Tag: fake invalid credentials message

An invalid Username or Password was entered

What is ‘BISystemUser’

OBIEE System User ‘BISystemUser’
“BISystemUser” is an internal OBIEE system user used as an inter-bi-component communication user, this could also be used when Impersonation is used. This is referenced by an Authenticator (usually Default Authenticator unless changed to different providers like Active Directory or other directory).

Scenario

 Impact on Deleting ‘BISystemUser’

OBIEE unable to login

 When deleting the ‘BISystemUser’, when default access configuration, OBIEE System will no longer allow any user to login.

Deleting the user causes the system to close down on allowing any connections into the Presentation layer; any user trying to login will be thrown authentication error (“An invalid Username or Password was entered.”).

Step by Step

WeblogicBISystem’ Role Check

  • Login to weblogic: http://host:port/em
  • Go to Business Intelligence->coreapplication->Security->Single Sign On ->Application Policies and Roles -> Configure and Manage Application Roles

Em - coreapplication EM - configure and manage application roles

  • Select the ‘BISystem’ role from list and check on the Membership section if the ‘BISystemUser’ is still there

BISystem user BISystem user membership

  • if user is not found in there will need to add it after its re-creation

Weblogic User Check

  • Go to Oracle Weblogic Server Security Provider for User Management page (you will need to login again)

Weblogic - application roles Setting for my realm

  • Check in the table for ‘BISystemUser’ user

check for user in list

  • If user does not exist go to Recreating User step

Recreating User

recreate BISystem

  • Create new user by clicking new
  • Useful tips:
    • Make sure Name for the user is exactly ‘BISystemUser’
    • For best practice make sure you fill in a meaningful description – to ensure user is not deleted again by mistake (eg. System user, internal OBIEE use)

User description

  • Keep in mind password for the ‘‘system.user” Password Check & Change step

system.user’ Password Check & Change

  • Go to WebLogic Domain->bifoundation_domain->(right click)->Security -> Credentials

bifoundation_domain

  • In here, edit the ‘system.user’ and update password to match the one for the re-created user

credentials store provider  bisystem - Edit Key

Delete Cached Credentials

Within the operation system, we need to delete the cached credential files, to make sure our changes are applied.

File name is (there will be 2 files, a cacheduserinfo and a cacheduserinfo.atr – both need to be deleted)

  • For Linux OS (make sure you have read/write rights on the oracle files – best use root rights):
    • go to root folder (or oracle home): cd / (cd oracle home path)
    • search files: find -name cacheduserinfo – this will list up files cacheduserinfo for all user, so you will need to select the path for the bisystemuser (will be something like this ./u01/oracle/mw/i…../root/users/bisystemuser/_prefs/cacheduserinfo)
    • delete files: rm path/filename
    • confirm delete: Y
  • For Windows OS:
    • search for files: cacheduserinfo and atr and delete them

(Command line for search: dir  cacheduserinfo .* /s – make sure you are searching within oracle home directory. To get there use: cd path)

Finish and Test

Restart Services

In order for changes to be applied, we need to restart the  BI server components for system to reload new permissions, configured.

  • in weblogic go to Business Intelligence->coreapplication->Overview
  • restart all

Restart components

      That’s all. Please test your work now!

Note: Please note this tests were done on OBIEE 11.1.1.7.1.
Advertisement