Shared Services Authentication

Hi,
Would anyone be able to tell me whether they are using ADAM for authentication rather than MSAD in Shared Services. Our company is promoting the use of ADAM over MSAD, however I can't see whether its officially supported by Oracle/Hyperion products.
We're proceeding to test with ADAM, but i'm not sure if we'll encounter any obstacles in the future. Any war stories here?
Help much appreciated,
Graeme Newlands.

Hi,
thank you very much for the quick reply.
So we migrated 200 users (which got a new password from the externalise process) they need to send a password the whish to have?!
Thats not really nice :D
Best Regards
Thomas

Similar Messages

  • Shared Service Authentication Failure with Essbase.

    Hi can anyone help. I am using 9.3.1. SS & EAS and an instance of Essbase are already installed and configured i am just adding in an additional essbase server to scale out due to application growth.
    I have added in a new essbase server, successfully added the new server into the EAS console. Also Successfully externalised the users.
    On selecting OK on the dialogue box to say that the convert to shared service mode was successful the EAS console has chucked out the following error message:-
    Analytical Services user [essadmin] Authentication Fails against the Shared Services Server with Error[Failed to authenticate user essadmin against provider Native Directory].
    Now as i did not have the orginal essadmin password, i was unable to use this (and this does have a native account in SS). I Did however use essadmin as a username and created a new password, i have not however created this as a native account in SS as i thought the system would get confused with two essadmin accounts and i don;t want to affect the current essbase system that is running. The users would kill me!!!.
    Does anyone know how i can correct this issue?
    Thanks

    It would really help,if someone can reply and give advice on the problem mentioned in the original post.
    T
    hanks

  • Force User to Change Password with Shared Services authentication

    Hi Everybody,
    is there a way to set a property that user needs to change his password when he connect's the first time to web analysis?
    Version is 9.3
    Thank you very much in advance.
    Best Regards
    //nois

    Hi,
    thank you very much for the quick reply.
    So we migrated 200 users (which got a new password from the externalise process) they need to send a password the whish to have?!
    Thats not really nice :D
    Best Regards
    Thomas

  • EAS without Shared Services

    Hi Guys,
    in former Essbase 11 and Essbase 9 Versions it was possible to remove the shared services authentication by modifing the OlapAdmin.properties file.
    After an successfull 11.1.2.0 installation I can't find that file anymore.
    Does anybody know of another way to bring EAS back to native security mode in version 11.1.2.0?
    Thank you very much!
    Best Regards
    Thomas

    Hi,
    It may be stored in the shared services registry.
    You can export property, update and then import back in using LCM
    Log into HSS, expand application groups > Foundation > Deployment Metadata
    Expand Shared Services Registry > Essbase > LWA -eas@... Tick properties
    Run the migration and will create a files in
    Oracle\Middleware\user_projects\epmsystem1\import_export\admin@Native Directory\EAS\resource\Shared Services Registry\Essbase\LWA - eas....
    Have a look in the property files generated see if it is in there.
    I have not tried this by the way, Oracle may have changed to force to use shared services mode now, if I get a chance I will look into it further unless somebody else knows the exact location.
    Cheers
    John
    http://john-goodwin.blogspot.com/

