Hyperion Hub Required for External Authentication?

Similar Messages

• Customer Data Hub Required for EBS 11i?

  Is the Customer Data Hub required for EBS 11i to work correctly? It appears to be a supplemental product and not a required core product.

  Oracle Customer Data Hub (CDH) is not a mandate for EBS users. However, it solely depends on the Organizational needs. If an Organization decides to have SSOT (Single Source Of Truth) for it's customer data they can go with CDH solution.
  CDH is a complete packaged solution that allows companies to create a single, enterprise view of their customer base, by consolidating/synchronizing customer data from heterogeneous systems into a central, operational, data store. CDH alone will not suffice the requirement. CDH ties with Oracle Customers Online (OCO), Customer Data Librarian (CDL), and the Oracle Trading Community Architecture (TCA) to create a robust, scalable, central repository of duplicate-free, enriched data across a heterogeneous landscape.
  Hope this helps.
  Regards,
  ND

• Hyperion Installation Requirements  for 11.1.2.3

  Hi John
  We Planning to implement Hyperion 11.1.2.3 for our client who are having 300 users
  can u suggest the Hardware and Software Requirements for HFM,Essbase,Planning,FDM, ODI,DRM,
  I had gone through Installation Documentation and Support matrix but in that they had not mentioned the requirments for these many users we sugest the following Ram and Harddisk those things
  can us suggest me any documentation for all Hyperion modules the Ram and Harddisk requirements for 300 users .
  Thanks,

  You should be able to find that information in Standard deployment guide for 11.1.2.3.
  Check here : Server Capacity Specifications
  Regards,
  Santy.

• Requirements for user authentication

  In my trials of configuring the software, it seems that the only option of providing user access authentication is via LDAP integration. This seems a heavy requirement for non-enterprise usage.
  I created a default directory service, but cannot enable access control without setting up distributed access, which seems to require LDAP. Installing LDAP has it's own set of prerequisites. Is all this really necessary? Am I misunderstanding the documentation?
  Thanks,
  Sean Wyatt

  Dear sean.wyatt,
  LDAP is not the only option for user-auth. There are key files and digest files. Or you have some reason to use only LDAP.

• Password aging for externally authenticated user

  Hello All:
  How can we implement the password aging of externally authenticated user.
  Thanks
  San~

  If the user is externally authenticated, then the password expiry should be external. E.g for the unix account.
  "When you choose external authentication for a user, the user account is maintained by Oracle, but password administration and user authentication is performed by an external service. This external service can be the operating system or a network service, such as Oracle Net.
  With external authentication, your database relies on the underlying operating system or network authentication service to restrict access to database accounts. A database password is not used for this type of login. If your operating system or network service permits, you can have it authenticate users. If you do so, set the initialization parameter OS_AUTHENT_PREFIX, and use this prefix in Oracle user names. The OS_AUTHENT_PREFIX parameter defines a prefix that Oracle adds to the beginning of every user's operating system account name. Oracle compares the prefixed user name with the Oracle user names in the database when a user attempts to connect."

• EsbCreateUser API for external authentication?

  <p>I was trying to create users using the VB API, but there is noAPI to create users with external authentication. How do we getaround this?</p>

  I am sorry. I must be sleeping while looking for the API. I found it

• Shell access required for RADIUS authentication?

  Hello all,
  A customer of mine has a fleet of modern Mac laptops, all accessing 3 AFP file servers. Access to those file servers is governed by a Snow Leopard Open Directory Master. Pretty simple.
  I’ve been tasked with introducing RADIUS authentication to the WLAN there. The WAPs are all Airport Extremes, so again the setup is pretty simple.
  But in testing, I see that users can authenticate to the RADIUS WLAN only if I give those user accounts shell access in Open Directory. If a user’s account has a login shell set to None (our previous default), then any RADIUS authentication attempt produces the following log error:
  Auth: [unix] [USERNAME]: invalid shell [/dev/null]
  If I switch that user’s login shell to (for example) /bin/bash, then restart RADIUS, that user authenticates successfully thereafter.
  Is this expected behavior? Is there an alternative to giving everyone shell access?
  Thanks for any info,
  Brandon White
  System Administrator
  www.technico.us

  Hi Peter,
  have a look at the RADIUS implementation CookBook (www.vasco.com/novell)
  chris
  > We use Vasco tokens for two things: Checkpoint Firewall-1 VPN
  > authentication, and iChain 2.2 RADIUS authentication. The current
  > RADIUS.NLM that we use is from the iChain authentication CD.
  >
  > The only problem I can think of to mention is the "Unknown RADIUS client"
  > error that we got after NW6 SP5. That was solved by the latest NMAS
  patches
  > and an upgrade from eDir 8.6.2 to 8.7.3.
  >
  >
  > "Peter van de Meerendonk" <[email protected]>
  wrote in
  > message news:JNiQd.595$[email protected]..
  > > > Well, just let me cover my hiney a little. We did have extremely bad
  > > > results with Activcard ACO000 tokens, but that is an old product from
  > > about
  > > > 3-4 years ago. I have no knowledge of the current Activcard tokens.
  > > >
  > > OK, but the licensing policy makes activcard a costly alternative.
  we've
  > got
  > > a good deal on RSA, and are negociating a deal on Vasco. eventually we
  > might
  > > need 250+ tokens.
  > >
  > > I am very interested in configuration details of your setup. do you use
  > the
  > > tokens only for checkpoint authentication, or for novell
  authentication as
  > > well?
  > >
  > >
  > >
  >
  >

