OBIEE Step by Step Guide

October 20, 2009

OBIEE SSO Integration in Windows

There were questions posed in some forums (especially OTN) where people want to bypass OBIEE authentication when the user has been authenticated to the Windows AD (Active Directory). How best can we do it? What is the process and how do you do it?

The answers for these questions can be answered if your BI Server / Presentation Server is hosted on a Windows Server. I have seen installations where BI Server is hosted on a different machine and Presentation Service is hosted on another. Anyways, the process is the same.

First, disable your SSO in the instanceconfig.xml file

Go to SSO tag in the instanceconfig.xml file which says <SSO enabled = “true”> tag and change it as false. Now, this way you can first make sure that your LDAP is working. This holds true when your AD users are exposed through LDAP.

Connect to your LDAP and make sure the user/pwd works. Now, to configure the SSO integration with Windows login and if your presentation layer is hosted on a Windows Server/IIS, then

Open IIS Manager => Select Default website => Right-click => Properties => Directory Security tab => Authentication and access contol => Edit … => deselect “Enable anonymous access” => Select “Integrated Windows authentication” => Ok => Ok => Select All => Ok

Reenable SSO by

Open the instanceconfig.xml file (located in OracleBIData\web\config).     Set <SSO enabled = “true”>.  Save and close file.

Restart the BI Services and Restart IIS Admin Service. Follow the sequence 🙂 of how to start your OBIEE services.

When it asks to restart the World Wide Web and HTTP SSL services, select Yes.

Now, when you open your browser and go to your analytics website, you should be logged in automatically.


Until next time, kudos to all OBIEE evangelists

Blog at