Upload
arijit294
View
213
Download
0
Embed Size (px)
Citation preview
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
1/49
23 October, 2013Doc Created By: Capgemini BO CoE, Mumbai
1
BusinessObjects Enterprise XI 3.1
Administration and Security
Version 1.0
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
2/49
BO XI 3.1 Administration and Security
2
Audience
Administrators, architects and technical leads who are
new to BusinessObjects Enterprise and will be
responsible for maintaining BusinessObjects Enterprise
users, groups, and objects
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
3/49
BO XI 3.1 Administration and Security
3
Prerequisites
Prior experience of BusinessObjects tool or similar
OLAP technology
Prior version Business Objects v6.5/XI R2 administration
experience will be an added advantage
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
4/49
BO XI 3.1 Administration and Security
4
Objective
Reader understand the architecture of Business Objects
Enterprise product
Reader is able to perform administration tasks tasks in
the Central Management Console (CMC) and CCM
(Central Configuration Manager)
Reader understands Content & User management and
its apply security features
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
5/49
BO XI 3.1 Administration and Security
5
Content
What is BusinessObjects Enterprise ?
BusinessObjects Enterprise XI Product Suite
Business Objects Enterprise XI Architecture
Business Objects Enterprise XI Infrastructure
Web/Desktop Intelligence Architecture
CMS database
Managing and Configuring Servers
Central Management Console (CMC)
Managing Licenses
Server Services Server Status
(continued)
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
6/49
BO XI 3.1 Administration and Security
6
Content
Server Intelligence Agent (SIA)
Server Nodes
Viewing and changing the status of Servers
Cloning servers
Managing Users and Groups
Setting Rights -How rights work
Managing Auditing
Managing Profiles
Backing up server configuration settings
Restore server configuration settings Federation
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
7/49
BO XI 3.1 Administration and Security
7
What is BusinessObjects Enterprise ?
BusinessObjects Enterprise XI is the business intelligence platformthat supports the entire range of performance management,reporting, querying and analysis applications. It also providesindustry-standard, proven architecture and platform support forsemantic layers, data integration, and security.
BusinessObjects Enterprise XI provides full web-basedadministration and configuration of the entire system.
BusinessObjects Enterprise XI brings together features from acrossthe Business Objects product line to meet your evolving reporting
needs, from using Web Intelligence anywhere to improving CrystalReports interactivity and personalization
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
8/49
BO XI 3.1 Administration and Security
8
Business Objects Enterprise XI product suite
Data Integrator
Composer
Metadata Manager
Data Federator
Data Quality
Data Insight
Web Intelligence
Rich WebI (offline)
Desktop
Intelligence
Crystal Reports
Crystal Reports
Server
Performance Management
Analytic applications
Planning applications
Set Analysis
Predictive Analysis
Crystal Xcelsius
Voyager
BOE Professional
BOE Premium
Add ons
- Live Office
- Publishing
- Auditing
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
9/49
BO XI 3.1 Administration and Security
9
Five Tiers Architecture:
Client: web browser and rich
clients
Application: Java web
application servers and tools
Intelligence: system server
processes
Processing: data analysis andreport generation
Data: source repositories
Business Objects Enterprise XI Architecture
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
10/49
BO XI 3.1 Administration and Security
10
CLIENT TIER
Browser-Based Application
Infoview
Central Management Console
Central Configuration Manager
Publishing Wizard
Import WizardTranslation Manager
Software Inventory Toll
Universe Designer
Universe Builder
Information Designer
Desktop IntelligenceBusiness View Manager
Report Conversion Tool
Query as a Web Service
Packaged Applications
Data Source Migration Wizard
Universe Connection Manager
Repository Diagnostic ToolWeb Intelligence Rich Client
APPLICATION TIER
Web Logic
Oracle
Websphere
Tomcat
Sun Java
JBoss
Packaged ApplicationsWeb Application Servers
Voyager
wDeploy Tool
Crystal Reports Explorer
BusinessObjects Enterprise Web Services
Performance Management
