MSAD and Oracle Hyperion – how will this remain a happy marriage?

Do you use Microsoft Active Directory (MSAD) to log into Oracle Hyperion? Then you need to take action to keep the link between Hyperion and MSAD working.

What is going on? Microsoft has produced a document explaining that there will be a change in communication between MSAD and products that use MSAD via the LDAP protocol. More details can be found here.

What does this change in MSAD mean for Oracle Hyperion?

For Hyperion this is not different, here too the change in MSAD has major consequences for logging in. This requires adjustments to your system.

Below we take you through the technical steps necessary to ensure that everyone in your organization can continue to log in in the future:

  • Request the certificate from the person responsible within your organization.
  • Make sure the certificate is available on all Hyperion servers.
  • Open a Command Prompt in Administrator mode:
    • cd <drive>:\Oracle\Middleware\jdk160_35\bin
    • keytool -import -noprompt -trustcacerts -alias [name_of_your_certificate]-file <drive>:\Oracle\[ name_of_your_certificate].cer -keystore <drive>:\Oracle\Middleware\jdk160_35\jre\lib\security\cacerts -storepass [password]
    • keytool -import -noprompt -trustcacerts -alias [name_of_your_certificate]-file <drive>:\Oracle\[ name_of_your_certificate].cer -keystore <drive>:\Oracle\Middleware\jrockit_160_37\jre\lib\security\cacerts -storepass [password]
    • keytool -import -noprompt -trustcacerts -alias [name_of_your_certificate]-file <drive>:\Oracle\[ name_of_your_certificate].cer -keystore <drive>:\Oracle\Middleware\wlserver_10.3\server\lib\DemoTrust.jks -storepass [password]
  •  Change everything in bold to the values that apply to you.
  • You will see the following for each ‘task’:

  • After this, restart the services of your system.
  • Now log in to workspace and go to ‘Shared Services’.

  • Now go to your MSAD configuration:

  • Once you are in the edit screen, check the “SSL Enabled” box.

  • If communication with the certificate goes well, you can now save your work.
    Restart the service ‘HyS9FoundationServices_epmsystem1’ again.