• Licensing Requirements for External Users

  We are using SharePoint Foundation.  We allow non employees (clients) to access our SharePoint site to share files. These clients authenticate via Active Directory.  Do we require CALS for these external users? If so would the External Connector
  License suffice?  In a few months we will be switching to SharePoint Foundation 2013. We will use forms based authentication for the external users.  We've done some research on this topic, but the water is still cloudy.

  SharePoint Foundation is covered by the windows license. If you have External Connector license for for all servers(SharePoint & SQL), then your it covered. 
  also check this post for more details.
  http://social.technet.microsoft.com/Forums/sharepoint/en-US/69d181e6-0434-40fb-b4c3-6b9ef9e0a7a1/sharepoint-2013-foundation-licensing-scope?forum=sharepointgeneral
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• Settings required for external vendor catalog

  Hi Experts,
  Please advise if i have external vedor catlog and want to use it for shopping carts. What config settings i need to do for it.
  Regards,
  Kamal

  Hi,
  You must define your catlog here in EBP
  SRM server- > master data-> Define external web services .
  You must give inbound parameters for the vendor catalog to access from ebp.
  As well as this catalog definitions must be defined in CAT attribute in PPOMA_BBP.
  Also please refere the OCI config document for further setting.
  Cheers!!
  NMK

• Administrator Password Required for External Drive

  I recently started to get this message when hooking up my external drive. "Device Sentry", "Security Alert!" "An Administrator password is required to allow this volume to mount." When I enter my password the drive shows up. This has never happened before. I do have the requirement to enter my password to start up, but never to turn on my external drive. Anyone have any ideas? Suggestions?
  Thanks,
  Kurt

  Kurt, you obviously have Internet Cleanup 8 or higher installed, that is the source of the message...
  http://www.macworld.com/article/131979/2008/02/internetcleanup.html

• Essbase analytic services 7.1.5 & external authentication

  Hi,
  first off, you have to excuse me for being a total newbie in the field of Essbase ;)
  We are currently trying to move our external authetication from Novell eDirectory via LDAP to Microsoft Active Directory. We use the LDAP authentication module with the following string in essbase.cfg "AuthenticationModule LDAP essldap.dll x".
  Reading the documentation for external authentication (x_auth.pdf) we came to the conclusion that we "needed" the Hub installed. Talking to Hyperion support told us that use of the Hub with our version was very unusual.
  Is it possible to configure the CSS authentication module to use a .xml file configured for our Microsoft AD and simply forget about the hub? If so, does the following lines look correct to you:
  essbase.cfg:
  "AuthenticationModule CSS file://localhost/D:/Program/ESSBASE/bin/css_config.xml"
  css_config.xml:
  <msad name="msad1">
  <trusted>false</trusted>
  <url>ldap://ADDC_server:389/ou=contoso, dc=COMPANY, DC=LOCAL</url>
  <userDN>cn=Administrator</userDN>
  <password>wordpass</password>
  <authType>simple</authType>
  <authProtocol>ssl</authProtocol>
  <identityAttribute>dn</identityAttribute>
  <user>
  <url>ou=Users</url>
  <loginAttribute>cn</loginAttribute>
  <fnAttribute>givenname</fnAttribute>
  <snAttribute>sn</snAttribute>
  <emailAttribute>mail</emailAttribute>
  <objectclass>
  <entry>person</entry>
  <entry>organizationalPerson</entry>
  <entry>user</entry>
  </objectclass>
  Trying to add or copy a user in the Essbase Administration Services enterprise view gives us the following error:
  "Error: 1051203 Single Sign On External Authentication is Disabled"
  That tells me that we need to configure SSO in the css_config.xml file, but i have not found any examples for Analyzer but only for OBIEE.
  Is there anybody at this forum that have achieved what we are striving for?
  Best Regards,
  Johannes

  Hi,
  Something must wrong in your css.xml, I am not sure if you can get any further logging...
  here is an example of a css.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <css xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <spi>
  <provider>
  <msad name="msad1"> <trusted>false</trusted>
  <url>ldap://ldapserver:389/dc=CompanyName,dc=com</url>
  <userDN>CN=#######,OU=Security Accounts,OU=IT,DC=CompanyName,DC=com</userDN>
  <password>########</password>
  <authType>simple</authType>
  <identityAttribute>dn</identityAttribute>
  <user>
  <loginAttribute>sAMAccountName</loginAttribute>
  <fnAttribute>givenname</fnAttribute>
  <snAttribute>sn</snAttribute>
  <emailAttribute>mail</emailAttribute>
  <objectclass>
  </objectclass>
  </user>
  <group>
  <url>cn=LostAndFound</url>
  </group>
  </msad>
  </provider>
  </spi>
  <searchOrder>
  <el>msad1</el>
  </searchOrder>
  <token>
  <timeout>60</timeout>
  </token>
  <logger>
  <priority>ERROR</priority>
  </logger>
  </css>
  If you are still struggling you could try an ldap browser to see if you can connect with the details you are trying.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Essbase security Migration from native mode to external authentication