INTELLIGENCE TIER
Central Management
Server
Input/Output
File Repository Servers
Event Server
Crystal Reports Cache Server
Desktop Intelligence Cache Server
Cache Servers
PROCESSING TIER
Adaptive Job Server
Crystal Reports Job Server
Desktop Intelligence Job Server
List of Values Job Server
Destination Job Server
Program Job Server
Adaptive Processing ServerCrystal Reports Processing Server
Report Application Server
Desktop Intelligence Processing Server
Processing ServersJob Servers Web Intelligence Processing Server
Multi Dimensional Analysis Server
Performance Management Servers
Connection Server
DATA TIER
OLAPSAP BW, SQL, Essbase
RELATIONALODBC, OLE DB, Native
OTHERSXML, ERP, CRM,COM
Business Objects Enterprise XI Infrastructure
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
11/49
BO XI 3.1 Administration and Security
11
Web/Desktop Intelligence Architecture
(CMS Database)
(Tomcat)
(tools) (Data Warehouse)
(Infoview)
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
12/49
BO XI 3.1 Administration and Security
12
CMS database
CMS stands for Central Management Server
Stores the following -
Users created by the Administrator
Universes created by the Designer
Documents sent by users so that other users canretrieve and view them.
Enforces security - Users access rights to view the different
components like universes, documents, etc.
Every user login is first validated against the CMS database.
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
13/49
BO XI 3.1 Administration and Security
13
Managing and Configuring Servers
BusinessObjects Enterprise includes two key administrative tools that allow
you to view and to modify a variety of server settings:
Central Configuration Manager (CCM)
Central Management Console (CMC)
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
14/49
BO XI 3.1 Administration and Security
14
Central Configuration Manager(CCM)
The CCM (Central Configuration Manager) is a server troubleshooting
and node configuration tool provided in two forms. In a Microsoft
Windows environment, the CCM allows you to manage local and remote
servers through its graphical user interface (GUI) or from a command
line. In a UNIX environment, the CCM shell script (ccm.sh) allows you to
manage servers from the command-line.
Note:Most server management tasks are now handled through the CMC, not in the CCM. The
CCM was the primary tool for server management in previous versions, but the CCM is
now used only for troubleshooting and node configuration.
The CCM is now used primarily for node configuration, and for troubleshooting when you
cannot access the CMC. For example, if you need to reconfigure the CMS and do not have
access to the CMC, you can click Manage Servers in the CCM to log in and view all servers
in your deployment.
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
15/49
BO XI 3.1 Administration and Security
15
Central Management Console (CMC)
To log on to the CMC from your browser
URL: http://webserver:8080/CmcApp/
To log on to the CMC fromOn Windows
Start > Programs > BusinessObjectsXI 3.0 > BusinessObjects Enterprise >
BusinessObjects Enterprise Central Management Console
1. Type the name of your Central Management Server (CMS) in the System field.
2.Type yourUser Name and Password
3. Select Enterprise in the Authentication Type list
4. Click Log On.
The CMC Home page appears
http://webserver:8080/CmcApp/http://webserver:8080/CmcApp/http://webserver:8080/CmcApp/http://webserver:8080/CmcApp/http://webserver:8080/CmcApp/http://webserver:8080/CmcApp/7/27/2019 BO_XI 3.0 Administration and Security_v1.0
16/49
BO XI 3.1 Administration and Security
16
Central Management Console (CMC)
The Central
Management Console
(CMC) is a web-based
tool which offers a
single interface
through which you canperform almost every
day-to-day
administrative task,
including user
management, content
management, andserver management.
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
17/49
BO XI 3.1 Administration and Security
17
Central Management Console (CMC)
To set the console preference
1. Log on to the CMC and click Preferences in the upper-right corner of the
CMC.
2. Set the preference as required.
The Web Intelligence, Desktop Intelligence, Crystal Reports, Dashboard
and Analytics, and Change Password preferences work exactly the waythey do in InfoView, though they affect the behavior of objects in the CMC
as well. For a full explanation of those settings, refer to Setting
Preferences in the BusinessObjects Enterprise InfoView User's Guide.
