display prompt values in Excel

How can we get the Prompt values to be displayed when the report is exported in MS Office formats or printed in PDF using the ‘Download’ or ‘Print’ report links?

When you use the ‘Printer Friendly’ option on the Dashboard, all objects on the Dashboard get downloaded for printing including the Dashboard Prompt section.

However using the report ‘Download’ or ‘Print’ link, this does not print the Dashboard Prompt section.
Please note this is expected behavior. Using the Printer Friendly icon at the lower lefthand corner, it prints the entire dashboard. Alternatively the ‘Download’ or ‘Print’ link option is available, for the report. So this will print the Compound layout view of the report, or any specific report sections that have been made available on the Dashboard.

A workaround to have the Dashboard Prompt values displayed when you use the Report ‘Download’ or ‘Print’ link is by having the filter view as part of the report.

Oracle has now raised the Enhancement Request# 8242921 to address this matter. The enhancement request is to enhance the product so that so there is also an option to download to the various formats at the dashboard page level. Similar to the Dashboard Page ‘printer friendly’ functionality.

Removing My Dashboard

Customer want to take away from all users ‘My Dashboard’. They want that the users only have the choice between the ‘common Dashboards’.
But the users (the report creators) need My Folders.
So Manage Privileges – Catalog – Personal Storage (My Folders and My Dashboard) does not fit exactly.

Customer has created default shared dashboards that they want the users to see/read by default, but they want to restrict user access to the Shared Dashboard folders.
They want users to be able to access their My Folders directory, but not have access to their My Dashboard link or My Dashboard folders. This is not possible with out of box functionality.

The following enhancement request has been created to benefit the users.



The only way to deny access to ‘My Dashboard’ is via the “Personal Storage (My Folders and My Dashboard)” Catalog privilege. Denying this privilege to a group or user will take away access to both ‘My Dashboard’ and ‘My Folders’ – currently, you can’t separate the two. Therefore I have logged the following Enhancement Request.

Alternatively, here is a suggestion of using current functionality would be:

1. Create a web catalog group and dashboard via “Manage Presentation Catalog Groups and Users” to be used as the default user dashboard.
2. Grant the ‘Everyone’ web group the appropriate privilege to this catalog group via “Manage Presentation Catalog” – e.g. ‘Read’.
3. In the admin tool, create a session init block to set the ‘PORTALPATH’ session variable to the webcatalog path of the default dashboard page.
3.a. You can find the path by looking at the properties of the folder under ‘_portal’ in the catalog group folder the default dashboard was created in – e.g. “/shared/user_default/_portal/Home”.
3.b. The init string could either select the literal path (e.g. select ‘/shared/user_default/_portal/Home’ from dual) so all users would be routed to the same dashboard. Alternatively, the path could be stored externally, e.g. in a table, and selected from it per userid. That way, it would be manageable outside of the admin tool.

This would force all users to the default dashboard specified in the path used to populate PORTALPATH for all users.
One issue that may occur is with existing users that have set their ‘Default Dashboard’ to anything but ‘Default’ in the ‘My Account’ link – they may be required to set it to ‘Default’, then log-off/log-on for the default dashboard setting to take affect.
I know of no way to get around this potential issue for this scenario short of each user making the change OR deleting users from the webcat such that a subsequent logon will ‘re-initialize’ their account (which will then use the init block set PORTALPATH value). Both of these options seem severe, and the second may prove problematic as long as the ‘My Account’ link is still active.

How to set session variables using url variables

The goal is to set session variables using url variables, but can you also do this for the user and password ?
url variable (&Upwd) is not passed to session variable USER_PWD.
The variable USER is correctly passed, the variable USER_PWD is not!


The steps to set an OBIS session variable via a URL call utilizing the
instanceconfig.xml tag should be as follows

1. Create a session init block that will act as a ‘placeholder’ for the
session variable to be set via the url call – the variable can be set to

2. Set the ‘Enable any user to set the value’ option for the variable.

3. Add the following tag block to the instanceconfig.xml file anywhere
between the <ServerInstance></ServerInstance> tags:

<UserIdPassword enabled=”true”>
“TEST_VAR” should match the session variable name (case sensitive).