  • AD authentication against Shared Services failing randomly

    We're seeing random failures in AD authentication against Shared Services both via the Excel Addin and via Maxl scripts.
    SQL server (v 10.50.2500), Shared Services and OHS (v 11.1.2.2.303), and Essbase server (v11.1.2.2.104) are installed on the same physical box (16 cores, 192GB RAM) in a single-server configuration. It happens every few days at no fixed time and is resolved either by itself in a few hours, or by stopping and starting EPM services (Hyperion Foundation Services - Managed Server, OPMN service for Essbase, and OPMN service for OHS are stopped by running <Middleware_Home>\user_projects\epmsystem1\bin\stop.bat, and started by running start.bat).
    While the AD authentication is down, nobody is able to connect (via the Excel Add-in or Maxl scripts) using their AD accounts and get the following error - "Analytical Services user [AD_user1] Authentication Fails against the Shared Services Server with Error [EPMCSS-00301: Failed to authenticate user. Invalid credentials. Enter valid credentials.]". Native authentication works at all times (even when AD authentication fails).
    Although it seems to apply to an older version and to Planning/Workspace, we did look into "Error "EPMCSS-00301: Failed To Authenticate User. Invalid credentials" Intermittently When MSAD User Logs Into Workspace. (Doc ID 1389871.1)". But even after making the suggested changes, the problem persists. Any ideas what might be causing AD authentication to fail randomly like this? Below are some relevant portions of the logs -
    From ESSBASE_ODL.log -
    [2014-01-10T04:41:06.693-05:00] [ESSBASE0] [ERROR:32] [AGENT-1440] [] [ecid: 1388972435616,0] [tid: 6312] Essbase user [hyperion_admin] Authentication Fails against the Shared Services Server with Error [EPMCSS-00301: Failed to authenticate user. Invalid credentials. Enter valid credentials.]
    [2014-01-10T04:41:06.693-05:00] [ESSBASE0] [WARNING:1] [AGENT-1003] [] [ecid: 1388972435616,0] [tid: 6312] Error 1051440 processing request [Login] - disconnecting
    From SharedServices_Security_Client.log -
    [2014-01-10T04:39:00.490-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20330] [oracle.EPMCSS.CSS] [tid: 149] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheManager] [SRC_METHOD: getCache] Cache refresh started asynchronously. This is a status messages. No action required. [2014-01-10T04:39:42.547-05:00] [EPMCSS] [ERROR] [EPMCSS-07047] [oracle.EPMCSS.CSS] [tid: 150] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.util.jndi.pool.JNDIConnectionPool] [SRC_METHOD: getBorrowObject] Failed to get connection  from connection pool for user directory AD. Error executing query. adweilcom:389. Verify user directory configuration.
    [2014-01-10T04:39:42.547-05:00] [EPMCSS] [ERROR] [EPMCSS-09102] [oracle.EPMCSS.CSS] [tid: 150] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.JNDIHelper] [SRC_METHOD: getURLContext] Failed to initialize group cache for MSAD user directory AD. Error connecting to url. ad.weil.com:389. Verify MSAD user directory configuration.
    [2014-01-10T04:39:42.547-05:00] [EPMCSS] [ERROR] [EPMCSS-00107] [oracle.EPMCSS.CSS] [tid: 150] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.CSSManager] [SRC_METHOD: pingConfiguredProviders] Failed to refresh group cache. Some of configured user directories not initialized [AD]. Verify user directory configuration.
    [2014-01-10T04:39:42.547-05:00] [EPMCSS] [WARNING] [EPMCSS-10029] [oracle.EPMCSS.CSS] [tid: 150] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: run] Exception while building asynchronous group cache for user directory. EPMCSS-00107: Failed to refresh group cache. Some of configured user directories not initialized [AD]. Verify user directory configuration.. Verify Shared Services security user directory configuration.
    [2014-01-10T04:40:24.605-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 149] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.util.jndi.pool.JNDIConnectionPool] [SRC_METHOD: getBorrowObject] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-10T04:40:24.605-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 149] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.JNDIHelper] [SRC_METHOD: getURLContext] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-10T04:41:06.662-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 149] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.util.jndi.pool.JNDIConnectionPool] [SRC_METHOD: getBorrowObject] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-10T04:41:06.662-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 149] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.JNDIHelper] [SRC_METHOD: getURLContext] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-10T04:41:06.693-05:00] [EPMCSS] [WARNING] [EPMCSS-10033] [oracle.EPMCSS.CSS] [tid: 149] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.facade.impl.CSSAbstractAuthenticator] [SRC_METHOD: authenticateUser] Skipping user directory {0} failed to communicate with server. {1}. No action required.
    [2014-01-10T04:41:06.693-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 149] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.facade.impl.CSSAbstractAuthenticator] [SRC_METHOD: authenticateUser] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    From console~Essbase1~EssbaseAgent~AGENT~1.log -
    [Fri Jan 10 04:40:22 2014EPMCSS-00301: Failed to authenticate user. Invalid credentials. Enter valid credentials.               
    at com.hyperion.css.facade.impl.CSSAbstractAuthenticator.authenticateUser(CSSAbstractAuthenticator.java:658)
    at com.hyperion.css.facade.impl.CSSAPIAuthenticationImpl.authenticate(CSSAPIAuthenticationImpl.java:69)               
    at com.hyperion.css.facade.impl.CSSAPIImpl.authenticate(CSSAPIImpl.java:102)               
    at com.hyperion.css.facade.impl.CSSAPIImpl.login(CSSAPIImpl.java:794)               
    at com.hyperion.css.facade.CSSAPIFacade.login(CSSAPIFacade.java:776) ]
    Local/ESSBASE0///9180/Info(1042059)