3. Click OK.
Making initial security settingsAs part of the installation, BusinessObjects Enterprise creates an
Administrator account and a Guest account that do not have passwords
change the Administrator password
Note: If you disable the Guest account, you also disable the anonymous
single sign-on functionality of BusinessObjects Enterprise.
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
18/49
BO XI 3.1 Administration and Security
18
Managing Licenses
The License Keys area identifies the number of concurrent, named, and
processor licenses associated with each key.
To view license information
1. Go to the License Keys management area of the CMC.
2. Select a license key.
The details associated with the key appear in the Licensing Information
area.
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
19/49
BO XI 3.1 Administration and Security
19
Managing Licenses
To add a license key
1. Go to the License Keys management area of the CMC.
2. Type the key in the Add Key field.
Note: Key codes are case-sensitive.3. Click Add.
The key is added to the list.
To view current account activity
1. Go to the Settings management area of the CMC.2. Click View global system metrics.
This section displays current license usage, along with additional job
metrics.
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
20/49
BO XI 3.1 Administration and Security
20
Managing Licenses
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
21/49
BO XI 3.1 Administration and Security
21
Server Services
Core Services
Crystal Reports Desktop Intelligence
Performance Management
Voyager
Web Intelligence
Service categories are divided into core BusinessObjects Enterprise
services and services associated with specific Business Objects
components.
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
22/49
BO XI 3.1 Administration and Security
22
Server Status
Initializing
Starting
Running
Stopped
Stopping
Server Status displays the servers according to their current status. This
is a valuable tool for checking to see which of your servers are running or
stopped. If you are experiencing slow performance on the system, for
example, you can use the Server Status list to quickly determine if any of
your servers are in an abnormal state. Possible server states include the
following:
Failed
Enabled
Disabled
Waiting for resources
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
23/49
BO XI 3.1 Administration and Security
23
Server Services & Server Status
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
24/49
BO XI 3.1 Administration and Security
24
Server Intelligence Agent (SIA)
Server Intelligence Agent (SIA) manages Server Intelligence, the component
that processes the server management tasks. Server Intelligence is the
underlying server management architecture that simplifies the administration
and deployment of BusinessObjects Enterprise servers and services.
An SIA is deployed on each node within your BusinessObjects Enterprisedeployment. A node is a collection of BusinessObjects Enterprise servers,
running on the same host and managed by a single SIA.
it also monitors potential problems and automatically restarts servers that
have shut down unexpectedly
When you change a server's settings or add a new server in the CMC, theCMS notifies the SIA, and the SIA performs the task
It automatically configured during installation, but you can change
these default settings through the CCM
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
25/49
BO XI 3.1 Administration and Security
25
Server Nodes*
A node is a collection of BusinessObjects Enterprise servers, all running on
the same host and managed by a single Server Intelligence Agent (SIA).
Nodes are a new feature in this version of BusinessObjects Enterprise.
In previous versions, servers were associated with a particular machine. Nowthat servers are organized by node, it is much easier to transfer servers and
configuration settings between machines. You can also have multiple nodes
on a single host.
For example, if you want to be able to start and stop the CMS without
affecting other servers, you'll want to store it on a separate node
* New in Business Objects Enterprise 3.0
BO XI 3 1 Ad i i i d S i
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
26/49
BO XI 3.1 Administration and Security
26
Server Nodes
BO XI 3 1 Ad i i t ti d S it
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
27/49
BO XI 3.1 Administration and Security
27
Viewing and changing the status of Servers
1. Go to the "Servers" management area of the CMC.
The Servers List includes a State column that provides the status for
each server in the list.
2. If you want to view a list of all of the servers that currently have a particular
status, expand the Server Status option in the navigation tree and select
the status you want.A list of servers with the selected status appears in the Details pane.
