Articles

MSAD and Oracle Hyperion – how will this remain a happy marriage?

Do you use Microsoft Active Directory (MSAD) to log into Oracle Hyperion? Then you need to take action to keep the link between Hyperion and MSAD working.

MSAD-en-Hyperion

What is going on? Microsoft has produced a document explaining that there will be a change in communication between MSAD and products that use MSAD via the LDAP protocol. More details can be found in this article about MSAD.

What does this change in MSAD mean for Oracle Hyperion?

For Hyperion this is not different, here too the change in MSAD has major consequences for logging in. This requires adjustments to your system.

Below we take you through the technical steps necessary to ensure that everyone in your organization can continue to log in in the future:

  • Request the certificate from the person responsible within your organization.
  • Make sure the certificate is available on all Hyperion servers.
  • Open a Command Prompt in Administrator mode:
    • cd <drive>:\Oracle\Middleware\jdk160_35\bin
    • keytool -import -noprompt -trustcacerts -alias [name_of_your_certificate]-file <drive>:\Oracle\[ name_of_your_certificate].cer -keystore <drive>:\Oracle\Middleware\jdk160_35\jre\lib\security\cacerts -storepass [password]
    • keytool -import -noprompt -trustcacerts -alias [name_of_your_certificate]-file <drive>:\Oracle\[ name_of_your_certificate].cer -keystore <drive>:\Oracle\Middleware\jrockit_160_37\jre\lib\security\cacerts -storepass [password]
    • keytool -import -noprompt -trustcacerts -alias [name_of_your_certificate]-file <drive>:\Oracle\[ name_of_your_certificate].cer -keystore <drive>:\Oracle\Middleware\wlserver_10.3\server\lib\DemoTrust.jks -storepass [password]
  •  Change everything in bold to the values that apply to you.
  • You will see the following for each ‘task’:

MSAD0

  • After this, restart the services of your system.
  • Now log in to workspace and go to ‘Shared Services’.

MSAD1

  • Now go to your MSAD configuration:

MSAD2

  • Once you are in the edit screen, check the “SSL Enabled” box.

MSAD3

  • If communication with the certificate goes well, you can now save your work.
    Restart the service ‘HyS9FoundationServices_epmsystem1’ again.

Get the most out of your Oracle application

Discover the benefits of our support for Oracle EPM/ Hyperion and our EPM Support Services options.

Text: Bert Dotinga

Keep up with the latest developments

Sign up now