    Server times are in sync. In fact, we see no such issues on the 9.3.1 environments (which are in the same server farm as the 11.1.2.2 environments).
    We're using the same MSAD configuration we have in the 9.3.1 environments as follows -
    Directory Server: Microsoft
    Name: AD Host Name: ad.mycompany.com
    Port: 389
    SSL Enabled: unchecked
    Base DN: DC=ad,DC=mycompany,DC=com
    ID Attribute: objectguid (greyed)
    Maximum Size: 200
    Trusted: checked
    Anonymous Bind: unchecked
    User DN: ad\hyperion_admin
    Append Base DN: unchecked
    User RDN: blank
    Login Attribute: cn
    First name Attribute: givenName
    Last name Attribute: sn
    Email Attribute: mail
    Object Class: person,organizationalPerson,user
    Support Groups: checked
    Group RDN: OU=groups
    Name Attribute: CN
    object class: group?member
    I also tried disabling AD groups (Support Groups = unchecked), but I still see a random AD authentication failure. Below are logs based on automated retrievals using an AD account at 14:37, 17:37, 20:37 and 21:40 today. The first 2 worked fine, the 3rd failed, the fourth worked fine again. From SharedServices_Security_Client.log -
    [2014-01-11T14:37:00.574-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20330] [oracle.EPMCSS.CSS] [tid: 42] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheManager] [SRC_METHOD: getCache] Cache refresh started asynchronously. This is a status messages. No action required.
    [2014-01-11T14:37:00.917-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20005] [oracle.EPMCSS.CSS] [tid: 43] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Asynchronously started user directory cache building for user directory Native Directory. Status message. No action required.
    [2014-01-11T14:37:00.917-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20005] [oracle.EPMCSS.CSS] [tid: 43] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Asynchronously started user directory cache building for user directory AD. Status message. No action required.
    [2014-01-11T14:37:00.917-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20008] [oracle.EPMCSS.CSS] [tid: 44] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.MSADProvider] [SRC_METHOD: createCache] Group support is disabled for MSAD user directory AD returning empty cache map. Status message. No action required.
    [2014-01-11T14:37:00.917-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20007] [oracle.EPMCSS.CSS] [tid: 44] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.ProviderCacheThread] [SRC_METHOD: run] Group cache completed for user directory AD and size of group cache is 0. Status message. No action required.
    [2014-01-11T14:37:00.917-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20007] [oracle.EPMCSS.CSS] [tid: 45] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.ProviderCacheThread] [SRC_METHOD: run] Group cache completed for user directory Native Directory and size of group cache is 19. Status message. No action required.
    [2014-01-11T14:37:00.917-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20331] [oracle.EPMCSS.CSS] [tid: 43] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Cache building is done for the providers, now started unifying the cache. This is a status messages. No action required.
    [2014-01-11T14:37:01.151-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20332] [oracle.EPMCSS.CSS] [tid: 43] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Unify cache done and cache object set to the cache manager. This is a status messages. No action required.
    [2014-01-11T17:37:00.752-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20330] [oracle.EPMCSS.CSS] [tid: 46] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheManager] [SRC_METHOD: getCache] Cache refresh started asynchronously. This is a status messages. No action required.
    [2014-01-11T17:37:01.174-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20005] [oracle.EPMCSS.CSS] [tid: 47] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Asynchronously started user directory cache building for user directory Native Directory. Status message. No action required.
    [2014-01-11T17:37:01.174-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20005] [oracle.EPMCSS.CSS] [tid: 47] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Asynchronously started user directory cache building for user directory AD. Status message. No action required.
    [2014-01-11T17:37:01.174-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20008] [oracle.EPMCSS.CSS] [tid: 48] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.MSADProvider] [SRC_METHOD: createCache] Group support is disabled for MSAD user directory AD returning empty cache map. Status message. No action required.
    [2014-01-11T17:37:01.174-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20007] [oracle.EPMCSS.CSS] [tid: 48] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.ProviderCacheThread] [SRC_METHOD: run] Group cache completed for user directory AD and size of group cache is 0. Status message. No action required.
    [2014-01-11T17:37:01.174-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20007] [oracle.EPMCSS.CSS] [tid: 49] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.ProviderCacheThread] [SRC_METHOD: run] Group cache completed for user directory Native Directory and size of group cache is 19. Status message. No action required.
    [2014-01-11T17:37:01.174-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20331] [oracle.EPMCSS.CSS] [tid: 47] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Cache building is done for the providers, now started unifying the cache. This is a status messages. No action required.
    [2014-01-11T17:37:01.361-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20332] [oracle.EPMCSS.CSS] [tid: 47] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Unify cache done and cache object set to the cache manager. This is a status messages. No action required.