Starting, stopping, and restarting servers
Tip: When you stop (or restart) a server, you terminate the server's process,
thereby stopping the server completely. If you want to prevent a server fromreceiving requests without actually stopping the server process, you can also
disable servers. We recommend that you disable servers before stopping
them so that they can finish processing any jobs they have in progress
BO XI 3 1 Ad i i t ti d S it
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
28/49
BO XI 3.1 Administration and Security
28
Cloning servers*
BusinessObjects Enterprise XI 3.0 now allows you to clone servers. In
previous versions of BusinessObjects Enterprise, you had to create a new
server instance and then configure all of the settings for that server.
Now, if you want to add a new server instance, you can clone a copy of anexisting server. The cloned server retains the configuration settings of the
original server. This can be particularly useful if you are expanding your
deployment and want to create new server instances that use almost all of
the same server configuration settings as an existing server
* New in Business Objects Enterprise 3.0
BO XI 3 1 Ad i i t ti d S it
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
29/49
BO XI 3.1 Administration and Security
29
Managing Users and Groups
User/Account managementUser/Account management can be thought of as all of the
tasks related to creating, mapping, changing, and organizing user and group information
Default user accounts:
Administrator - This user belongs to the Administrators and Everyone groups. An
administrator can perform all tasks in all BusinessObjects Enterprise applications (forexample, the CMC, CCM, Publishing Wizard, and InfoView).
Guest - This user belongs to the Everyone group. This account is enabled by
default, and is not assigned a password by the system. If you assign it a password, the
single sign-on to InfoView will be broken.
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
30/49
BO XI 3.1 Administration and Security
30
Managing Users and GroupsGroup management - Groups are collections of users who share the same account
privileges; therefore, you may create groups that are based on department, role, or location.Groups enable you to change the rights for users in one place (a group) instead of
modifying the rights for each user account individually.
Default Group Accounts:
Administrators
By default, the Administrators group contains only the Administrator user.
Everyone
Each user is a member of the Everyone group
Report Conversion Tool Users
Members of this group have accessto the Report Conversion Tool application.
Universe Designer Users
Users who belong to this group are granted access to the Universe Designerfolder and
the Connections folder. They can control who has access rights to the Designer
application. You must add users to this group as needed. By default, no user belongs to this
group.
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
31/49
BO XI 3.1 Administration and Security
31
Managing Users and GroupsAvailable authentication types:
Enterprise Use the system default Enterprise Authentication if you prefer to create
distinct accounts and groups for use with BusinessObjects Enterprise, or if you have not
already set up a hierarchy of users and groups in a Windows NT user database, an LDAP
directory server, or a Windows AD server.
Windows NT If you are working in a Windows NT environment, you can use existing
NT user accounts and groups in BusinessObjects Enterprise. When you map NT accounts to
BusinessObjects Enterprise, users are able to log on to BusinessObjects Enterprise
applications with their NT user name and password.
LDAP If you set up an LDAP directory server, you can use existing LDAP user accounts and
groups in BusinessObjects Enterprise. When you map LDAP accounts to BusinessObjects
Enterprise, users are able to access BusinessObjects Enterprise applications with their LDAPuser name and password.
Windows AD If you are working in a Windows 2000 environment, you can use existing AD
user accounts and groups in BusinessObjects Enterprise. When you map AD accounts to
BusinessObjects Enterprise, users are able to log on to BusinessObjects Enterprise
applications with their AD user name and password.
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
32/49
BO XI 3.1 Administration and Security
32
Managing Users and GroupsCreating a new user
1. Go to the "Users and Groups" management area of the CMC.
2. On the Manage menu, point to New and click New User. The "New User" dialog box
appears.
3. Select Enterprise from the Authentication Type list.
4. Type the account name, full name, email, and description information.Tip: Use the description area to include extra information about the user or account.
5. Specify the password information and settings.6. Select the connection type.
Choose Concurrent Userif this user belongs to a license agreement that states the
number of users allowed to be connected at one time.
Choose Named Userif this user belongs to a license agreement that associates a specific
user with a license. Named user licenses are useful for people who require access to
BusinessObjects Enterprise regardless of the number of other people who are currently
connected.
