Skip to Content

AD Authentication for BusinessObjects running in the HEC

Hi,

one of our customers operates his SAP systems incl. BI 4.2 (Linux) in the HANA Enterprise Cloud. Now he likes to implement manual AD authentication (WinAD) to LaunchPad and SSO to BW/DB based on STS and Assertion Tickets. I have done this setup several times, however not for systems running in HEC. Especially I am concerned about how to connect to the customers on premise AD from BI4 HEC system. In my understanding, HEC is to be considered as private cloud and should act as if inside firewall

Has anyone experiences with that, would be great to learn if there are any restrictions to consider for that scenario? Thanks!

Add a comment
10|10000 characters needed characters exceeded

Related questions

3 Answers

  • Best Answer
    Posted on Jul 10, 2017 at 12:18 PM

    KBA 1965433 has a work around for manual AD and AD SSO using the LDAP plugin and trusted authentication. The AD is limited in this scenario but generally good enough for most customer needs. If you need AD SSO to client tools (aoffice, qaaws, cr4e) or multi domain/forest support then you would need HEC to provide an exception to run BI on windows (I'm not sure this will be allowed but is currently the only way for BI to provide this functionality)

    Regards,

    Tim

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jul 10, 2017 at 12:28 PM

    Thanks Tim, I just stumbled across this note this morning ;) Will try it out!

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Oct 23, 2019 at 10:34 AM

    If you review the KBA https://apps.support.sap.com/sap/support/knowledge/preview/en/1965433 , everything can simply be done in a relatively short amount of time (hour+). However the larger amounts of time will be on choosing a DC, opening the firewall, getting approvals, etc. This would probably to be part of whatever contract was in place.

    -Tim

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.