External Activity Authentication

Similar Messages

• External Table Authentication in OBIEE 11g

  Hi ,
  I have a security table, which contains userid,displayname,group . I have imported Security table in Physical Layer. I'm creating session variables based on condition.
  When am trying to logging into analytic s getting an error, invalid username and password . I'm using 11.1.1.6.0 version
  How to handle external table authentication in OBIEE 11g version.
  Regards,
  Malli

  Hi fiaz,
  That links talks about 10g version.
  Step1: We have imported a secutiry table in Physical layer.
  Step2: Creating a session variable by selecting initilazation block.
  Select user_name,group from security_table where user_id=':USER' and pwd=':password';
  step3: created DISPLAYNAME,GROUP & USER VARIABLES in edit target window
  After these modifications i was trying to logging with new user, which is there in security table.
  I am getting an error that is invalid user or password.
  Is there any other changes does it required here.
  Regards,
  Malli
  Edited by: user10675696 on Dec 26, 2012 9:39 PM

• PR creation at the time of release of external activity

  dear,
  is there any way to restrict system for creation of purchase requisition for material components only not for the external activity itself.
  in our system setteings the pruchase requistion are created for extenal activitiy as well as for material componenets.
  kindly reply
  regrds
  saqib usman

  do not use external activity
  use internal activity with material component - non stock for creating p req

• PS subcontracting with external activity

  Hi,
  I have a couple of questions about "PS subcontracting with external activity" I have not found any information about this for PS subcon flow, I was looking for a subcon PS Wiki but no succeed.
  The scenario is to use a  external activity to a subcontractor and put the material components to deliver in the  external activity and check the subcon check box. Then use the valuated project stock for holding the materials.
  For material components there is an option in tab "Proc. Param" and fiel "Mat. Prov. Ind." = "Material Provision Indicator", do you know if this option can be use or be available in PS? This field is grey so I can not do anything with it, so my guess is that option use only by a BOM, could you confirm that for me?
  Right now I have a problem in the system so I can not save a project when creating a external activity and use the subcon check box, this is at OSS right now. But I was wondering if I put the material components in a external activity, how will it be represented in the PO?
  Will it be only one item in the PO, the service from the external activity? and inside this item will hold all my material components? this can be found in tab "Material data" -> "Components".
  Please share if you have some information about this,
  Regards
  Jose
  PS Note that this scenario is not a MM subcon

  abdul,
  I'm talking what you can do in the system, there is 3 posibilities I have in mind:
  Alternative 1 
  Is when I will send all the parts, thats right separated parts to be one. The material which will be the final material, is not in my stock/company. It is a new material Im manufacturing with the help of a subcontractor.
  In PS I want to create a subcontracting external activity, create a PR from PS, create a PO and deliver it to the receiver in other words the subcontractor who will put it together to the final material.
  For this alternative I think I have to create the material which the subcontractor will put together and have it as a head material in a BOM. The BOM will represent the parts Im sending for assembly, so when the material is deliver back to me, I will do a goods receipt of the head material.
  My question is in this if I have thought this right, if you have experience of this please contact me.
  Alternative 2
  Is when I will send a existing material and all the parts which will be use to maintain/repair this particular material from my stock/company to a subcontractor who will do the work. This material will have the same material no. when I do the goods receipt.
  In PS I want to create a subcontracting external activity, create a PR from PS, create a PO and deliver it to the receiver in other words the subcontractor who will maintain/repair the material.
  For this alternative I think I can use a BOM, create a BOM of this existing material which will be maintain/repair with the parts I will send.
  My question is in this if I have thought this right, if you have experience of this please contact me.
  Alternative 3
  This alternative is almost the same as alternative 2 with the exception that the material Im sending will change the material no when its back from the subcontractor. So I will send a existing material and all the parts which will be use to maintain/repair this particular material from my stock/company to a subcontractor who will do the work. This material will get a new material no. when I do the goods receipt.
  In PS I want to create a subcontracting external activity, create a PR from PS, create a PO and deliver it to the receiver in other words the subcontractor who will maintain/repair the material.
  For this alternative I think I can use a BOM, create a BOM of this existing material which will be maintain/repair with the parts I will send. Then I have to put the new material in my external activity as a material component with negative quantity as part of the subcontracting delivery
  My question is in this if I have thought this right, if you have experience of this please contact me.
  I hope my question is now clear for you, we are using the defence and aero solution so what I know I do can use the subcontracting with valuated project stock