7. Click Save & Close.
Note : When a user logs off their web session on BusinsessObjects Enterprise by navigating to a non-BusinessObjects
Enterprise page or closing their web browser, their Enterprise session is not logged off and they still hold a license. The
Enterprise session will time out after approximately 24 hours. To end the user's Enterprise session and free the license for
use by others, the user must log out of BusinessObjects Enterprise
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
33/49
BO XI 3.1 Administration and Security
33
Managing Users and Groups
Managing Aliases
If a user has multiple accounts in BusinessObjects Enterprise, you can link the accounts using
the Assign Alias feature. This is useful when a user has a third-party account that is mapped to
Enterprise and an Enterprise account. By assigning an alias to the user, the user can log on
using either a third-party user name and password or an Enterprise user name and password.
Thus, an alias enables a user to log on via more than one authentication type.
1. Go to the "Users and Groups" management area of the CMC.
2. Select the user that you want to add an alias to.
3. On the Manage menu, click Properties.
The "Properties" dialog box appears.
4. Click New Alias.
5. Select the authentication type.
6. Type in the account name for the user.
7. Click Update.8. Click Save & Close to exit the "Properties" dialog box.
Note: For the system to create the third-party alias, the following criteria must be met:
The authentication tool needs to have been enabled in CMC.
The format of the account name must agree with the format required for the authentication type.
The user account must exist in the third-party authentication tool, and it must belong to a group that is mapped to
BusinessObjects Enterprise.
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
34/49
BO XI 3.1 Administration and Security
34
Setting Rights -How rights work
Rights are the base units for controlling user access to the objects, users,
applications, servers, and other features in BusinessObjects Enterprise. They
play an important role in securing the system by specifying the individual
actions that users can perform on objects.
It is important to note that rights are set on objects and folders rather than
on the who access them. For example, to
give a manager access to a particular folder, in the "Folders" area, you addthe manager to the access control list for the Folder. You cannot give the manager access by
configuring the manager's rights settings in the "Users and Groups" area
Each right on an object can be granted, denied, orunspecified.
Denial based security model , which means
- if a right is left unspecified, the right is denied.
- if settings result in a right being both granted and denied to a user or group, the right is
denied
principals (the users and groups)
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
35/49
BO XI 3.1 Administration and Security
35
Exception Rule If a right is explicitly set on a child object that contradicts the rightsinherited from the parent object, the right set on the child object overrides the inherited
rights.
which means -If a user is explicitly granted a right that the user's group is denied, the right
set on the user overrides the inherited rights and vice versa.
Access levels
Access levels are groups of rights that users frequently need. They allow
administrators to set common security levels quickly and uniformly rather
than requiring that individual rights be set one by one.
BusinessObjects Enterprise comes with Predefined access levelsThese predefined access levels are based on a model of increasing rights:
Beginning with View and ending with Full Control, each access level builds
upon the rights granted by the previous level.
Setting Rights -How rights work
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
36/49
BO XI 3.1 Administration and Security
36
Setting Rights -How rights work
Predefined access levels:
View If set on the folder level, a principal can view the folder, objects within the folder, and
each object's generated instances. If set at the object level, a principal can view the object,
its history, and its generated instances
ScheduleA principal can generate instances by scheduling an object to run against a
specified data source once or on a recurring basis. The principal can view, delete, and
pause the scheduling of instances that they own. They can also schedule to different
formats and destinations, set parameters and database logon information, choose servers
to process jobs, add contents to the folder, and copy the object or folder. (plus View access
level rights)
View On DemandA principal can refresh data on demand against a data source. (plusSchedule access level rights)
Full ControlA principal has full administrative control of the object
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
37/49
BO XI 3.1 Administration and Security
37
Setting Rights -How rights workInheritance - BusinessObjects Enterprise recognizes two types of inheritance:
Group inheritance
Group inheritance allows principals to inherit rights as the result of group
membership. Group inheritance proves especially useful when you organize
all of your users into groups that coincide with your organization's current
security conventions.
Folder inheritance
Folder inheritance allows principals to inherit any rights that they have been
granted on an object's parent folder. Folder inheritance proves especially
useful when you organize BusinessObjects Enterprise content into a folder hierarchy that
reflects your organization's current security conventions
Exception In general, the rights that are set on child objects override the rights that are set on parent objects.
In general, the rights that are set on subgroups or members of groups override the rights that are set on
groups.
Note: You can break the Inheritance but when inheritance is broken, it is broken for all rights; it is not
possible to turn off inheritance for some rights but not for others.
BO XI 3 1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
38/49
BO XI 3.1 Administration and Security
38
Setting RightsBest Practices
Use access levels wherever possible. These predefined sets of rights simplifyadministration by grouping together rights associated with common user needs
Set rights and access levels on top-level folders. Enabling inheritance will allow these
rights to be passed down through the system with minimal administrative intervention
Avoid breaking inheritance whenever possible. By doing so, you can reduce the amount
of time it takes to secure the content that you have added
Set appropriate rights for users and groups at the folder level, then publish objects to that
folder. By default, users or groups who have rights to a folder will inherit the same rights for
any object that you subsequently publish to that folder
Organize users into user groups, assign access levels and rights to the entire group, andassign access levels and rights to specific members when necessary
Create individual Administrator accounts for each administrator in the system and add
them to the Administrators group to improve accountability for system changes
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
39/49
BO XI 3.1 Administration and Security
39
Managing Auditing
Auditing allows you to keep a record of significant events on BusinessObjects
Enterprise servers. These records give you a picture of what information is being accessed,
how it's being accessed, and who is looking at it.
The Central Management Server (CMS) acts as the system auditor and is responsible for
collecting events and writing them to the auditing database. When an audited event is
triggered, the server responsible will generate a record and store it in a local temporary fileand then at regular interval it writes the data to the auditing database.
Tip: While the audit database can exist as part of the system database, it is
recommended that it be kept separate, to minimize the impact on system
performance due to the constantly growing size of the database.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
40/49
BO XI 3.1 Administration and Security
40
Managing Auditing
Server auditing: This includes any automated operations that take placeon a server.
1.An auditable event is performed by the server.
2. The CMS-Auditee writes events in a temp file.
3. CMS-Auditor polls CMS-Auditee periodically (every five minutes by default ), and requests
a batch of auditing events, (up to 200 by default).4. The CMS-Auditee retrieves the temp files.
5. The CMS-Auditee transmits the events to the CMS-Auditor.
6. CMS-Auditor writes events to the auditing database, and the CMS-Auditee then deletes
the events from temp files.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
41/49
y
41
Managing AuditingClient logon auditing for clients connecting through CORBA: This includes
applications such as Desktop Intelligence or Web Intelligence Rich Client.
1. The client connects to CMS-Auditee. The client provides its IP address and machine
name, which the auditee then verifies.
2. The CMS-Auditee writes events in a temp file.
3. CMS-Auditor polls CMS-Auditee periodically (every five minutes by default ), andrequests a batch of auditing events, (up to 200 by default ).
4. The CMS-Auditee retrieves the temp files.
5. The CMS-Auditee transmits the events to the CMS-Auditor.
6. CMS-Auditor writes events to the auditing database, and the CMS-Auditee then deletes
the events from temp files.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
42/49
y
42
Managing AuditingClient logon auditing for clients connecting through HTTP: This includes
online applications such as Infoview, Central Management Console, DesktopIntelligence ZABO client, Web Intelligence Rich Client etc.
1. The browser connects to the web application server.
2. The web application server returns main logon page.
3. The logon data is submitted to the web application server
5. The CMS-auditee writes events in a temp file.
6. CMS-Auditor polls CMS-auditee periodically (every five
minutes by default ) and requests a batch of auditing events
(up to 200 by default).
7. The CMS-Auditee retrieves the temp files.
8. CMS-Auditee sends events to the CMS-Auditor.
9. CMS-Auditor writes events to the auditing database. CMS-
Auditee deletes events from the temp files.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
43/49
y
43
Managing Profiles
Profiles are objects in the BusinessObjects Enterprise system that let you classify users andgroups. Profiles link users and groups to profile values, which are values used to personalize
data within a report. Often profiles reflect the roles of users and groups in an organizational
structure. For example, you could have a Department profile that includes all employees in an
organization. have a Department profile that includes all employees in an organization. The
users and groups each have profile values that reflect their roles in the organization (for
example, Finance, Sales, and Marketing). When a publisher applies the Department
profile to a publication, the employees receive data that is relevant to their department.
Profiles do not control users' access to data. Profiles are used to refine or filter a document's
content.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
44/49
y
44
Backing up server configuration settings
The Import Wizard lets you to back up your server configuration settings to
a BIAR file, and then use that Business Intelligence Archive Resource (BIAR) to
restore those settings at a later date.
1. Specify the BusinessObjects Enterprise XI 3.0 system as the source
environment.
2. Specify Business Intelligence Archive Resource (BIAR) File as thedestination environment.
3. On the "Select objects to import" screen, select Export server
configuration, and click Next until the "Ready to Import" screen appears.
4. On the "Ready to Import" screen, click Finish to start the import.
The "Import Progress" screen appears. After the import is complete, the
dialog box displays a summary of the import.5. Click Done to close the Import Wizard.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
45/49
45
Restore server configuration settings
Note:
Before you restore the server configuration settings from a BIAR file, you
should first backup your existing configuration.
Do not restore server configuration settings from a Windows deployment
to a UNIX deployment or from a UNIX deployment on a Windows
deployment.
1.Specify the BIAR file that contains the server configuration settings that
you want to import as the source environment.
2. Specify your BusinessObjects Enterprise XI 3.0 system as the destination
environment.
3. On the "Select objects to import" screen, select Restore Full Cluster
Server Configuration, and click Next.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
46/49
46
Restore server configuration settings
4. On the "Import Scenarios" screen, specify what you want the Import Wizard to do if
it finds an object with the same unique identifier on the destination environment.
Update the destination object, in case of name conflict, rename it.
Update the destination object, in case of name conflict, do not rename it.
Do not import the object
5. On the "Incremental import" screen, select whether you want to overwrite object
contents or overwrite right contents.6. Click Next until the "Ready to Import" screen appears.
7. On the "Ready to Import" screen, click Finish.
The "Import Progress" screen appears. After the import is complete, the screen
displays a summary of the import.
8. Click Done to close the Import Wizard.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
47/49
47
Federation
Federation is a new feature available on the CMC in BusinessObjectsEnterprise. It is an important cross-site replication tool for working with multiple
BusinessObjects Enterprise deployments in a global environment.
Content can be created and managed from one BusinessObjects Enterprise
deployment and replicated to other BusinessObjects Enterprise deployments
across geographical sites on a recurring schedule. You can complete both
one-way replication and two-way replication jobs.
The benefits of Federation include the ability to:
Reduce network traffic
Create and manage content from a single site
Increase performance for end users
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
48/49
48
FederationWhen you replicate content using Federation, you can:
Simplify administration needs for multiple deployments Provide a consistent rights policy across multiple offices for global organizations
Obtain information faster and process reports at remote sites where data resides
Save time by retrieving local and dispersed data faster
Synchronize content from multiple deployments without writing custom code
The following scenarios highlight two examples of how your organization
can use Federation.
Scenario 1: Retail (centralized design)
ACME store wants to send a monthly sales report to the different store locations using the
one-way replication method. The administrator at the Origin site creates a report, which
administrators at each Destination site replicate and run against that store's database.
Scenario 2: Remote Schedule (distributed access)
The data is at the Origin site. Pending Replication Jobs are sent to the Origin site to run.Completed Replication Jobs are then sent back to the Destination sites for viewing. For
example, the data for a report may not be available on the Destination site, but the user
can set the reports to run on the Origin site before the completed report is sent back to the
Destination site.
BO XI 3.1 Administration and Security
7/27/2019 BO_XI 3.0 Administration and Security_v1.0
49/49
Thank You
Author: Rinkle Basumatary
Email: [email protected]
mailto:[email protected]:[email protected]