on 03-09-2016 2:49 PM
Hello everyone,
I've already setup Windows AD SSO for BO 4.1 SP7 and it works perfectly fine, users get logged in when they access BI LaunchPad link. Now, we've a Webi report's Document Link in an internal website, so when a user clicks on it, they're getting directed to OpenDocument page where they need to enter their credentials. What do I need to do to setup the SSO for this OpenDocument page as well?
Thanks,
Mahboob Mohammed
Hello,
Check please to the following kbas, think this can helps you:
http://service.sap.com/sap/support/notes/ 2289077
http://service.sap.com/sap/support/notes/1732613
Regards,
Asma
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Do you have a Global file in the custom folder? If so, is there something in there. I think open document should override the Global file however. You probably already checked but have to ask.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Mohamad,
We are still not on 4.1 ( which we will be in a few days) but on 3.1 we had to modify the contents of web.xml under \Install Directory\Tomcat7\webapps\OpenDocument\Web-Inf to get this to work.
I am assuming there would be something similar in 4.1 too.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
4.1 is different. Instead of changing web.xml, there are a set of properties files in webapps\BOE\WEB-INF\config folder that have to be updated. The files in the "Default" sub-folder do NOT get changed. Instead, you create new ones with the same names in the "Custom" folder to set any of the properties that you want to override, such as configuring for AD Authentication and SSO.
-Dell
In the webapps\BOE\WEB-INF\config\custom folder under your Tomcat installation, make a copy of BILaunchpad.properties that has the SSO configuration in it and call it OpenDocument.properties. Copy the file to the appropriate folder under warfiles as well. Stop Tomcat and restart it for the new properties to take effect.
-Dell
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the response Christy. Before posting this question, I already had OpenDocument.properties file created under Tomcat\webapps\BOE\WEB-INF\config\custom folder and it didn't work. After seeing your response, I copied that file to appropriate location under warfiles as well, restarted Tomcat, and it still doesn't work. Any thoughts?
FYI: I've followed Josh's blog to setup the SSO, except subtle different in 2 steps. I'm running the Tomcat as well Service account's credentials (when compared to Step 5 in his blog), and I have the service account's password hard coded in Tomcat Configurations -> Java Options because the ktpass command to create a keytab is failing (when compared to Step 11 in his blog, ktpass worked for him).
Also, I see few people adding 'sso.types.and.order=trustedVintela' line in BILaunchPad.properties file, I don't know what that is about. SSO in my case works fine even without that line.
Thanks,
Mahboob Mohammed
You should have copies of all of your custom .properties files under the appropriate folder in Warfiles - that's how you make sure they don't get overwritten when running wdeploy or installing a service pack or patch to your system.
Please post the contents of your OpenDocument.properties file.
Thanks!
-Dell
Hi Jawahar,
I did as you said, stopped Tomcat, deleted localhost folder under Tomcat\work\catalina\ and restarted Tomcat. Now, when I go to CMC or BI LaunchPad pages, it just says "Waiting for <servername>". The page hasn't opened even once after I did that change. Did I miss/mess something?
Update:
I see the CMC login page when I go to its link and also, got logged on to BI LaunchPad directly when accessing its link.
But, the Open Document still doesn't work. I got the Document Link of one of the reports, logged out of BI LaunchPad and now when I paste that link in Browser and Enter, I get the Open Document login page (doesn't get logged on automatically) and even if I enter my Windows AD credentials, it doesn't get logged on.
Any thoughts?
Thanks,
Mahboob Mohammed
I tired making the changes as you said and in this KBA 1732613. I've the idm.realm and idm.princ name in Upper case and it still doesn't work. The other line I added to the BILaunchPad and OpenDocument.properties file is cms.default=@CLUSTERNAME.
The SSO for OpenDocument still doesn't work, I get the login page, and it doesn't work even if I enter my Windows AD credentials. It gives me an error as below, even if I try to login with username @FQDN.
Account information not recognized: Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006)
Any thoughts?
Thanks,
Mahboob Mohammed
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.