Siebel Analytics Platform Installation and Configuration Guide > User Authentication Support in Siebel Analytics >
Process of Configuring LDAP and ADSI for Analytics Authentication
Analytics License: All licenses.
Operating Systems: All.
This topic is part of User Authentication Support in Siebel Analytics.
Authentication on LDAP and ADSI servers uses Siebel Analytics Server session variables. Some session variables, such as PASSWORD, are populated automatically. They receive their values when a user begins a session by logging on. Instead of storing user names and passwords in a Siebel Analytics Server repository, the Siebel Analytics Server passes the user's user name and password to an LDAP server for authentication.
Some session variables, such as GROUP, need to be manually created in the Siebel Analytics repository. Initialization blocks specify the attributes to be retrieved in session variables. Certain session variables, called system session variables, have special uses. For more information about session variables, the USER system variable, and the Variable Manager, see the appropriate topics in Siebel Analytics Server Administration Guide or Analytics Server Administration Tool Online Help.
The following key restrictions apply to LDAP and ADSI authentication:
- Importing of user information into the repository is supported on regular LDAP servers, but not supported on ADSI servers.
- Groups are defined in the repository. However, if lists of users are stored on LDAP servers, the group membership information must be obtained from a database table.
- When a User exists in both the repository and in an external source (such as LDAP servers), the local repository User definition takes precedence. This restriction allows the Siebel Analytics Server Administrator to override users that exist in an external security system.
The process of configuring Analytics users on an LDAP or ADSI server consists of the following tasks:
- Configuring IKeyMan for CMS Key Generation
Use the GSKit utility IkeyMan to create a key database file, and store it under the Siebel Analytics configuration directory.
NOTE: For ADSI authentication only, GSKit is not required.
- Generating a CMS Key Database File
- Setting Up LDAP Authentication in Analytics