    [2014-01-11T20:37:00.634-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20330] [oracle.EPMCSS.CSS] [tid: 50] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheManager] [SRC_METHOD: getCache] Cache refresh started asynchronously. This is a status messages. No action required.
    [2014-01-11T20:37:42.707-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 50] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.util.jndi.pool.JNDIConnectionPool] [SRC_METHOD: getBorrowObject] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-11T20:37:42.707-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 50] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.JNDIHelper] [SRC_METHOD: getURLContext] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-11T20:38:24.748-05:00] [EPMCSS] [ERROR] [EPMCSS-07047] [oracle.EPMCSS.CSS] [tid: 51] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.util.jndi.pool.JNDIConnectionPool] [SRC_METHOD: getBorrowObject] Failed to get connection  from connection pool for user directory AD. Error executing query. adweilcom:389. Verify user directory configuration.
    [2014-01-11T20:38:24.748-05:00] [EPMCSS] [ERROR] [EPMCSS-09102] [oracle.EPMCSS.CSS] [tid: 51] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.JNDIHelper] [SRC_METHOD: getURLContext] Failed to initialize group cache for MSAD user directory AD. Error connecting to url . ad.weil.com:389. Verify MSAD user directory configuration.
    [2014-01-11T20:38:24.748-05:00] [EPMCSS] [ERROR] [EPMCSS-00107] [oracle.EPMCSS.CSS] [tid: 51] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.CSSManager] [SRC_METHOD: pingConfiguredProviders] Failed to refresh group cache. Some of configured user directories not initialized [AD]. Verify user directory configuration.
    [2014-01-11T20:38:24.748-05:00] [EPMCSS] [WARNING] [EPMCSS-10029] [oracle.EPMCSS.CSS] [tid: 51] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: run] Exception while building asynchronous group cache for user directory. EPMCSS-00107: Failed to refresh group cache. Some of configured user directories not initialized [AD]. Verify user directory configuration.. Verify Shared Services security user directory configuration..
    [2014-01-11T20:39:06.806-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 50] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.util.jndi.pool.JNDIConnectionPool] [SRC_METHOD: getBorrowObject] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-11T20:39:06.806-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 50] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.JNDIHelper] [SRC_METHOD: getURLContext] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-11T20:39:06.806-05:00] [EPMCSS] [WARNING] [EPMCSS-10033] [oracle.EPMCSS.CSS] [tid: 50] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.facade.impl.CSSAbstractAuthenticator] [SRC_METHOD: authenticateUser] Skipping user directory {0} failed to communicate with server. {1}. No action required.
    [2014-01-11T20:39:06.806-05:00] [EPMCSS] [ERROR] [EPMCSS-00301] [oracle.EPMCSS.CSS] [tid: 50] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.facade.impl.CSSAbstractAuthenticator] [SRC_METHOD: authenticateUser] Failed to authenticate user. Invalid credentials. Enter valid credentials.
    [2014-01-11T21:40:41.799-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20330] [oracle.EPMCSS.CSS] [tid: 52] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheManager] [SRC_METHOD: getCache] Cache refresh started asynchronously. This is a status messages. No action required.
    [2014-01-11T21:40:41.986-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20005] [oracle.EPMCSS.CSS] [tid: 53] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Asynchronously started user directory cache building for user directory Native Directory. Status message. No action required.
    [2014-01-11T21:40:41.986-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20005] [oracle.EPMCSS.CSS] [tid: 53] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Asynchronously started user directory cache building for user directory AD. Status message. No action required.
    [2014-01-11T21:40:41.986-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20008] [oracle.EPMCSS.CSS] [tid: 54] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.spi.impl.msad.MSADProvider] [SRC_METHOD: createCache] Group support is disabled for MSAD user directory AD returning empty cache map. Status message. No action required.
    [2014-01-11T21:40:41.986-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20007] [oracle.EPMCSS.CSS] [tid: 54] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.ProviderCacheThread] [SRC_METHOD: run] Group cache completed for user directory AD and size of group cache is 0. Status message. No action required.
    [2014-01-11T21:40:42.002-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20007] [oracle.EPMCSS.CSS] [tid: 55] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.ProviderCacheThread] [SRC_METHOD: run] Group cache completed for user directory Native Directory and size of group cache is 19. Status message. No action required.
    [2014-01-11T21:40:42.002-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20331] [oracle.EPMCSS.CSS] [tid: 53] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Cache building is done for the providers, now started unifying the cache. This is a status messages. No action required.
    [2014-01-11T21:40:42.080-05:00] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20332] [oracle.EPMCSS.CSS] [tid: 53] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.cache.CacheThread] [SRC_METHOD: buildCache] Unify cache done and cache object set to the cache manager. This is a status messages. No action required.