  Hi!!
  I want some guidance on setting up security, all the users are currently in Native user mode and Native groups.
  Now we want to migrate to external mode, current version of hyperion is 11.1.1.3, any steps to follow in
  this direction would be really helpful.
  What is the best way of migrating huge user base from native directory to setting up for external authentication,
  this is the first time move from native to external authentication, If anyone who has done this will be helpful.
  steps to setup , maxl based migration will be helpful or utility based.
  Thanks

  When you say native mode do you mean that that essbase security is in native mode and you want to convert to shared services security mode,or do you mean you are using shared services securtiy with native users and you want to use an external directory like MSAD.
  For your question ::
  Yes the first piece is correct, our security is in native mode.
  and we want to convert to shared services security mode,
  The request involves moving from essbase native mode to Shared services native user mode (moving all the existing users, groups and existing provisioning)
  The next stage is moving from Shared services native user mode to external directory. (moving all the existing users, groups and existing provisioning)
  Your input will guide me in the direction.
  Thanks

• External Authentication 2106 WLC help

  Hello,
  We have setup a 2160 WLC for external authentication so that we can control the look and feel of the web pages a bit better.
  I wanted to better understand how to setup the page to handle errors. I'm trying to determine how the errors get posted back to the external web page.
  My understanding is that the form is "POST" to the 1.1.1.1, when it redirects to the external web auth due to an error are the values (error codes, redirect url, etc) appended to the query string?
  If they are appeded to the query string...what are the variable names we should be looking for?
  Thanks in advance

  Josh,
  I would recommend reviewing the source within the Web Authentication templates for info on customizable error codes... available on Cisco.com:
  Wireless -> WLCs -> Select a model -> Web Authentication Bundle
  Best,
  Drew
  Sent from Cisco Technical Support
  iPhone App

• External authentication using Headervariable

  Hi SAP Experts
  We have configured External authentication for WEM using Headervariable.We are using BI Java 7.0
  External authentication is working fine using Headervariable Login module for URL http://<WEb Server hostname>/irj which redirect to http://<J2EE hostname>:<port #>/irj
  As you all know that we also use http://<J2EE hostname>:<port #> for Administation point of view where many options available like user management, SLD, Webdynpro, NetWeaver Administation etc.We have not configured this URL for External Authentication  and also do not want to configure but when tyring to access any administration option on this, portal prompts default logon page and after entering Portal UserID/Password we get message like " No Loginmodules configured for Header"
  I do not know why system display this message
  Please help me if anyone has experience to resolve this issue, as we want to use URL http://<J2EE hostname:<port #>, which should prompts Portal Logon screen and after entering Portal userid/password we should access the administration screen without afftecting our External Authentication configuration for URL http://<WEb Server host>/irj
  Thanks in Advance
  Thanks with Regards
  Deelip Kumar

  Hi Deelip,
  my earlier post referred to an additional authscheme that you may have created. If you have done so, please remove it. If you have checked this, there still is a predelivered authscheme called header, wich references a login stack called header. This login stack template does not exist as a default.
  In this case, you may have assigned this authscheme (header) to some component, like an iview. How this works is explained in the docs <a href="http://help.sap.com/saphelp_erp2005vp/helpdata/en/54/f91fba71ae48309e4267b4a36fa47b/frameset.htm">here</a> and<a href="http://help.sap.com/saphelp_erp2005vp/helpdata/en/54/a334ed5bbfd5488b8cdd67b2c594a9/frameset.htm">here</a> for example.
  If you have done so, this reference to the authscheme header may trigger the lookup of the login stack template called header, which does not exist and thus leads to the error.
  For detailed error analysis, I would recommend to search the security log and the portal logs for indications where the source of this error might be.
  Regards,
  Patrick

• OID External Authentication issue

  Hi..
  I have configured synchronization profile to import users from TDS to OID using DIP but it does not work as change log is not enabled on TDS side.
  Now i have configured External Authentication Plugin and i craeted same users in in TDS and also in OID but external authenctication does not work.
  Can you please point out if i missing some point or is synchronization profile is must for External Authentication.
  Find the product version details -
  OID 11.1.1.6
  Tivoli Directory Server 6.1
  Regards
  Santosh
  Edited by: user601746 on Jan 8, 2013 1:02 AM

  Got the solution.
  I used bootstrap loading to create users from TDS to OID then configure external authentication..works fine... :)