• ADFS Active Authentication SAML token with unicode values throwing error when post to _trust end point in SharePoint

  Hi All,
  I have a SP2013 environment which authenticate users using ADFS 2.0 via Windows AD. We have two separate clients, Portal and Mobile. Portal users Passive Federation where as Mobile client uses Active Authentication with usernamemixed endpoint in ADFS. 
  I have an AD property which stores Unicode characters. In Active Authentication via Mobile, for a user who has a Unicode value in the AD property, I can get the SAML token successfully from ADFS. 
  Ex : <saml:AttributeValue>español</saml:AttributeValue>
  However, when I post this SAML token to SharePoint _trust endpoint, I'm getting an error "500 Internal Server error". However for the same user, if I change the AD property value from "español" to "English" then I can get the FedAuth
  cookie successfully from the _trust endpoint. 
  Also, for the same user, If I logged in via Portal which uses Passive Federation, then it's working fine.
  Really appreciate your thoughts on this.
  Supun

  Hi Supun,
  As you mentioned, the issue only happens in Active authentication. Would you please let me know which mobile client your users are using for the Active authentication, is it a custom one? Please be noted if you use a mobile browser, the authentication will
  also be Passive.
  In Passive mode authentication, STS also uses POST to pass the security token to the relaying party. I'd like to know what kind of tool you are using to post a SAML token to SharePoint endpoint as impersonation of an Active authentication. Since the Active
  authentication flow is quite complex, I also suggest you to check the event log in your ADFS server, and try to find more information about the issue.
  Thanks,
  Reken Liu
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• External Table Authentication

  Hi I am using OBIEE 11g.
  In my project we have to implement external table authentication. For that we have import the external table to physical layer. and build the repository variable using initialization block. In that i have written a following SQL -
  SELECT loginid
  ,grp
  ,display_name
  ,2
  FROM external_auth
  WHERE loginid = ':USER'
  and password = ':PASSWORD'.
  I have also create the variable target - LOGID, Group, Display Name and Log Level.
  and save the variable.
  My table structure like this - LoginID,Password,Grp, Display Name.
  When i am trying to save the RPD following error message raised.
  ERRORS:
  GLOBAL:
  [38095] The initialization string in the Repository Initialization Block '"Auth Variable"' contains the use of :USER or :PASSWORD.
  Any one to help to come out from this issue.
  Kindly provide any link for step by step guide.
  Thanks
  Gauthaman

  Hi Gautham,
  i think you created Repository Variable.
  Create a Session variable and Session initilization bliock. give the same query in Session Initialize block. it will work.
  Thnaks
  GSR

• External Table Authentication - Not Able to Login to Presentation services

  Hi ,
  I am trying to setup External table Authentication and in Rpd file I have setup session Variable as described in the OBIEE Server Admin Guide (http://download.oracle.com/docs/cd/E10415_01/doc/bi.1013/b31770.pdf -- Page 326 ) ..
  But when I try to logon to Presentation services Iget the following error.
  State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused. [nQSError: 13024] Successful completion of init block 'TableLDAP' is required. (08004)
  what am I doing wrong ? Please adivce.
  Thanks
  SS

  Hello,
  I Have setup system session User and group variables in a Initialazation block. No LDAP is tied. I have just created a table and added bunch of users and their passwords and their groups they belongs to.When I test my initialization block in rpd by suppling Uid/Pwd I see correct group they belongs to.
  But When I try in Presentation layer it doesn't work and throwing same error I mentioned.I tried various things but no luck .Not sure why intialization block is not firing off.
  Thanks
  SS

• Issue in External Table Authentication and Authorization in OBIEE11G

  Hello Gurus,
  Can anyone help me how to configure External Table Authentication and Authorization in OBIEE11g through weblogic server not like in 10g style(Through INIT Blocks).
  I've followed the (Doc ID 1338007.1) document. But when i'm restart the Managed servers and Admin servers after configuring the SQLAuthenticator all my services are showing down.
  I already raised the SR (SR 3-6286054151) on this issue. But still i didn't get any reply from them.
  Can anyone help me out on this issue or can anyone me send the document for "how to configure External Table Authentication and Authorization in OBIEE11g" . It's really appreciate for your quick response.
  my mail ID [email protected]
  Thanks,
  Syam.
  Edited by: 942658 on Oct 13, 2012 10:55 AM