  • Shared Services External Authentication using LDAP in 9.3.1

    Hi,
    I have installed Hyperion Shared Services with native directory. And now planning to setup external authentication using LDAP. I need some guidance to understanding how the external authentication works.
    Questions:
    1. Is it possible to setup Shared Services to use both Native and LDAP user directory? What I mean is some users will be able to login using Native directory, and some others will need to login using User Directory (external authentication).
    2. For User Directory (say we use LDAP), when the user is added into Shared Services, can they be assigned with Groups created in Native directory? We want to explore to use just the external authentication and define all of the groups within shared services.
    If not possible, can we manage the Groups of the User directory using shared services? How is the groups work with external authentication?
    Any feedback would be much appreciated.
    Thanks,
    Lian

    Hi,
    Yes you can use both Native and external authentication. When you add the external provider the native is left by defaut anyway.
    Yes you can add your external users to native groups. You can also provision the groups in the AD if you wish.
    Gee

  • OBIEE 11.1.1.6.2 BP1 authentication through Shared Services EPM 11.1.2 .2

    Hi,
    Any idea how to get the authentication in OBIEE through Shared Services to work?
    We use Native Directory and MSAD in SS, hence we need to get the authentication through Shared Services.
    We were able to run this on EPM 11.1.1.3 through LDAP server of Shared services port 28089, surely not working now.
    I've tried both of the following but still no luck:
    http://gerdpee.wordpress.com/2011/06/17/oracle-weblogic-and-hyperion-shared-services-11-1-1-3/
    http://gerdpee.wordpress.com/2011/06/17/integration-sort-of-of-obiee-11-1-1-5-and-hyperion-shared-services-11-1-1-3/
    Please help. Many thanks!!!
    Cheers,
    Steve

    Hi Steve,
    I have not been through this, but hope this helps you though. While we run the System configurator Wizard (EPM 11.1.1.2), we are now having an option to integrate EPM with OBIEE. Have you given it a shot?
    I am just thinking, if we could had it configure for us, we could directly access the Subject Areas from OBIEE, just like what Mark had mentioned here : http://www.rittmanmead.com/2009/01/epm-workspace-111-and-obiee-10134-updated/
    You could further look into the "SSO using CSS Token" field in the connection pool, too.
    Hope this helps and I will let you know, if I have any other information.
    Thank you,
    Dhar

  • Moving from Native to External Authentication - Hyperion Shared Services

    Hello Experts/John.
    We are planning to move from native directory authentication to external (MSAD) authentication mechanism.
    For that we have planned as below...
    1) We will configure MSAD with our present Shared services.
    2) Export the users using import-export utility from native directory.
          Replace the user's name in csv file with their respective AD user name. This will get modified along with the group/roles.
          Re-load the modified csv file so that new users will come into effect.
    3) Change the authentication preferences.
    4) Remove the passwords from the native directory, so that all authentication happens thru AD and basis roles that are stored
    in shared services users will able to see respective application with their desired priv.
    As I said this the approach we are thinking. Kindly suggest us whether we are on right path or this will cause any problem in production..
    We are on using EPM 11.1.1.3 on Win 2003 platform.
    Seeking your guidance.
    Thanks

    Forget to mention that we are currently working on EPM 11.1.1.3 version on win 2003 environment...

