Skip to main content


OBIEE 12c – Access Prohibited for Active Directory User

Assigning Active Directory User to a particular Role in Oracle Enterprise Manager (EM) does not acquire the Application Role in the OBIEE 12c. This issue can happen when the user Display Name and the sAMAccountName are not the same.

For example:
In the Enterprise Manager, a user, Joe Doe, is added to a BIAdministrator Application Role. The user was located using the Display Name option. The Display Name for this user is Joe Doe and the sAMAccountName is jdoe.

When the user logs into OBIEE as jdoe, the user does not acquire the Application Role and an Access Prohibited message is displayed like the one below:

Oracle - Guide to Oracle Cloud: 5 Steps to Ensure a Successful Move to the Cloud
Guide to Oracle Cloud: 5 Steps to Ensure a Successful Move to the Cloud

Explore key considerations, integrating the cloud with legacy applications and challenges of current cloud implementations.

Get the Guide


This issue is fixed in
For and, apply Patch 22232288

An alternative workaround is to add a User to an Application Role in the EM using the Advanced Option approach.

For example:

  1. In the EM, Edit the Application Role, and click the Add button to display the Add Principal page.
  2. In the Add Principal page, select Search: Type = User, and the Advanced Option section will appear at the bottom of the page.
  3. In the Advanced Option section, check on the “Check to enter principal name here instead of searching from above… ” checkbox, and the Type, Principal Name, and Display Name fields will appear.
  4. Select Type = User, and enter the Principal Name of the User (for example, jdoe) and click OK. The User will be added as a Member of the Application Role with the correct Principal Name.
  5. Now you can try logging into OBIEE 12c with the user above and hopefully you should be able to access the dashboard.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Raghu Syama

Raghu is the Senior Technical Architect of Perficient's National Oracle Business Intelligence Practice. He has extensive experience in architecting, designing, developing, and delivering enterprise software solutions, and commercial software products from concept to market. His area of expertise includes application programming, SOA, microservices, integrations, cloud and BI implementation. He has worked for several fortune 500 companies in his career and successfully led several projects from inception to completion by maintaining high quality standards. He has experience working with cross-cultural teams ensuring optimal utilization of resources. He has several certifications across multiple technologies from Oracle, AWS, Microsoft, and Redhat.

More from this Author

Follow Us