Skip to Content

Open Document Active Directory SSO

Hello everybody,

I'm currently setting up a single sign on with the Active Directory for our BI platform servers and applications. Our Goal is to enable the user to view a dashboard/report in the browser without the necessity to enter some kind of credentials.

After following the set up described in the BI platform administration guide, our users can access the BI Launchpad directly with their active directory user without entering credentials. However, when opening an open document link in the browser (right click on a report/dashboard -> document link), a login form will appear and ask the user for credentials. This login form can only be passed with enterprise credentials, an active directory user won't work. Because of this behavior, I guess that AD SSO in general and for the BI Launchpad application works fine, but something is wrong with the configuration of the Open Document application. Here are some of the configuration files we modified during the SSO setup. global.properties:

sso.enabled=true
siteminder.enabled=false
vintela.enabled=true
idm.realm=[FQDN]
idm.princ=[service-account]
idm.allowUnsecured=true
idm.allowNTLM=false
idm.logger.name=simple
idm.logger.props=error-log.properties

BIlaunchpad.properties

authentication.visible=true
authentication.default=secWinAD

OpenDocument.properties

authentication.default=secWinAD
cms.default=[servername]:6400


*Please note that I replaced some information by placeholders. I checked that the servername, domain name and service-account name are correct.

I also checked the stderr.log and stdout.log of the tomcat but didn't found an entry regarding any errors / this issue.

Can anyone help me here? Thanks in advance and best regards,

Marius

Add a comment
10|10000 characters needed characters exceeded

Related questions

2 Answers

  • Best Answer
    Posted on Apr 25, 2016 at 03:27 PM

    Hi Marius,

    I had this issue earlier when I setup Windows AD SSO (with Kerberos) for BO 4.1 SP7 in one of our Envs. It's a simple fix, you'll have to update the port number in Opendocument link (in CMC) from 6405 to 8080 as the SSO is setup to work with port 8080.

    Assuming you've the SSO working with some kind of authentication. Now, to fix the issue, logon to CMC -> go to Applications -> Right click on Open Document -> Processing Settings -> update the port number in the link to 8080 (by default it will be 6405), and click Save & Close. Voila, you're done.

    FYI: This is the discussion I created when I had this issue.

    Please let us know if its fixed.

    Thanks,

    Mahboob Mohammed

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Apr 25, 2016 at 01:28 PM

    Hi,

    can you confirm that you configured the correct OpenDocument.properties file? Not only in the warfiles folder but also in the webapps folder within the tomcat directory?!

    Regards

    -Seb.

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.