  • Shared Services External Authentication

    Hi All,
    In Shared Services, under Defined User Directories, When click on Add I am able to see "Relational Database(Oracle, DB2, SQL Server)"; means we can configure Oracle db as (Oracle Apps) as external authantication?
    We are using Hyperion system 9.3.1.
    Thanks in Advance,

    User and Group information can be derived from Oracles system schema tables, read more about it at :- http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/html_cas_help/ch04s06.html
    Cheers
    John
    http://john-goodwin.blogspot.com/

  • Error while starting the shared service server

    Hi john,
    I am getting the following error while starting the shared service server.
    *25 Jul 2009 10:26:39 - org.apache.slide.common.Domain - ERROR - Unable to migrate hub groups to css*
    So shared service console is not starting.
    Please tell me the solution for it.
    Thanks
    Edited by: user11358816 on Jul 24, 2009 10:06 PM
    Edited by: user11358816 on Jul 24, 2009 10:09 PM

    Hi John,
    Yes,It was working earlier.
    When I have added NTLM authentication for FDM I am getting that error,but instead of that if
    I am adding the authentication provider as LDAP(CSS) I am not getting that error.
    So finally i have added only one authentication provider and that is LDAP(CSS).
    I fallowed ur document for integrating the FDM application with planning application.(http://john-goodwin.blogspot.com/2008/07/planning-v11-drill-back.html )
    For the global logon information I have given admin and password , which I have given while adding the LDAP authentication (CSS).
    I am getting machine profile missing error when i clicked on the dimension and the target dimension test box contain connection failed.
    Can u suggest me where am I wrong?
    Thanks
    Edited by: user11358816 on Jul 26, 2009 9:42 PM

  • Missing roles in Shared Services 9.3.1

    We are going through an install of 9.3.1 at a clients site. Planning is working correctly with shared services, but Financial Reporting is throwing this error found in SharedServices_security.log:
    2008-05-02 11:53:50,718 [ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] WARN com.hyperion.css.spi.impl.nv.NativeProvider.getHierarchicalRoleTree(Ljava.util.Map;Ljava.lang.String;Lcom.hyperion.css.common.CSSRoleNode;Ljava.lang.String;Lcom.hyperion.css.spi.util.jndi.CSSDirContext;Ljava.util.Locale;Ljava.util.ResourceBundle;)V(Optimized Method) - Exception getting Child Roles in hierarchy due to Illegal or invalid id.dflt passed in. Please check the argument.
    When attempting to connect from Financial Reporting Studio or Workspace we get an error stating:
    "You are not authorized to use this functionality. Contact your administrator."
    We are running WebLogic 8.1 service pack 4 on Windows Enterprise server 2003 sp1.
    If anyone has seen or worked through this error, please respond.

    Got resolution on the error. Look for css-9_3_1.dll in HYPERION_HOME\common\css\9.3.1\bin on the server where Financial Reporting is installed. This dll enables FR to communicate with NTLM. Oracle support stated that "This dll is not included in the PATH by default because nobody uses NTLM anymore." When I asked them why it was not documented despite the fact that NTLM continues to be listed prominently as a supported authentication repository, they had no reply. Watch for this one to bite you!!!

  • Essbase login failed & Cluster not available in Shared Services

    Hi,
    I have installed & configured the EPM 11.1.2.2 in compact deployment mode i.e. deployed to Embedded weblogic server. Shared Services, Essbase, Planning & Reporting are installed successfully.
    I am able to login to Shared Services, Workspace & EAS console with my admin account. But I am unable to login to Essbase from EAS console, MAXL & ESSCMD.
    When I am logging with MAXL or EAS console, I am getting login failed error.
    Even EssbaseCluster-1 is not available under Application Groups in Shared Services. Only Reporting & Foundation are there.
    Please help me what went wrong.
    Thanks,
    Naveen
    Edited by: Naveen Suram on Nov 6, 2012 3:25 AM

