You can define the groups in the Active Directory but you have to assign the AD groups to the proper folders and also to the applications(Infoview, Designer etc) in the CMC.
Do you mean,
I can define the groups and users in “Windows AD” but I can’t specify in “Windows AD” that a user or a group have or doesn’t have the rights to access to a business Objects ressources (folder or report)?
I’m oblige to proceed as follow?
Define groups and users on “Windows AD”?
Manage the rights on "folders and “reports” on Business Objects using the CMC?
Yes, thats true. Define your BO groups who have access in the AD and once you configure the AD authentication in BO you can map these groups to the folders and Applications in CMC.
That way, when a user in the company needs access to BO, then he will be added to that particular AD group. As those particular groups have access to BO reports and applications they can use their AD account to login and view their assigned stuff.
Yes this is correct. You can create a group in AD who will have access to Universe Designer tool and then map this group in CMC to have access to designer.
Ask your it admin people to create groups for your business object report purpose and ask them to add all the users of ur bo reports in that group who would be given ad authentication by u in cmc.
Then add this created group to your business object ad authentication group list ( inthe authen section of your cmc)
Then create users or add existing existing user to this group and specifing the ad authentication method. If you dont have agroup created and u try to give ad verification then error comes saying that the user doesnot belong to a mapped group.
In future, I suppose if a new user has to be added to this group, the IT admin will have to add this user to the group they created usign their rights.
(BOB member since 2006-03-09)
(BOB member since 2004-01-09)
(BOB member since 2004-01-09)