Provider Search Order

Configuring the search order provides Analytic Services with the ability to access multiple external-authentication providers sequentially. Search order must be defined even if there is only a single authentication provider; in this case, the search order property has a single entry.

To set the order in which Analytic Services will search providers for valid authentication credentials:

  1. Locate the following section of the XML configuration file:
    <searchOrder> 
     <el>ntlm1</el> 
     <el>ldap1</el> 
     <el>msad1</el>
     <el>ntlm2</el> 
     <el>ldap2</el> 
    </searchOrder>
    
  2. Move the <el> sections around as needed to place the provider types in the order that they should be searched whenever a user tries to log on to Analytic Services. Place the provider containing the most users first in the search order, if that information is known.

    For example, with the following search-order configuration, the LDAP provider would be searched first for user information.

    <searchOrder> 
     <el>ldap1</el>
     <el>ntlm1</el> 
     <el>msad1</el> 
    </searchOrder>
    
    You can add or remove providers as needed. For example, the <el>ldap2</e> section in the sample might be used if you have a second LDAP provider.


  3. If you are using an LDAP provider, between the appropriate <el></el> tags, replace ldap1 with the desired name to represent the configuration for the LDAP server.
    Important: The name must be the same as the name that you specify in the LDAP provider section. See Provider Configuration Names.


  4. If you are using an NT LAN Manager provider, between the appropriate <el></el> tags, replace ntlm1 with the desired name to represent the configuration for the NTLM provider.
    Important: The name must be the same as the name that you specify in the NTLM provider section. See Provider Configuration Names.


  5. If you are using an Active Directory provider, between the appropriate <el></el> tags, replace msad1 with the desired name to represent the configuration for the Active Directory server.
    Important: The name must be the same as the name that you specify in the MSAD provider section. See Provider Configuration Names.


©2004 Hyperion Solutions Corporation. All Rights Reserved.
http://www.hyperion.com