    SharedServices_Security_Client.log
    2012-11-06T14:40:41.071+05:30] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20001] [oracle.EPMCSS.CSS] [tid: 10] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.registry.RegistryManager] [SRC_METHOD: RegistryManager] Successfully initialized EPM System Registry access. This is a status messages. No action required.
    [2012-11-06T14:40:41.180+05:30] [EPMCSS] [NOTIFICATION:16] [EPMCSS-20002] [oracle.EPMCSS.CSS] [tid: 10] [ecid: disabled,0] [SRC_CLASS: com.hyperion.css.EPMSystem] [SRC_METHOD: getInstance] Initializing Shared Services security instance using EPM System Registry. This is a status messages. No action required.
    Essbase.log
    [Tue Nov 06 14:40:25 2012]Local/ESSBASE0///776/Info(1051283)
    Retrieving License Information Please Wait...
    [Tue Nov 06 14:40:25 2012]Local/ESSBASE0///776/Info(1051286)
    License information retrieved.
    [Tue Nov 06 14:40:25 2012]Local/ESSBASE0///776/Info(1311019)
    Classpath during JVM initialization: [;C:\Oracle\Middleware\EPMSystem11R1\common\jlib\11.1.2.0\epm_j2se.jar;C:\Oracle\Middleware\EPMSystem11R1\products\Essbase\EssbaseServer\java\essbase.jar;C:\Oracle\Middleware\EPMSystem11R1\products\Essbase\EssbaseServer\java\essbaseRegistry.jar]
    [Tue Nov 06 14:40:52 2012]Local/ESSBASE0///776/Info(1051199)
    Single Sign-On Initialization Succeeded !
    [Tue Nov 06 14:40:52 2012]Local/ESSBASE0///776/Info(1056815)
    Essbase 64-bit - Release 11.1.2 (ESB11.1.2.2.100B2166)
    [Tue Nov 06 14:40:52 2012]Local/ESSBASE0///776/Info(1051232)
    Using English_UnitedStates.Latin1@Binary as the Essbase Locale
    [Tue Nov 06 14:40:54 2012]Local/ESSBASE0///776/Info(1056797)
    Incremental security backup started by SYSTEM. The file created is [C:\Oracle\Middleware\user_projects\epmsystem1\EssbaseServer\essbaseserver1\bin\ESSBASETS_1352193054.BAK]
    [Tue Nov 06 14:40:55 2012]Local/ESSBASE0///776/Info(1051134)
    External Authentication Module: [Single Sign-On] enabled
    [Tue Nov 06 14:40:55 2012]Local/ESSBASE0///776/Info(1051051)
    Essbase Server - started
    I am getting the following error in validation report:
    Validating Essbase Server connection to NAVEEN
    Error: Cannot connect to olap service. Cannot connect to Essbase Server. Error:Essbase Error(1051012): User native://DN=cn=911,ou=People,dc=css,dc=hyperion,dc=com?USER does not exist
    Recommended Action: Check Essbase Server is started.

  • Intermittent Workspace/Shared Services issue - 11.1.2.1

    All
    Version 11.1.2.1
    Using Shared Services with Native (1) and MSAD (2) ; IDs are members of Native groups which are provisioned to the application
    We are experiencing an intermittent problem in Workspace where one day we can login without issue, and the next, we are stuck at “Authenticating User..” for a long time before login finally fails with:
    “EPMCSS-00387: Failed to authenticate user xxxxxxx from user directory MSAD. Invalid password. LDAP response read timed out, timeout used: 120000ms..Enter valid credentials.”
    More details shows ”URI: http://.....:19000/workspace/login
    Code: 1000
    Description: An error occurred processing the result from the server”
    Alternately, sometimes login will succeed, but will receive the message:
    “The startup document does not exist in the repository. Select a new startup document in the General preferences tab”.
    We have opened an SR with Oracle but can’t seem to make much progress resolving the issue. Any ideas?

    Hi,
    Did you ever get to the bottom of this? We are on 11.1.2.1 and facing the exact same issue when logging on to HSS or Workspace:
    EPMCSS-00387: Failed to authenticate user sebastien.lejarle from user directory EXWC. Invalid password. LDAP response read timed out, timeout used:120000ms.. Enter valid credentials.
    We cant figure out what s wrong.
    We have applied Oracle's recommended IE 7 and IE8 settings to no avail.
    Thanks again.
    Seb

  • Multiple shared services installs in the same environment?

    In IOP 11.1.2 and beyond, shared services handles user authentication, to take advantage of Active Directory.
    Can you install EPM shared services on 2 nodes in the same environment (failover in case one goes down)?
    Is this possible or recommended?
    Thank you.

