BO SSO with AD and Row Level Security of BW universe
i've my BO XI3.1 authorizations configured using Active Directory SSO and its working so great, but lately we i had to connect to some BW universes and apply some row level restrictions for those BW universe without using the BW security methods.
i tried to use aliases but it didnt work as the passwords are not identical for both systems (AD and BW)
any solution for this issue?
Greg Wcislo replied
STS is a replacement/enhancement of the SNC trust that was used in xir3.
I have it described in some more detail here http://scn.sap.com/docs/DOC-33875
The xir3 method of SSO to BW is still supported in BI4, and which one you use will depend on which clients you are using.
Now I have to confess that I'm not an expert on the user replication of AD to BW workflow. If in this case BW is really just replicating the user accounts but maintains its own passwords for those users in BW (in other words it is not really relying on AD to perform the actual authentication but just making a copy of user accounts) then indeed the option you describe would work, because the actual authentication would be performed by BW still, meaning that the trust established between BI4 and BW would still allow for SSO.