.2.0
For 12.2.1.0.0 and 12.2.1.1, apply Patch 22232288

An alternative workaround is to add a User to an Application Role in the EM using the Advanced Option approach.

For example:

  1. In the EM, Edit the Application Role, and click the Add button to display the Add Principal page.
  2. In the Add Principal page, select Search: Type = User, and the Advanced Option section will appear at the bottom of the page.
  3. In the Advanced Option section, check on the “Check to enter principal name here instead of searching from above… ” checkbox, and the Type, Principal Name, and Display Name fields will appear.
  4. Select Type = User, and enter the Principal Name of the User (for example, jdoe) and click OK. The User will be added as a Member of the Application Role with the correct Principal Name.
  5. Now you can try logging into OBIEE 12c with the user above and hopefully you should be able to access the dashboard.

 

About the Author

Raghu is the Senior Technical Architect of Perficient's National Oracle Business Intelligence Practice. He has extensive experience in architecting, designing, developing, and delivering enterprise software solutions, and commercial software products from concept to market. His area of expertise includes application programming, SOA, microservices, integrations, cloud and BI implementation. He has worked for several fortune 500 companies in his career and successfully led several projects from inception to completion by maintaining high quality standards. He has experience working with cross-cultural teams ensuring optimal utilization of resources. He has several certifications across multiple technologies from Oracle, AWS, Microsoft, and Redhat.

More from this Author

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to the Weekly Blog Digest:

Sign Up