    I posted this message also in the Forum: Server & Storage Systems: Administration - General : Installation.
    I'll also double-check the install documentation. A quick google of "EPM Shared Services" and some choice keywords revealed a link to this:
    http://www.oracle.com/technetwork/middleware/bi-foundation/epm-hss-active-active-clusters-wp-1-132647.pdf
    Note that one of the instructions in the active-active-clusters white paper is to install shared services on two nodes, to prevent a single point of failure.
    This location http://www.oracle.com/technetwork/middleware/bi-foundation includes EPM DR instructions.
    Highly recommended reading.
    I apologize to the group for wasting the bandwidth on this question.
    Thank you.

  • Reg: Hyperion Upgradation from 7.1.x to 9.3.x and Shared Services...

    Hi Everybody,
    New to this forum and i want to know about upgrading the essbase from 7.1.x to 9.3.x...As i gone through PDF, it is mentioning as upgrading of 9.3.x from earlier versions prior to release 9.2.x cannot be done directly...Here comes with the migration/upgradation topic wherein... Can we go ahead and install essbase 9.3.x on new box and migrate app's / db's from 7.1.x old box?
    One more thing is like...if we are using External authentication using LDAP in 7.1.x version for security....will it be mandatory to implement shared services separately in system 9 or continue with native security mode without installing shared services...I have only essbase and no other tools implemented...
    Hope u guys understand my queries!...If any body can explain on these two aspects...will be of great help to me...
    Thanks for the help in advance!!

    Hi,
    You will have to migrate the Essbase server from 7.1.2 to 9.3.1
    The steps you will follow are as below: --
    1. Configure Essbase on new environment, 9.3.1 by using the same user as on 7.1.2 [THIS IS AN IMPORTANT STEP, TO MIGRATE SECURITY]
    1. Take data exports of all application/databases in old environment
    2. Take backups of all Essbase objects, including essbase.sec in old environment. Take security file backup after stopping Essbase 7.1.2
    3. Create the applications/databases with same name in new environment 9.3.1
    4. Copy the outlines and open outline in EAS in 9.3.1 and save them again.
    5. Copy all objects, rules, reports, calc for all applications.
    6. Stop essbase, Eas in new environment and copy security file from old environment to new environment Take backup of Essbase.sec on new environment
    7. Start Essbase 9.3.1
    8. Validate all databases using Esscmd "validate" command
    9. Reimport all data and run default calc on all applications.
    10. Now, you have the security in new Essbase server, as in old environment
    11. Externalize the security in EAS.
    Caution: When you migrate to Shared Services, Essbase users and groups are converted to equivalent roles
    in Shared Services. Shared Services creates a superuser with the user ID named “admin,” which
    is read-only. If Essbase contains a user ID named “admin”, that user ID cannot be migrated to
    Shared Services. Before migrating, change the “admin” user ID (for example, from “admin” to
    “asadmin”).
    It is not compulsory to use shared services with Essbase 9.3.1, if you have Essbase only.
    but since it the way to go, you will have to migrate your essbase security to shared services.
    Let me know if it helps, by defining the reply as answered, Helpful or correct.
    Cheers
    RS

Maybe you are looking for

  • Loops in tracks sound muddled

    Hi I have a problem with my loops. They play ok in the browser, but when I move them to a track they sound like they are muffled or under water. Any ideas what could be going on? Are instrument libraries part of the installation? I can't find any doc

  • HT201365 How do I access my inbox for mail? and close apps I am done using?

    I am having trouble getting into my mail inbox and also closing apps I am done using. Today is the 1st day I am using the IOS7 update.

  • Lost all applications after upgrading

    Hi, I've just got a 3GS and was trying to sync with itunes to activate the phone Here's what happened: 1. Did a back up with previous phone (3G) with iTunes. 2. Connect new 3GS with iTunes. 3. Sync/restore new 3GS 4. Update phone firmware to version

  • I lost all my bookmarks, at my clinic, in the process of updating to 3.6. What to do?

    ''Duplicate post, continue here - [/questions/770615]'' I am not sure exactly what happened. Logged onto my computer and was greeted by a menu prompting me to download Firefox, as an alternative to Internet Explorer. I had always used Firefox before

  • Pecalculation with Information Broadcasting

    hi,   I am try to set up this scenario but somewhere i am missing some setting. I need your suggestions.   I have one query on multiprovider which includes 8 cubes. The query takes half an hour to display the results. So, what i have done is i have d