OBIEE 11g Security - Creating Users, Groups and catalog permissions

1) Log in to Oracle WebLogic Serverr by entering its URL into a Web browser.

For example, http://hostname:7001/console.

2) Log in using the Oracle Business Intelligence administrative user and password and click Login.

The Administration Console displays.

3) In Oracle WebLogic Server Administration Console, select Security Realms from the left pane and click the realm you are configuring. For example, myrealm.

4) Select Users and Groups tab, then Users. Click New.

5) In the Create a New User page provide the following information:

1. Name: Enter the name of the user. See online help for a list of invalid characters.\(Optional) Description: Enter a description.
2. Provider: Select the authentication provider from the list that corresponds to the identity store where the user information is contained. DefaultAuthenticator is the name for the default authentication provider.
3. Password: Enter a password for the user that is at least 8 characters long.
4. Confirm Password: Re-enter the user password.

Note: User name and Password should not be same,If not you will get below error message.

6) Click OK. The user name is added to the User table.

7) To create group repeat the steps 3,4 .Now select Groups tab

8) Created group as "MyGroup" and assigned the BIAdministrator role .More on roles Click here

9) In Oracle Business Intelligence, you use Fusion Middleware Control(EM) to mange Application Roles and Application Policies that provide permissions for Users and Groups.

10) Launch Fusion Middleware Control by entering its URL into a Web browser. The URL includes the name of the host and the administration port number assigned during the installation. This URL takes the following form: http://hostname:port_number/em. The default port is 7001.

11) From the target navigation pane, open Business Intelligence and select coreapplication. Display the Security menu by selecting one of the following methods:
Right-click coreapplication, then select Security to display a submenu with Application Policies and Application Roles as options.

You can check Default Application Roles available

12) From the target navigation pane, open WebLogic Domain and select bifoundation_domain. Display the Security menu by selecting one of the following methods:
Right-click bifoundation_domain, then select Security to display a submenu.

13) Select Application Stripe to Search, then select obi from the list. