Peak Indicators - Oracle BI EE Installation

Peak Indicators Limited
92 Malthouse Lane Ashover Derbyshire S45 0BU England
Helping Your Business Intelligence Journey
+44 7811 453781
Oracle BI Enterprise Edition With Single-Sign-On
Installation and Configuration Guide
Antony Heljula Technical Architect 27th May 2009
Page 1
www.peakindicators.com enquiries@peakindicators.com
TABLE OF CONTENTS
About The Installation ...................................................................................................................................... 4 Pre-Requisites .................................................................................................................................................. 5 Create OS User Account ............................................................................................................................... 5 Install Oracle Database Client ........................................................................................................................... 6 Install Oracle Application Server ....................................................................................................................... 7 Install Oracle Identity Management................................................................................................................ 12 Running The Installer.................................................................................................................................. 12 Configure Shell Script ................................................................................................................................. 18 Start up Oracle Identity Management......................................................................................................... 18 Install Oracle BI Enterprise Edition (CLIENT) .................................................................................................... 19 Install Java Development Kit (JDK) .............................................................................................................. 19 Download and Extract Oracle BI EE Software (for Windows) ....................................................................... 19 Running The Installer.................................................................................................................................. 19 Install Oracle BI Enterprise Edition (SERVER) ................................................................................................... 22 Create Installation Folders for Oracle BI EE ................................................................................................. 22 Create BIEE Schema on Data-Warehouse.................................................................................................... 22 Install Java Development Kit (JDK) .............................................................................................................. 23 Download and Extract Oracle BI EE Software (for Linux).............................................................................. 23 Configure Operating System Limits ............................................................................................................. 23 Run UnixChk.sh Script ................................................................................................................................ 24 Running The Installer.................................................................................................................................. 24 Configure Shell Scripts ................................................................................................................................ 27 Configure BI Delivers Scheduler .................................................................................................................. 28 Create BI Delivers Scheduler and Usage Tracking tables ....................................................................... 29 Enable Usage Tracking................................................................................................................................ 30 Configure Credential Store ......................................................................................................................... 31 Configure BI Repository (RPD) .................................................................................................................... 32 Configure Presentation Catalogue .............................................................................................................. 32
Page 2 www.peakindicators.com enquiries@peakindicators.com
Start Up Oracle AS and BI EE Processes ....................................................................................................... 33 Configure BI Publisher ................................................................................................................................ 34 Configure Security For Oracle OID and Oracle SSO (OPTIONAL) ....................................................................... 35 Configure BI Repository (RPD) For LDAP Authentication.............................................................................. 35 Enable Authorization With Oracle Internet Directory .................................................................................. 37 Register Oracle BI EE As A Partner Application ............................................................................................ 40 Configure HTTP Server................................................................................................................................ 41 Create Impersonator User In BI Repository ................................................................................................. 43 Configure Credential Store for Impersonator User ...................................................................................... 43 Configure Presentation Services ................................................................................................................. 44 Configure BI Publisher for /analyticsSOAP................................................................................................... 45 Deploy /analyticsSOAP and Re-start BI Publisher ........................................................................................ 46 Restart HTTP and Presentation Services...................................................................................................... 49 Configure Security For Active Directory (OPTIONAL) ....................................................................................... 50 Enable Authentication With Active Directory .............................................................................................. 50 Enable Authorization With Active Directory ................................................................................................ 53
Page 3
ABOUT THE INSTALLATION

This document details the installation of Oracle BI Enterprise Edition 10.1.3.4 configured for Single-Sign-On with the Oracle Identity Management suite. The following server build is required: Red-Hat Linux 4 32-bit
It is assumed that a Data-Warehouse (DW) database is already available and populated in advance of this installation procedure. Before the actual Oracle BI Enterprise Edition install begins, this document will first guide you through the process of installing an Oracle Application Server that will host the Oracle BI EE web components (shown below as Analytics, BI Publisher and BI Office). These Oracle BI EE web components will be deployed automatically to the Oracle Application Server as part of the Oracle BI Enterprise Edition install process. Oracle Database Client software will also be required so that the BI Server can source data from the DataWarehouse via SQL*Net. There is an optional section in this guide detailing how to configure Oracle BI EE to authenticate and authorize using Oracle Single-Sign-On (OSSO) and Oracle Internet Directory (OID). The installer for the Oracle Identity Management (OIM) suite will actually install all the necessary OIM components shown on the left-hand side in the diagram below (including an Oracle Application Server and Oracle Internet Directory (OID) database repository). OIM can be installed on a different server is necessary. Another optional section exists for configuring Oracle BI EE to authenticate and authorize against Active Directory. This section however does not cater for Single-Sign-On.
Page 4
PRE-REQUISITES CREATE OS USER ACCOUNT

In order to perform the installation, create a new account on the Linux server called, for example, orabiee. Configure this new user account to be a member of the dba group.
Page 5
INSTALL ORACLE DATABASE CLIENT

Install the Oracle Database Client version 10.2 on the Linux server. Example install location: /vol1/oracle/product/10.2 NOTE: The above folder will from now on be referred to as [ORA HOME] You only need to choose the Runtime installation type. After the install is complete, configure the tnsnames.ora file with the connection to the Data-Warehouse.
Page 6
INSTALL ORACLE APPLICATION SERVER

Install Oracle Application Server 10.1.3.x on the Linux server. The software can be downloaded from Oracle Technology Network: http://download.oracle.com/otn/linux/ias/101310/soa_linux_x86_101310_disk1.cpio NOTE: This is the Oracle SOA Suite application download Copy the downloaded file to the Linux machine and extract the contents using the following command: cpio -idvm < soa_linux_x86_101310_disk1.cpio Start the installation process by running the runInstaller utility. ./runInstaller When the installation window appears, you should specify the following parameters: Installation Directory : /vol1/oracle/product/ias (as an example)
NOTE: This folder will from now on be referred to as [IAS HOME] Installation Type : Advanced Install
Click Next and then click Yes to accept the subsequent warning.
Choose the J2EE Server and Web Server installation option:
Page 7
Confirm all OS checks are passed:
On the next screen, choose the option for Automatic Port Configuration:
Page 8
On the Administration Settings screen, set the following parameters: Instance Name AS Administrator Password : : iAS [OC4J password] (as an example)
Enable the option Configure this as an Administration OC4J instance OC4J Instance Name : home (this value must be set to home)
Ignore Cluster Topology options, just click Next:
Page 9
Now start the install process:
During the install you will need to run a root.sh script as the root user:
Page 10
The Configuration Assistant will then run..
The installation will then complete:
URL for Application Server Control : http://[server]:7777/em
Page 11
INSTALL ORACLE IDENTITY MANAGEMENT RUNNING THE INSTALLER

The Oracle Identity Management 10.1.4.0.1 software can be downloaded from Oracle Technology Network (you will need to download both these files): http://download.oracle.com/otn/linux/ias/101401/as_linux_x86_oim_oif_101401_disk1.cpio http://download.oracle.com/otn/linux/ias/101401/as_linux_x86_oim_oif_101401_disk2.cpio
Copy the downloaded files to the Linux machine and extract the contents using the following command: cpio -idvm < as_linux_x86_oim_oif_101401_disk1.cpio cpio -idvm < as_linux_x86_oim_oif_101401_disk2.cpio
Start the installation process by running the runInstaller utility. ./runInstaller When the installation window appears, you should specify the following parameters: Name Path : : oim /vol1/oracle/product/oim (as an example) (as an example)
NOTE: This folder will from now on be referred to as [OIM HOME]
Page 12
Choose to install the product Oracle Application Server Infrastructure 10g:
Then choose the installation type Identity Management and Metadata Repository (4.01 GB):
Confirm all OS checks are passed:
Page 13
Confirm that you have root privileges on the Linux machine:
Accept the default configuration options:
Choose automatic port configuration:
Page 14
Accept the default suggested namespace setting:
Specify the following Database Configuration Options for the Oracle Internet Directory (OID) database repository: Global Database Name SID Database File Location : : : oid.localdomain oid [OIM HOME]/oradata (example) (example)
For the database passwords, use the same password for all accounts and specify an appropriate password:
Page 15
Next, enter the instance name and ias_admin (administrator) password for the Oracle Identity Management suite: Instance Name Ias_admin Password Confirm Password : : : oim [password] [password] (example)
Click Install to finally start the installation process:
Page 16
If you see the following error during installation then just click Continue to ignore it:
During the install process you will asked to log on as the root user and run a script called root.sh:
Finally, a number of configuration assistants will run, these must all complete successfully (they may take some time to run):
Page 17
CONFIGURE SHELL SCRIPT

Log on to the Linux machine as the orabiee user. In the orabiee home directory, create a new script called startoid.sh: # set OIM Client Environment Variables export ORACLE_HOME=[OIM HOME] export TNS_ADMIN=$ORACLE_HOME/network/admin export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib # Start up Oracle Internet Directory database repository and listener $ORACLE_HOME/bin/dbstart $ORACLE_HOME/bin/lsnrctl start # Start OIM Application Server $ORACLE_HOME/opmn/bin/opmnctl start
START UP ORACLE IDENTITY MANAGEMENT

Log on to the Linux machine as the orabiee user. Open up a Terminal window and execute the following command: . startoid.sh
Page 18
INSTALL ORACLE BI ENTERPRISE EDITION (CLIENT) INSTALL JAVA DEVELOPMENT KIT (JDK)
Download the latest Java SE Development Kit (JDK) for Windows from the following web-site: http://java.sun.com/javase/downloads/index.jsp The file you need to download will be something like this:
Downloaded file to your Windows workstation, execute it and then follow the instructions to complete the install.
DOWNLOAD AND EXTRACT ORACLE BI EE SOFTWARE (FOR WINDOWS)

You can download the Oracle BI EE software for Windows from the following location on Oracle Technology Network: http://download.oracle.com/otn/nt/ias/101341/biee_windows_x86_101341.zip Once downloaded, extract the zip file.
RUNNING THE INSTALLER

Start the installation process by executing the following file within the extracted software folder: .....\Windows\Server\Oracle Business Intelligence\setup.exe
Click Next when you arrive at the first screen showing an important message:
Page 19
Specify the following parameters: Installation Location Data Location Installation Type : : : C:\Oracle\OracleBI C:\Oracle\OracleBIData Basic
On the next screen, choose the setup type Oracle Business Intelligence Client Tools:
Then locate the path of your JDK:
Choose English as the chosen language:
Page 20
Now you can start the install process:
Page 21
INSTALL ORACLE BI ENTERPRISE EDITION (SERVER) CREATE INSTALLATION FOLDERS FOR ORACLE BI EE
Create a new base directory on the Linux server for the Oracle BI EE install. For example: mkdir /vol1/oracle/product/biee NOTE: The above folder path will from now on be referred to as [BI HOME] Then create two sub-folders for the OracleBI and OracleBIData locations that need to be specified during the installation process: mkdir [BI HOME]/OracleBI mkdir [BI HOME]/OracleBIData Set the appropriate ownership permissions for the orabiee user account: chown orabiee:dba [BI HOME]/biee chown orabiee:dba [BI HOME]/OracleBI chown orabiee:dba [BI HOME]/OracleBIData
CREATE BIEE SCHEMA ON DATA-WAREHOUSE

On the Data-Warehouse, create a new BIEE schema for storing the following database objects: Oracle BI Delivers Scheduler tables Oracle BI Usage Tracking tables Oracle BI Publisher Scheduler tables
You can do this by logging on via SQL*Plus as a SYSTEM user and running the following commands: create user biee identified by [password] default tablespace [tablespace] quota unlimited on [tablespace]; grant create session, create table, create procedure, create sequence, create view, create trigger to biee;
Page 22
INSTALL JAVA DEVELOPMENT KIT (JDK)

Download the latest Java SE Development Kit (JDK) for Linux software from the following web-site: http://java.sun.com/javase/downloads/index.jsp The file you need to download will have a -rpm.bin suffix and be something like this:
Copy the downloaded file to the Linux server and make sure its permissions will allow it to be executed. For example: chmod +x jdk-6u13-linux-i586-rpm.bin Install the JDK by executing the file as the root user from the shell command line. ./jdk-6u13-linux-i586-rpm.bin Make sure the Linux machine is defaulted to use this new Java location: ln -sf /usr/java/latest/bin/java /usr/bin/java
DOWNLOAD AND EXTRACT ORACLE BI EE SOFTWARE (FOR LINUX)

You can download the Oracle BI EE software from the following location on Oracle Technology Network: http://download.oracle.com/otn/linux/ias/101341/biee_linux_x86_redhat_101341.zip Once downloaded, extract the contents of the zip file and upload the resultant .tar file to the Linux machine. You can extract the .tar file using the following Linux system command: tar xvf biee_linux_x86_redhat_101341_lof1.tar
CONFIGURE OPERATING SYSTEM LIMITS

As the root user, configure certain OS limits by modifying the file /etc/security/limits.conf and adding the following lines: orabiee soft nofile 10240 orabiee hard nofile 10240 orabiee soft mproc 2047 orabiee hard mproc 16384
Page 23
RUN UNIXCHK.SH SCRIPT

As the orabiee user on the Linux machine, change directory to the software install location for Oracle BI EE. For example: cd /home/orabiee/RH_Linux/Server/Oracle_Business_Intelligence
Then run the UnixChk.sh script to check for all pre-requisites prior to installation (you need to specify the Oracle BI base location as a parameter): ./UnixChk.sh [BI HOME] If successful, you should see the following output:
RUNNING THE INSTALLER

As the orabiee user, change directory to the Oracle BI EE installation software folder. For example: cd /home/orabiee/RH_Linux/Server/Oracle_Business_Intelligence Then run the following commands to start the installer: export DISPLAY=[ip address]:0.0 ./setup.sh Click Next to ignore the opening message:
Page 24
Specify the following parameters: Installation Location Data Location Installation Type : : : [BI HOME]/OracleBI [BI HOME]/OracleBIData Advanced
On the next screen, choose the Complete setup type:
You will then need to specify the details for the Oracle Application Server instance. Oracle Application Server Location : Administrator Username Administrator Password : : [IAS HOME] oc4jadmin [OC4J password]
Page 25
Choose English as the chosen language:
Now you can start the install process:
Simply exit the installer when the process has completed:
Page 26
CONFIGURE SHELL SCRIPTS

Log on to the Linux machine as the orabiee user. Open up the .bash_profile script for editing. Add the following lines (checking the paths in red are correct): # set Oracle DB Client Environment Variables export ORACLE_HOME=[ORA HOME] export TNS_ADMIN=$ORACLE_HOME/network/admin export LD_LIBRARY_PATH=[IAS HOME]/lib:$ORACLE_HOME/lib:/lib:/usr/lib # Configure PATH to include binaries for Oracle DB Client, Oracle BI EE and Oracle AS PATH=$PATH:$ORACLE_HOME/bin:$HOME/bin:[IAS HOME]/opmn/bin:. export PATH # Run the provided script for setting up other the Oracle BI EE environment variables . [BI HOME]/OracleBI/setup/sa-init.sh
In the orabiee home directory, create a new script called startbiee.sh: # Start Oracle Application Server for BI EE [IAS HOME]/opmn/bin/opmnctl start # Start Oracle BI Server run-sa.sh start # Start Oracle BI Presentation Services run-saw.sh start # Start Oracle BI Scheduler run-sch.sh start
Page 27
CONFIGURE BI DELIVERS SCHEDULER

Open up a new session as the orabiee user on the Linux machine (open a new session to make sure all the environment variables get set correctly). Configure the BI Delivers scheduler by running the following command: schconfig
Then configure the scheduler by specify the following menu options and parameters: 1 Configure Scheduler 1 Database 3 Data Source Name 4 User Name 5 Password 0 Quit Y to save changes : : : TNS Connect string to Data Warehouse e.g. biee421dev biee [biee password]
2 General 11 Administrator Password 0 Quit Y to save changes 0 - Quit 2 Configure Mail 1 General 2 Sender Address 3 SMTP Server 0 Quit Y to save changes 0 - Quit 0 - Quit : : noreply@noreply.com your.smtp.mail.server : Administrator
Page 28
CREATE BI DELIVERS SCHEDULER AND USAGE TRACKING TABLES

As the orabiee user on the Linux machine, change directory to the BI EE Schema location: cd [BI HOME]/OracleBI/server/Schema
The create the Scheduler and Usage Tracking tables on the Data-Warehouse biee schema using SQL*Plus: sqlplus biee/[password]@[dw] @SAJOBS.Oracle.sql @SAACCT.Oracle.sql exit
There are two Time dimension tables that also need to be imported into the biee schema (used for Usage Tracking reporting): S_ETL_DAY S_ETL_TIME_DAY To do this, uncompress the usage.zip file thas provided along with this installation guide. Import the resultant usage.dmp file into the biee schema: Imp biee/[bieepw]@[dw] file=usage.dmp full=y
Page 29
ENABLE USAGE TRACKING

A dedicated Connection Pool should exist in the Physical Layer of the BI Repository (RPD) that allows write access to the Usage Tracking table (S_NQ_ACCT) on the BIEE schema:
Open up the following configuration file for editing: [BI HOME]/OracleBI/server/Config/NQSConfig.ini Modify the following parameters: [ USAGE_TRACKING ] ENABLE = YES; DIRECT_INSERT = YES; PHYSICAL_TABLE_NAME = "Oracle BI EE"."BIEE"."S_NQ_ACCT"; CONNECTION_POOL = "Oracle BI EE"."Oracle BI EE Writer Connection Pool";
Save the file and exit.
NOTE: The text in red reflects the BI Repository configuration shown in the above diagram. You should configure these parameters to be in line with your own custom BI Repository file.
Page 30
CONFIGURE CREDENTIAL STORE

The Credential Store is used to hold certain user credentials so that it is possible for external applications to integrate with Oracle BI EE. We need to configure this Credential Store for the BI Delivers and BI Publisher. Log on as orabiee to the Linux machine and run the following 2 commands (checking the Path and Administrator password in red are correct):
cryptotools credstore add encr username Administrator password Administrator alias admin passphrase password writePassphrase Y batch InFile [BI HOME]/OracleBIData/web/config/credentialstore.xml cryptotools credstore add encr username Administrator password Administrator alias bipublisheradmin passphrase password writePassphrase Y batch InFile [BI HOME]/OracleBIData/web/config/credentialstore.xml
Page 31
CONFIGURE BI REPOSITORY (RPD)

Copy your custom BI Repository (RPD) file to the following location on the Linux machine: [BI HOME]/OracleBI/server/Repository
Open up the following configuration file for editing: [BI HOME]/OracleBI/server/Config/NQSconfig.ini
Configure the following parameter within the config file so that it corresponds to your custom BI Repository (RPD) file name: [ REPOSITORY ] Star = samplesales.rpd, DEFAULT;
CONFIGURE PRESENTATION CATALOGUE

Copy your custom BI Presentation Catalogue folder structure to the following location on the Linux machine: [BI HOME]/OracleBIData/web/catalog
Open up the following configuration file for editing: [BI HOME]/OracleBIData/web/config/instanceconfig.xml
Configure the following parameter within the config file so that it corresponds to your custom BI Presentation Catalogue path: <CatalogPath[BI HOME]/OracleBIData/web/catalog/samplesales</CatalogPath>
Page 32
START UP ORACLE AS AND BI EE PROCESSES

As the orabiee user on the Linx machine, initiate the following command to start up the Oracle Application Server and BI EE processes: . $HOME/startbiee.sh
Wait a few moments.....then try logging on to the BI Dashboards: http://[host]:7777/analytics
Use the following credentials to log in: Username Password : : Administrator Administrator
Page 33
CONFIGURE BI PUBLISHER
Log on to the BI Dashboards: http://[host]:7777/analytics (Administrator / Administrator)
At the top-right, choose the menu option: More Products BI Publisher will now open up.
BI Publisher
Click on the Admin tab and choose Scheduler Configuration. Specify the following parameters: Connection String Username Password : jdbc:oracle:thin:@devsrv02:1521:bidev421 : biee : [biee password] (example host:port:sid)
Click Test Connection:
Click Install Schema:
Page 34
CONFIGURE SECURITY FOR ORACLE OID AND ORACLE SSO (OPTIONAL) CONFIGURE BI REPOSITORY (RPD) FOR LDAP AUTHENTICATION
The Development team should have configured the BI Repository (RPD) file for LDAP Authentication. You should however configure the RPD file to authenticate against the appropriate LDAP server (in our case, this will be Oracle Internet Directory). Open up the BI Administration tool via the Start menu: Start Oracle Business Intelligence Administration
Click on the icon to open up your BI Repository in on-line mode (NOTE: If you dont see a connection listed for your BI Server then you need to create one via Administrative Tools ODBC Data Sources):
Once you have connected to your BI Repository, choose the following menu option: Manage Security
Click on LDAP Servers, you should see a list of possible LDAP Servers on the right-hand side:
Page 35
Double-click on the LDAP Server to edit its properties. Modify the following parameters: Host Name Port Base DN : : : Host for your Oracle Identity Management suite Port for Oracle Internet Directory (typically 389) The Base location for the User location within OID
Use the Test Connection button to confirm OID connectivity can successfully be established. Click OK to accept the changes. Save the RPD by choosing the menu option File and/or to check global consistency) Save (choose Yes if prompted to check in changes
Page 36
ENABLE AUTHORIZATION WITH ORACLE INTERNET DIRECTORY

Oracle BI EE cannot actually integrate directly with LDAP / Oracle Internet Directory to automatically obtain the groups associated to a user. We will actually create a database PL/SQL Function that utilises the DBMS_LDAP package to perform the OID lookup process. A new Initialization Block within the BI Repository will then be created to call this PL/SQL Function and assign the results to the GROUP session variable. There are two steps to this task: 1) Create GETLDAPGROUPS PL/SQL Function Open up the supplied OID_Authorization.sql file for editing. At the top, modify the top 4 parameters to suit your implementation: l_ldap_host l_ldap_port l_ldap_base For example: -- Adjust as necessary. l_ldap_host VARCHAR2(256) := 'peakdin1.localdomain'; l_ldap_port VARCHAR2(256) := '13060'; l_ldap_base VARCHAR2(256) := ' cn=Groups,dc=localdomain,dc=com'; Save the file. Log on to the Data-Warehouse as the biee user and then execute the AD_Authorization.sql file to create the PL/SQL Function: sqlplus biee/[biee pw]@[dw] @OID_Authorization.sql : : : [LDAP hostname] [LDAP port] [The DN location within OID where the GROUPS are stored]
Page 37
2) Create Authorization Initialization Block Open up the BI Repository and choose the menu option Manage Variables. Initialization Blocks:
On the left-hand side of the Variable Manager window, click on Session
Then on the right-hand side, right-mouse click and choose New Initialization Block:
A new window should appear for the new Initialization Block. Specify the following parameters: Name : Authorization
Click on the Edit Data Source button and configure as follows: Data Source Type Default Init String Connection Pool : : : Database SELECT GETLDAPGROUPS(LOWER(':USER')) FROM DUAL [Any connection pool with access to the BI EE schema]
Page 38
Click on OK to go back to the main Initialization Block edit window and click on the Edit Data Target button. Specify Row-wise initialization (BUT DO NOT ENABLE THE Use Caching OPTION):
Click on OK, then click the Edit Execution Precedence button. Click Add and the choose the Authentication Initialization Block:
Click on OK and then OK again to exit the Initialization Block edit window. Save the Repository (<CTRL> + S).
Page 39
REGISTER ORACLE BI EE AS A PARTNER APPLICATION

Oracle BI EE needs to be registered as a Partner Application on the SSO Server. The command-line has the following syntax: ssoreg.sh -oracle_home_path [Oracle SSO Home] -site_name [HTTP Server : Port] -config_mod_osso TRUE -mod_osso_url [http://HTTP Server : Port] -config_file [Location of generated .conf file]
Open up a Terminal session on the Linux machine hosting the Oracle Identity Management suite. Enter the following commands: cd [OIM HOME]/sso/bin ./ssoreg.sh -oracle_home_path [OIM HOME] -site_name [BI HOST]:[BI PORT] -config_mod_osso TRUE -mod_osso_url http://[BI HOST]:[BI PORT] -config_file [OIM HOME]/Apache/Apache/conf/osso/biosso.conf NOTES: [BI HOST] is the Linux machine hosting Oracle BI EE [BI PORT] is the HTTP port on which Oracle BI EE is running (typically 7777)
After approximately 30 seconds you should see the following success message: SSO registration tool finished successfully The process will generate a configuration file called biosso.conf, this file will be needed later on in the SSO configuration process.
Page 40
CONFIGURE HTTP SERVER

1) Copy biosso File The biosso.conf file generated in the previous section needs to be copied from the OIM HTTP Server over to BI EEs HTTP Server (hosted on the Oracle Application Server instance IAS). From location To location : : [OIM HOME]/Apache/Apache/conf/osso/biosso.conf [IAS HOME]/Apache/Apache/conf/osso/biosso.conf
If both OIM and IAS are hosted on the same machine, then you can use the following copy command to achieve this: cp [OIM HOME]/Apache/Apache/conf/osso/biosso.conf [IAS HOME]/Apache/Apache/conf/osso/biosso.conf
2) Modify mod_osso.conf File Open up the following file for editing: [IAS HOME]/Apache/Apache/conf/mod_osso.conf
Within the <IfModule mod_osso.c> section, add the following text to register the new biosso.conf file: OssoConfigFile [IAS HOME]/Apache/Apache/conf/osso/biosso.conf
Then add the following text to protect the URLs for /analytics and /analyticsSOAP: <Location /analytics> Header unset Pragma OssoSendCacheHeaders off AuthType Basic require valid-user </Location> <Location /analyticsSOAP> require valid-user AuthType Basic Allow from All Satisfy any </Location>
Page 41
Your mod_osso.conf file should look like something like this:
3) Edit httpd.conf File Open up the following file for editing: [IAS HOME]/Apache/Apache/conf/httpd.conf Locate the line for mod_osso.conf and un-comment it by removing the # at the beginning of the line
Save the file.
Page 42
CREATE IMPERSONATOR USER IN BI REPOSITORY

Make sure an Impersonator user exists in the BI Repository, you can do this by opening up the BI Repository and going to the Manange Security menu option. If the user does not exist then create it, specifying the following configuration: User Name Password Confirm Password Group Membership : : : : Impersonator [password] [password] Administrators
CONFIGURE CREDENTIAL STORE FOR IMPERSONATOR USER

The Credential Store is used to hold certain user credentials so that it is possible for external applications to integrate with Oracle BI EE. During the BI EE installation you configured this Credential Store for BI Delivers and BI Publisher, now we must also configure the Credential Store for Impersonation which is required for SSO to function properly. Log on as orabiee to the Linux machine and run the following command (checking the Path and Impersonator password in red are correct):
cryptotools credstore add encr username Impersonator password Impersonator alias impersonation passphrase password writePassphrase Y batch InFile [BI HOME]/OracleBIData/web/config/credentialstore.xml
Page 43
CONFIGURE PRESENTATION SERVICES

You will now configure Presentation Services to do the following: Enable SSO Perform Impersonation using the Impersonator user Log on and Log off using the URLs provided by the SSO Server (rather than the standard Oracle BI login / logoff screens)
Open up the following file for editing: [BI HOME]/web/config/instanceconfig.xml Add the following tags to the .xml file (the text highlighted in red is the text you need to change): <CredentialStore> <CredentialStorage type="file" path="[BI HOME]/OracleBIData/web/config/credentialstore.xml" passphrase="password"/> </CredentialStore> <Auth> <SSO enabled="true"> <ParamList> <Param name="IMPERSONATE" source="serverVariable" nameInSource="REMOTE_USER"/> </ParamList> <LogoffUrl>http://[OIM HOST]:[OIM PORT]/pls/orasso/orasso.wwsso_app_admin.ls_logout?p_done_url=http%3A%2F%2F[BI HOST]:[BI PORT]%2Fanalytics%2F</LogoffUrl> <LogonUrl>http:// ://[OIM HOST]:[OIM PORT]/pls/orasso/orasso.wwsso_app_admin.ls_login</LogonUrl> </SSO> </Auth> NOTES: [OIM HOST] is the Linux machine hosting Oracle Identity Management [OIM PORT] is the HTTP port on which Oracle Identity Management is running (typically 7779) [BI HOST] is the Linux machine hosting Oracle BI EE [BI PORT] is the HTTP port on which Oracle BI EE is running (typically 7777)
Page 44
CONFIGURE BI PUBLISHER FOR /ANALYTICSSOAP

