About former_member184468

former_member184468

Here I will outline the current process & steps for setting up single sign-on with your corporate identity provider (active directory) using ADFS (active directory federation services). SAP BusinessObjects Cloud supports SAML2.0, and should wor...

former_member184468

As you may know, SAP Analytics Cloud supports remote data sources. This allows for a hybrid approach where you are still not ready to go completely cloud, but want to utilize the fast and flexible deployment of a cloud solution. The purpose ...

former_member184468

Continuing with the security topics, I will cover the topic of staying up to date with security patches for BI.While SAP practices a complete security development lifecycle, the security landscape continues to evolve, and through both internal and ex...

former_member184468

Architectural & Deployment Differences between Lumira Server integration into BI4 (aka LIMA) and the new planned native BI4 Lumira integration.This article attempts to explain the planned changes between the BI add-on for SAP Lumira 1.x (LIMA) integr...

former_member184468

Communication to Identity providers like Active Directory, LDAP and SAP was covered in part 1, and securing the web tier was covered in part 2. Now let's look at the actually BI servers, like the Central Management Server, (CMS), File repository Se...

former_member184468

HANA's SAML defaults to SHA-1 encryption. ADFS (and a lot of others) default to SHA-256. Make sure both HANA & your IdP are set to the same strength. That's the most common mistake I see.

former_member184468

Yes it's encrypted by default. Most (hopefully all) applications that store passwords these days would not rely on a user to turn password encryption "on". That aspect is not configurable. And yes a "salt" is also used with the SHA-256 hashing t...

former_member184468

They are actually one and the same. The administration sections are contained in the user guide. I will update the term I use above to avoid confusion. Section 12.6.1 Remote System Connectivity via External Reverse Proxy as well as the direct htm...

former_member184468

With 4.1 SP6 & up you can setup the order in which SSO is tried.So you can have it try kerberos SSO first, followed by something else for example. See my the section "Can I setup multiple SSO options on a single system?" on the SSO overview page:

former_member184468

If you're using SAP cloud identity (SAP ID) then yes.If the system were setup with your own on premise identity provider, the integration is done via SAML, in which case, if your on premise identity provider is setup for 2 factor authentication, then...

User Statistics

User Activity

How to setup SAML with ActiveDirectory (ADFS)

Remote data access security explained

Keep up on vulnerabilities with security notes

Planned Native Integration of Lumira into BI Platform Details

Securing your BI Platform part 3 - Servers

Re: SAP HANA XS SAML SSO error

Re: Encryption & Data Security in BI 4.0

Re: Remote data access security explained

Re: Is it possible to have two SSO methods enabled?

Re: Lumira Cloud Security