on 11-19-2013 8:07 AM
BODS 4.1 Sp02 .
IPS 4.0 with Sp04
We have Windows AD with SSO set on IPS level, Windows AD works fine in Designer and in CMC. My question is: is there a way how to use Windows Active directory group for Central repository authorisation? At the moment I add all users manually there and it seems unsupported that BODS automatically takes all users from AD.
What do i mean. I have ad group domain\group and I want all users from that group to be authorized to work with central repository. manual add\remove works fine, but what about automatical inheritance ?
Hi Mister,
Yes, It was possible but in that case all user is having the rights to move the content from Local repository to Secure Central Repository.
For E.G: Here i have 6 user that are attached in One Group.
Add all user to Central Repository Group (Create or Add in Administrator Group).
Then login in SAP Business Objects Data Services Management console and add all User in one Group and save it.
Now all users (User 1,User 2,User 3,User 4,User 5,User 6) are having rights to move the Objects (project , Work Flow, Dataflow,...) to Secure Central Repository.
And also add the specific secure central repository to local repository for moving the content from local to secure central repository.
Thanks,
Daya
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for your response.
My idea was to implement full synchronization between Windows AD group and Central repository, when user is added to domain\group on AD level, then it automatically is added to Central repository group. it works fine in BOE 4.0 and in IPS, but at the moment it seems that this type if syncronization is missing for Central repository.
lets assue you have a group in windows AD. (SAP_BODS_Users) that contains "N" number of user.So when any user add in that group it will populate in your CMC.
But that group needs to be added in local and secure central repository, this activity you have to do it manaually first time after that it will synchronise.
Thanks,
Daya
You mean that i need to go to http://BODSSERVER:8080/DataServices/admin.jsp and add exactly the same group to Central repository->users and groups and it will populate authomatically all the users from it?
I can use Windows AD for authorization in http://BODSSERVER:8080/DataServices/admin.jsp and I see all users from Windows AD in there, but i do not see groups, when I try to add them manually then nothing happens, because for me it seems that connection does not exists on group level... or I'm doing smth wrong
Hello
Extreme sorry for the delay. Group itself is visible in CMC and BODS can be used in SSO mode, in BODS admin mode when i click on Central repository i see only users from the group, not the group itself.
Windows AD group has enough rights, for example - i use Administrator user to login in BODS admin console, admin as far as I know have all rights included, except few
User | Count |
---|---|
87 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.