Integrate with Microsoft Active Directory
Microsoft Active Directory supports the LDAP interface and therefore can be configured with Publisher using LDAP Security.
Configure the Active Directory
Configure support for Active Directory by adding users and system groups.
Example 3-1 Grant Users the Publisher Administrator Role
- Under the Active Directory User and Computers, open the XMLP_ADMIN group and click the Members tab.
- Click Add to add users who need Publisher Administrator privileges.
Example 3-2 Grant Users Access to Scheduling Reports
The "HR Manager" global group is defined under "Users". All users in this group need to schedule reports.
To achieve this, add HR Manager as a Member of the XMLP_SCHEDULER group.
Configure Publisher
You configure Publisher on the Administration page.
To configure Publisher:
If you're configuring Publisher to use LDAP over SSL, then you must also configure Java keystore to add the server certificate to JVM. For more information, see Configure Publisher for Secure Socket Layer (SSL) Communication.
Log In to Publisher Using the Active Directory Credentials
The User login name defined in Active Directory Users and Computers >User Properties >Account is used for the Publisher login name.
Add the Domain to the user name to log in to Publisher. For example: "scott_tiger@domainname.com".
Note the following:
-
The Attribute used for Login Username can be sAMAccountName instead of userPrincipalName.
-
User names must be unique across all organization units.
Assign Data Access and Catalog Permissions to Roles
You assign data access and catalog permissions to roles on the Administration page.
Note:
-
The XMLP_X roles are not shown because these are controlled through the Active Directory interface.
-
The Users tab is no longer available under the Security Center because users are now managed through Active Directory.
-
Roles are not updatable in the Publisher interface, except for adding data sources.