An Expanded Sample .xml File

This topic shows a sample XML configuration file that contains optional configuration elements in addition to the required elements you must configure to enable external authentication for Analytic Services.

Optional values that you modify are shown as bold. Click on any link to learn how to configure that optional parameter.

Note: Only optional elements have links in this topic. To learn how to configure required elements only, use the basic sample instead.
Note: The css-full.xml file that is installed to a subdirectory of HYPERION_HOME may be slightly different from the sample below, which is used for illustrative purposes in this documentation. You can either use these instructions to edit css-full.xml, or you can write your own XML file based on the sample below.
<?xml version="1.0" encoding="UTF-8" ?> 
  <css xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <spi>
      <provider>
        <ntlm name="ntlmServer">
          <trusted>false</trusted> 
          <domain>THIS_IS_DOMAIN_NAME</domain> 
          <maxSize>300</maxSize>
          <remoteServer>
             <location>//localhost:1099/NTLMImpl</location>
          </remoteServer>
        </ntlm>
        <ldap name="ldapServer">
          <trusted>true</trusted> 
          <url>ldap://host:portNo/DIT</url> 
          <userDN>cn=User Name</userDN> 
          <password>userPassword</password> 
          <authType>simple</authType> 
		   <!-- authType currently not changeable -->
          <authProtocol>ssl</authProtocol> 
          <maxSize>200</maxSize> 
          <identityAttribute>dn</identityAttribute> 
          <user>
            <url>ou=People</url> 
            <loginAttribute>uid</loginAttribute> 
            <fnAttribute>givenname</fnAttribute> 
            <snAttribute>sn</snAttribute> 
            <emailAttribute>mail</emailAttribute> 
            <objectclass>
               <entry>person</entry> 
               <entry>organizationalPerson</entry> 
               <entry>inetOrgPerson</entry> 
            </objectclass>
          </user>
          <group>
             <url>ou=Groups</url> 
             <nameAttribute>cn</nameAttribute> 
             <objectclass>
                <entry>groupofuniquenames?uniquemember</entry> 
                <entry>groupOfNames?member</entry> 
             </objectclass>
          </group>
        </ldap>
        <msad name="msadServer">
          <trusted>false</trusted> 
          <url>ldap://host:PortNo/DIT</url> 
          <userDN>cn=UserName</userDN> 
          <password>UserPassword</password> 
          <authType>simple</authType> 
		   <!-- authType currently not changeable -->		  
          <authProtocol>ssl</authProtocol> 
          <maxSize>200</maxSize> 
          <identityAttribute>dn</identityAttribute> 
          <user>
             <url>ou=people</url> 
               <loginAttribute>uid</loginAttribute> 
               <fnAttribute>givenname</fnAttribute> 
               <snAttribute>sn</snAttribute> 
               <emailAttribute>mail</emailAttribute> 
               <objectclass>
                  <entry>person</entry> 
                  <entry>organizationalPerson</entry> 
                  <entry>inetOrgPerson</entry> 
               </objectclass>
          </user>
          <group>
             <url>ou=Groups</url> 
             <nameAttribute>cn</nameAttribute> 
             <objectclass>
                <entry>groupofuniquenames?uniquemember</entry> 
                <entry>groupOfNames?member</entry> 
             </objectclass>
          </group>
        </msad>
      </provider>
    </spi>
    <searchOrder>
      <el>ntlmServer</el> 
      <el>ldapServer</el> 
      <el>msadServer</el> 
    </searchOrder>
    <token>
       <timeout>60</timeout> 
    </token>
    <logger>
      <priority>FATAL</priority> 
    </logger>
 <!-- <securityAgent name="NETEGRITY"/> For SiteMinder integration with web-based 
      Hyperion applications; not relevant to Analytic Services -->
  </css>

©2004 Hyperion Solutions Corporation. All Rights Reserved.
http://www.hyperion.com