Hi all, We ran into a number of issues with LDAP configuration for Analytics 2.5 with BusinessObjects XI Release 3 and I thought I would post the resolutions in case anyone else runs into similar problems. I hope it helps :-)
Regards, Shawn Rosenberry RSP RAC Initial ConfigurationQuestions arose around sections of the install process as noted below. *Number 6 on page 117* of the Business Objects Administration guide states "In the Base LDAP Distinguished Name field, type the distinguished name (for example, 0=SomeBase) for your LDAP server, and then click Next. While this may make sense to an LDAP expert, it was confusing to us as to exactly what they were looking for. My best guess was that it was looking for the LDAP "structure" where it will be searching. This turned out to be correct. We used the same structure we used under User Base in the AR System AREA LDAP Configuration. An example would be OU=Accounts,OU=AD,DC=OPDiv,DC=Company. *Number 7 on page 177* of the Business objects Administration guide states "In the LDAP Server Credentials area, specify the distinguished name and password for a user account that has read access to the directory." In reading this you would think that it would be similar to the Bind User of the AR System AREA LDAP Configuration. In a sense you would be right; however if you just put in username or company\username it will not work. In order to complete this step you must put in the complete pathway to the user account that you will use for LDAP verification. For example, cn=myaccount,OU=Accounts,OU=AD,DC=OPDiv,DC=Company. This isn't documented anywhere that I could find and it took many discussions and hours of research before I found an answer on the web. Once we worked out those two configuration items, we were finally able to successfully complete the initial LDAP configuration. We didn't do SSL at this point as we were not ready to proceed with SSL configuration. Configuring InfoView Once we had completed the LDAP connection and were able to import users we discovered another problem. The default configurations for InfoView require Enterprise authentication and the "Authentication" field does not display so users are unable to select the type of authentication they wish to use. Though I was able to find where the default configurations are stated, I was not able to easily find instructions in the documentation as to how to change them. They do exist, to and extent, in the section entitled "LDAP and SiteMinder Workflow"; however, unless you are looking explicitly for SiteMinder and Single Sign On processes, it is easy to overlook them. In order to make the Authentication field visible you must do the following: 1. Go to C:\Program Files\Business Objects\Tomcat55\webapps\InfoViewApp\WEB-INF (or your application install directory) and open up the web.xml file in Notepad. 2. Locate the following line "<param-name>authentication.visible</param-name>" 3. Underneath it change "<param-value>false</param-value>" to "<param-value>true</param-value>" If you want to make LDAP the default authentication process you can do the following: 1. In the web.xml file locate the following line "<param-name>authentication.default</param-name>" 2. Underneath it change "<param-value>secEnterprise</param-value>" to "<param-value>secLDAP</param-value>" After making your changes to the web.xml file restart Apache Tomcat Service. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor:rmisoluti...@verizon.net ARSlist: "Where the Answers Are"