Log on to the BI Dashboards: http://[host]:7777/analytics (Administrator / Administrator)
At the top-right, choose the menu option: More Products BI Publisher will now open up.
BI Publisher
Go to Admin tab and choose the link for Oracle BI Presentation Services Set the following parameters on the page: Administrator Password : URL Suffix : Administrator analyticsSOAP/saw.dll (example)
Click Apply
Page 45
DEPLOY /ANALYTICSSOAP AND RE-START BI PUBLISHER

The analyticsSOAP component is a copy of the analytics deployment and is needed for Single-Sign-On between BI EE and BI Publisher to function seamlessly (the /analyticsSOAP URL will be protected slightly differently on the web server). Log on to the Oracle Application Server Control: Log in with oc4jadmin / oc4jadmin: http://[server]:7777/em
Click on home link Click on Applications link Click on Deploy button Click on Archive is already present on the server and enter the location: [BI HOME]/OracleBI/web/analytics.ear
Page 46
Click Next and specify the following parameters: Application Name Context Root : analyticsSOAP : analyticsSOAP
Click Next
Click Deploy
Page 47
Click Return, you should now see the list of Applications installed within home:
Check the box beside xmlpserver and click Restart
and Yes to confirm
Page 48
RESTART HTTP AND PRESENTATION SERVICES

As the orabiee user on the Linux machine, initiate the following commands to restart the BI EE HTTP Server and BI Presentation Services: [IAS HOME]/opmn/bin/opmnctl restartproc process-type=HTTP_Server run-saw.sh stop [wait a minute or two.] run-saw.sh start
Page 49
CONFIGURE SECURITY FOR ACTIVE DIRECTORY (OPTIONAL) ENABLE AUTHENTICATION WITH ACTIVE DIRECTORY
Open up the BI Repository and choose the menu option Manage Variables. Initialization Blocks:
A new window should appear for the new Initialization Block. Specify the following parameters: Name Required for Authentication : : Authentication
Page 50
Click on the Edit Data Source button. Set the Data Source Type to LDAP: Click on the New button to specify a new LDAP server, enter the following parameters on the General tab: Name Host Name Port Base DN Bind DN Bind Password Confirm pw : : : : : : : [LDAP Server Name] [Host Name of the LDAP Server] [LDAP Port] [Distinguished Name in the LDAP directory containing the list of Users] [DN for a user name with which to connect to the LDAP directory] [Password for Bind DN user] [Password for Bind DN user]
Then click on the Advanced tab and enter the following parameters: ADSI :
Go back to the General tab, click on the Test connection button and make sure connectivity has been established successfully. Click OK and then OK again to go back to the main Initialization Block edit window.
Page 51
Now click the Edit Data Target button, and specify the following new Variables as targets (by clicking on the New button for each one): Variable USER DISPLAYNAME DN LDAP variable sAMAccountName cn distinguishedName
Click OK to go back to the main Initialization Block edit window:
Test for successful configuration by clicking the Test button and specifying Use Bind Parameters:
You should see each of the three above variables have been populated. Click on OK and then OK again to exit the Initialization Block edit window. Save the BI Repository (<CTRL> + S).
Page 52
ENABLE AUTHORIZATION WITH ACTIVE DIRECTORY

Oracle BI EE cannot actually integrate directly with LDAP / Active Directory to automatically obtain the groups associated to a user. We will actually create a database PL/SQL Function that utilises the DBMS_LDAP package to perform the Active Directory lookup process. A new Initialization Block within the BI Repository will then be created to call this PL/SQL Function and assign the results to the GROUP session variable. There are two steps to this task: 3) Create GETLDAPGROUPS PL/SQL Function Open up the supplied AD_Authorization.sql file for editing. At the top, modify the top 4 parameters to suit your implementation: l_ldap_host l_ldap_port l_ldap_user l_ldap_passwd For example: -- Adjust as necessary. l_ldap_host VARCHAR2(256) := 'your.ldap.server.com'; l_ldap_port VARCHAR2(256) := '389'; l_ldap_user VARCHAR2(256) := 'MEDIA\Lookup User'; l_ldap_passwd VARCHAR2(256) := 'xyz123'; Save the file. Log on to the Data-Warehouse as the biee user and then execute the AD_Authorization.sql file to create the PL/SQL Function: sqlplus biee/[biee pw]@[dw] @AD_Authorization.sql : : : : [LDAP hostname] [LDAP port] [Username with which to connect up to the LDAP Server] [Password for the lookup username]
NOTE: The PL/SQL Function contains a hard-coded username and password. If you wish to hide this then you can wrap the PL/SQL Function so that the contents are encrypted. Please refer to the Oracle Database documentation on how to do this.
Page 53
4) Create Authorization Initialization Block Open up the BI Repository and choose the menu option Manage Variables. Initialization Blocks:
A new window should appear for the new Initialization Block. Specify the following parameters: Name : Authorization
Click on the Edit Data Source button and configure as follows: Data Source Type Default Init String Connection Pool : : : Database select GETLDAPGROUPS('VALUEOF(NQ_SESSION.DN)') from dual [Any connection pool with access to the BI EE schema]
Page 54
Click on OK to go back to the main Initialization Block edit window and click on the Edit Data Target button. Define a single target Variable called GROUP:
Click on OK, then click the Edit Execution Precedence button. Click Add and the choose the Authentication Initialization Block:
Click on OK and then OK again to exit the Initialization Block edit window. Save the Repository (<CTRL> + S).
INSTALL COMPLETE
You can now test by logging on to http://[BI HOST]:[BI PORT]/analytics
Page 55

Peak Indicators - Oracle BI EE Installation

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Peak Indicators - Oracle BI EE Installation

Uploaded by

Copyright:

Available Formats

Peak Indicators Limited

92 Malthouse Lane Ashover Derbyshire S45 0BU England

Helping Your Business Intelligence Journey

+44 7811 453781

Oracle BI Enterprise Edition With Single-Sign-On

Installation and Configuration Guide

Antony Heljula Technical Architect 27th May 2009

ABOUT THE INSTALLATION

PRE-REQUISITES CREATE OS USER ACCOUNT

INSTALL ORACLE DATABASE CLIENT

INSTALL ORACLE APPLICATION SERVER

Choose the J2EE Server and Web Server installation option:

Confirm all OS checks are passed:

Ignore Cluster Topology options, just click Next:

Now start the install process:

The Configuration Assistant will then run..

The installation will then complete:

URL for Application Server Control : http://[server]:7777/em

INSTALL ORACLE IDENTITY MANAGEMENT RUNNING THE INSTALLER

NOTE: This folder will from now on be referred to as [OIM HOME]

Choose to install the product Oracle Application Server Infrastructure 10g:

Confirm all OS checks are passed:

Confirm that you have root privileges on the Linux machine:

Accept the default configuration options:

Choose automatic port configuration:

Accept the default suggested namespace setting:

Click Install to finally start the installation process:

CONFIGURE SHELL SCRIPT

START UP ORACLE IDENTITY MANAGEMENT

DOWNLOAD AND EXTRACT ORACLE BI EE SOFTWARE (FOR WINDOWS)

RUNNING THE INSTALLER

Then locate the path of your JDK:

Choose English as the chosen language:

Now you can start the install process:

CREATE BIEE SCHEMA ON DATA-WAREHOUSE

INSTALL JAVA DEVELOPMENT KIT (JDK)

DOWNLOAD AND EXTRACT ORACLE BI EE SOFTWARE (FOR LINUX)

CONFIGURE OPERATING SYSTEM LIMITS

RUN UNIXCHK.SH SCRIPT

RUNNING THE INSTALLER

On the next screen, choose the Complete setup type:

Choose English as the chosen language:

Now you can start the install process:

Simply exit the installer when the process has completed:

CONFIGURE SHELL SCRIPTS

CONFIGURE BI DELIVERS SCHEDULER

CREATE BI DELIVERS SCHEDULER AND USAGE TRACKING TABLES

ENABLE USAGE TRACKING

Save the file and exit.

CONFIGURE CREDENTIAL STORE

CONFIGURE BI REPOSITORY (RPD)

Open up the following configuration file for editing: [BI HOME]/OracleBI/server/Config/NQSconfig.ini

CONFIGURE PRESENTATION CATALOGUE

Open up the following configuration file for editing: [BI HOME]/OracleBIData/web/config/instanceconfig.xml

START UP ORACLE AS AND BI EE PROCESSES

Wait a few moments.....then try logging on to the BI Dashboards: http://[host]:7777/analytics

Click Test Connection:

Click Install Schema:

ENABLE AUTHORIZATION WITH ORACLE INTERNET DIRECTORY

On the left-hand side of the Variable Manager window, click on Session

REGISTER ORACLE BI EE AS A PARTNER APPLICATION

CONFIGURE HTTP SERVER

Your mod_osso.conf file should look like something like this:

Save the file.