  Hi John,
  Thanks for your quick response.
  We configured "ReadOnlySQL Provider" by following the Oracle's white paper(Doc ID 1338007.1) Please find the below steps what we configured in weblogic console.
  1. Created the Data Source
  2. In the data source specified the Database driver--> *Oracle's Driver Thin for service connections: Versions:9.0.1 and later.
  3. Defined the connection Properties .
  4. Selected targets as Admin server and bi_server.
  Then Activate changes
  5. Created new provider by using ReadOnlySQL Authenticator
  6. In the provider specific tab we given the SQL statements and saved it.
  7. Restarted the Admin and Managed servers.
  After restarted the services when we open the Enterprise Manager page all the services are showed as Undefined - means red.
  Apart from that we followed your suggested link http://askjohnobiee.blogspot.com/2012/09/how-to-oid-authentication-with-groups.html
  For External table authentication do we need to configure BISQLAuthenticator or ReadOnlySQLAuthenticator ?
  If we configure BISQLAuthenticator we just import Groups from database to Console application. Then how can it Authenticated to the User ?
  Please let me know your ideas on this.
  Thanks,
  Syam

• External database Authentication Issue

  Hello Experts
  I have omplemented external database authentication in my PC and somehow its not working
  Do we have to configure the details in NQSconfig file in the security section for implementing External Database Authentication .

  Hello Thanks for your concern .
  Steps i have followed
  *1)* use that table. If not, create the following table in your database.
  CREATE TABLE OBI_USER
  USERNAME VARCHAR2(255 BYTE),
  PASSWORD VARCHAR2(255 BYTE),
  GROUPNAME VARCHAR2(255 BYTE),
  DISPLAYNAME VARCHAR2(255 BYTE),
  LOGLEVEL NUMBER,
  CREATED_DT DATE sysdate,
  **2)**Created New ODBC Connection to use Separate Connection pool for OBIEE Security .
  *3)* Created New Session Initialization Block for Authentication and gave
  (SELECT USERNAME, GROUPNAME, DISPLAYNAME, LOGLEVEL FROM CPR_OBI_USER WHERE UPPER( USERNAME) =UPPER(':USER') AND UPPER(PASSWORD) =UPPER(':PASSWORD') ) by selection the new BI Security connection pool
  In the variable Traget i have defined 'USER', 'GROUP', 'LOGLEVEL','DISPLAYNAME'
  *4)* Created another Session Initialization Block for Authorization and gave (SELECT 'GROUP', GROUPNAME FROM OBI_USER WHERE UPPER( USERNAME) =UPPER(':USER'))
  And selected row wise initialization in variable target AND assigned Authentication Initialization block in the Execution Precedence .
  *5)* Created Groups in Manage-> Security-> Groups with the same group names as given in OBI_USER Table
  *6)* Added Groups in Manage Catalog and groups in Presentation Services .
  *7)* When i log on with the user which is assigned to the group in the OBI_USER Table then its giving
  (Unable to Log In     
  An invalid User Name or Password was entered.
  Please enter your User ID and Password below, and then press the Log In button.)
  Edited by: newbi on Sep 28, 2010 9:53 AM

• External activity should not be invoked by classic workspace

  In an interactive activity, it has a method. Then, it is set to external and add prepare and commit method. However, after running in API, an error appears. It shows that the external activity should be invoked by API not by classic workspace. However, after I delete the original activity method, this error disappear.

  uhm.. User to User forum.
  No. You can't remove the maximum document size restrictions.

• Prevention of assignment of Purchase Order to External activity from ME21N

  Hi,
  I would like to know if it is possible to prevent account-assigning a purchase order or requisition  to an external activity outside of PS, (CJ20N or CN22). The external activity will generate a purchase requisition when released from CJ20n or CN22.
  If someone goes outside of PS in ME51N or ME21N, they can also create a purcahse requisition or P.O. and assign it to that same network activity.
  Is there a way to prevent this from happening?

  In MM Customizing go to Purchasing=> Account Assignment Categories
  For Acc Assignment Assignment Category 'N' make the field 'Order' as display only.
  with regards,
  Ravi Shrivastav

• External activity in network

  Hi
  when creating external activity the cost element field is mandatory.
  how to make it as optional.
  i have already used OPUB but it didn't help.
  please reply!
  thanks!
  Harsh

  Hi Harsh,
  I think you cant have external activity w/o cost element. Cost element is a means for posting in CO. So for all PS objects cost element is directly or indirectly derived. For eg in case of internal activity, work center-cost center combination has cost element link. For cost activity we enter element directly. So you may not be able to make it optional, what is your businees requirement?
  Regards

• Need help with external user authentication

  Hello,
  I need some help to set up an external user authentication in Oracle DB 10g. Using the documentation at
  http://www.oracle-base.com/articles/misc/OsAuthentication.php
  I added the user alex to my linux system and checked the parameter os_authent_prefix:
  SQL> show parameter os_authent_prefix
  NAME TYPE VALUE
  os_authent_prefix string ops$
  SQL>
  I created the oracle user alex using
  CREATE USER alex IDENTIFIED EXTERNALLY;
  as well as
  CREATE USER ops$alex IDENTIFIED EXTERNALLY;
  The parameters in the sqlnet.ora are set to
  NAMES.DIRECTORY_PATH = (TNSNAMES, HOSTNAME, EZCONNECT)
  SQLNET.AUTHENTICATION_SERVICES = (ALL)
  Being the local user alex on the linux server I can login:
  $ sqlplus /
  SQL*Plus: Release 10.2.0.1.0 - Production on Tue Aug 30 08:56:26 2011
  Copyright (c) 1982, 2005, Oracle. All rights reserved.
  Connected to:
  Oracle Database 10g Release 10.2.0.1.0 - 64bit Production
  SQL>
  Now using a Windows Client:
  C:\>sqlplus alex@<netservicename>
  SQL*Plus: Release 10.2.0.1.0 - Production on Di Aug 30 10:31:37 2011
  Copyright (c) 1982, 2005, Oracle. All rights reserved.
  Kennwort eingeben:
  ERROR:
  ORA-01017: invalid username/password; logon denied
  - So, what's wrong?
  - Do I always have to create oracle users with the prefix "ops$" to the local username? How do these users login - with or without the prefix 'ops$'?
  - I read that kerberos authentication is only available through oracle advanced security addon. What about authentication through ldap?

  Obviously it doesn't work from any remote system.
  For this to happen the parameter remote_os_authent would have been set to true.
  Warning: this poses a security risk.
  As far as I know you should have been logged in as alex on the client, and using sqlplus /
  However, from 10g onwards Oracle comes with Oracle Wallet, which stores the password encrypted outside the database in a file, called wallet, and which is accessible from anywhere.
  You would better use that.
  Sybrand Bakker
  Senior Oracle DBA

• Aironet 1140 FLEXCONNECT External Web Authentication and Apple Devices

  Hi!
  I'm having an issue with this Access Point.
  I've configured this access point with WLC in mode FlexConnect with web authentication.
  It's all right, i'm connecting with my PC in wireless, i open my web browser in windows, then the Access Point redirect me to External Web Authentication Page,
  i put my credentials, and  i'm redirected to my access point ( https:/1.1.1.1/login.html i accept the certificate) and then the Access Point redirect me to Internet.
  I do this with my android phone, it's all right again.
  I try to connect with iphone or ipad , i'm  redirected to External Web Authentication Page, i put my credentials, and i'm  redirected to https://1.1.1.1/login.html where the web browser don't ask me anything and i'm not redirected to Internet.
  Have you any idea?

  Thx you Scott, i understand what are you talking about, but my problem is different.
  I try to explain..
  I see the wireless network, i associate the iphone to this network, so i'm  redirected to Login page,
  as i use the "Apple Login" or i Open a Web Page .
  In this page , that i reach with all devices i put my credentials, then i will be redirected with all devices
  back to Access Point (https://1.1.1.1/login.html).
  In this page i should be   redirected to internet after Radius Authentication, but with Apple Devices this doesn't work.
  This is thw WEB AUTHENTICATION from Cisco Documents.
  The user associates to the web authentication SSID.
  The user opens their browser.
  The WLC redirects to the guest portal (such as ISE or NGS) as soon as a URL is entered.
  The user authenticates on the portal.
  The guest portal redirects back to the WLC with the credentials entered.
  The WLC authenticates the guest user via RADIUS.
  The WLC redirects back to the original URL.

• Query related to external table authentication

  Hi Gurus,
  I am new to OBIEE. When we login to the Oracle Business intelligence, we used to give user as Administrator and password as Administrator.
  At this point, can we authentication the userid and password which is stored in external table in a users schema?
  ~ John

  "Administrator" will always be a user which is registered in the repository. All other users can be authenticated by external table authentication.
  You can create an init block which sets the USER system variable by
  SELECT user FROM users WHERE user = ':USER' and password = ':PASSWORD'