# Step 4: Configure Directory Services and Web Infrastructure

## 1. Update Oracle Internet Directory (OID)

To enable Single Sign-On (SSO) authentication, configure Oracle Internet Directory (OID) by importing users and groups.

#### 1.1 Connect to Oracle Directory Services Manager (ODSM)

* Open the ODSM console:\
  \&#xNAN;**`http://test.public.myvcn.oraclevcn.com:7011/odsm`**
* Log in with the Oracle Directory Administrator credentials:\
  Username: `cn=orcladmin`

#### 1.2 Import a Test User

* Create a user using the following **user.ldif** data:

  ```ldif
  dn: cn=User01,cn=Users,dc=us,dc=oracle,dc=com
  givenname: User01
  sn: User01
  mail: vart181@gmail.com
  uid: User01
  objectclass: top
  objectclass: person
  objectclass: organizationalPerson
  objectclass: inetOrgPerson
  objectclass: orclUser
  objectclass: orclUserV2
  cn: User01
  orclisenabled: enabled
  ```

#### 1.3 Import Test Groups

* Import groups using the following **groups.ldif** data:

  ```ldif
  dn: cn=OIDBIConsumers,cn=Groups,dc=us,dc=oracle,dc=com
  objectclass: groupOfUniqueNames
  uniquemember: cn=orcladmin

  dn: cn=OIDBIContentAuthors,cn=Groups,dc=us,dc=oracle,dc=com
  objectclass: groupOfUniqueNames
  uniquemember: cn=orcladmin

  dn: cn=OIDBIServiceAdministrator,cn=Groups,dc=us,dc=oracle,dc=com
  objectclass: groupOfUniqueNames
  uniquemember: cn=orcladmin
  uniquemember: cn=User01
  ```

Verify that the imported users and groups are correctly visible in OID.

<figure><img src="https://lh7-rt.googleusercontent.com/docsz/AD_4nXdzNVWqYkTDvWo01_rI5MmIQZgoTJYUNoV0aNJ5gFSt9RM86FPbdCOh0NAIga0wCAiQHLyk4iCDnke0BS4PXu1Aczn9Tw6UHk5bPq9clWvflxWoo68olUUj2az3gGUr5-eHt6rd?key=flYwr8QHc9296S5s6V_SpI0A" alt=""><figcaption></figcaption></figure>

### 2. Configure Oracle HTTP Server (OHS) with WebGate

Prepare WebGate to protect OBIEE resources and redirect authentication requests.

#### 2.1 Update the mod\_wl\_ohs.conf File

* Access the OHS server and go to:\
  `$OHS_HOME/user_projects/domains/ohs/config/fmwconfig/components/OHS/instances/ohs1`
* Open `mod_wl_ohs.conf` and replace its contents with the following:

  ```apache
  LoadModule weblogic_module "${PRODUCT_HOME}/modules/mod_wl_ohs.so"

  <IfModule weblogic_module>
    WLTempDir /tmp

    <Location /analytics>
      SetHandler weblogic-handler
      WebLogicCluster test:9502
    </Location>

    <Location /va>
      SetHandler weblogic-handler
      WebLogicCluster test:9502
    </Location>

    <Location /xmlpserver>
      SetHandler weblogic-handler
      WebLogicCluster test:9502
    </Location>

    WebLogicHost test
    WebLogicPort 9502
    DynamicServerList On
  </IfModule>

  ```

#### 2.2 Verify Resource Paths

* Ensure that additional OBIEE paths (`/analytics`, `/va`, `/xmlpserver`) are properly defined.

### 3. Deploy WebGate Configuration Files

Install the WebGate configuration generated during OAM agent registration.

#### 3.1 Copy Configuration Files

* **ObAccessClient.xml**\
  From:\
  `$OAM_HOME/idm/oam/server/rreg/output/TEST_BI_OAM/ObAccessClient.xml`\
  To:\
  `webgate/config/ObAccessClient.xml`
* **cwallet.sso**\
  From:\
  `$OAM_HOME/idm/oam/server/rreg/output/TEST_BI_OAM/wallet/cwallet.sso`\
  To:\
  `webgate/config/wallet/cwallet.sso`

#### 3.2 Verify Permissions

* Ensure that the OHS server process has read access to both files.

### 4. Restart the Oracle HTTP Server (OHS)

Apply the changes by restarting the OHS server.

#### 4.1 Restart the Service

* Run the following command:

  ```bash
  $OHS_HOME/bin/opmnctl restartproc ias-component=ohs1
  ```

#### 4.2 Verify WebGate Activation

* After restart, accessing any protected OBIEE URL (e.g., `/analytics`) should redirect users to Oracle Access Manager (OAM) for authentication.

{% hint style="info" %}
**Notes:**

* In this guide, we are using the example address \*\*<http://test.public.myvcn.oraclevcn.com**.\\>
  Replace it with your actual environment URL if different.
* Backup the original `mod_wl_ohs.conf` before making changes.
* Verify that server ports (e.g., 9502) correspond to your environment settings.
  {% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://enterprise.hideez.com/hideez-server-integration/saml-integration/oracle-business-intelligence-enterprise-edition-obiee/step-4-configure-directory-services-and-web-infrastructure.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.