4. The following option will need to be appended to the OBI url passed –
&SETVAR=’variable value to pass. So a full example would be:

However, note that you cannot set the value of any System Security Session variable (specifically USER, PROXY, GROUP and WEBGROUPS) using any source method (e.g.: url, cookie, httpHeader) by design. Having this ability would open possible security breaches.

If you attempt to set the USER variable with the following instanceconfig.xml setting:

<Param name=”NQ_SESSION.USER” source=”url” nameInSource=”nquser” />

You will get the following error when using the url: http://localhost:9704/analytics/saw.dll?Dashboard&nquser=user1&nqpassword=public :

nQSError: 10018: Access for the requested connection is refused
nQSError: 1315 You do not have the permission to set the value of the variable :USER

All OBIEE services are up but the application page is not opening

After changing password for OBI repository Administrator user, impersonator and OBIEEConnect HR database user, it is no longer possible to log into OBIEE. The following error is displayed:

‘The page cannot be displayed’

OBIEE is installed on Linux and deployed on Oracle 10gAS with SSO implemented

So, when you go to http://servername/analytics, it should bring you to the SSO login page e.g ‘Not logged in’ should be displayed. Instead the above error is displayed.

The issue is caused by the following setup/step:

a). The Oracle Application Server is unable to render OBIEE as an application

b). Credentialstore.xml has not been updated with the change in impersonator password

The following resolved the problems

1). Redeploy ‘analytics’ application in the OC4J Admin Console, restart all the OBI processes and attempt to log in again.

Now, OBIEE page displayed ‘Not Logged In..’ which is the expected page as SSO is enabled.

This step is described in

–> Oracle Business Intelligence Infrastructure Installation and Configuration Guide> Configuring Oracle BI Presentation Services > Creating a WAR File for Oracle BI Presentation Services

a.In 0c4j admin console
b. Click on ‘analytics’ application
c. Choose default settings or use existing application files
d. Redeploy application
e. Restart all services

2). Add the change in the impersonator user credentials to the Oracle BI Presentation Services Credential Store. To obtain the impersonator user credentials, Oracle BI Presentation Services will search the credential store for a username-password credential with an alias of impersonation

These steps are documented in

–> Oracle Business Intelligence Enterprise Edition Deployment Guide > Implementing Single Sign-On Products With Oracle Business Intelligence > Enabling SSO Authentication for Oracle Business Intelligence > Creating the Oracle BI Server Impersonator User

–> Oracle Business Intelligence Enterprise Edition Deployment Guide > Implementing Single Sign-On Products With Oracle Business Intelligence > Enabling SSO Authentication for Oracle Business Intelligence > Adding Impersonator User Credentials to Oracle BI Presentation Services Credential Store

LDAP how restrict the login to members of certain groups in OBIEE?

he question is – if you can mix LDAP and other type of authentication. In one word – yes and no.

Here’s what Oracle suggests:

1. You can have internal authentication and LDAP authentication. eg users in the rpd, and users in the LDAP.

For users not defined in the repository, the presence of a defined session system variable USER determines that external authentication is performed.
So using this method, you can have groups with internal users using the internal security, and groups with users that use the LDAP authentication.

But you cannot mix external table and LDAP authentication for example, as you cannot have different connection pools on same init block.

2. The best option would be to create your own authentication Dll (Custom authentication) so  you will have full control on what systems you will lookup for the user account.
You can write your own DLL in C++ , and have OBI Server invoke it. BI just pass the username/pwd received, and wait for an authenticated/no authenticated message from the dll.

This exists since

We provide an example of such dll.
Location for the sample one: D:\OracleBI\server\SDK\CustomAuthenticatorSamples

I wonder if anyone tried it – I think that at this time, it’d be easier to work around the requirement by using standard methods. Let’s see what John Minkjan might say about it.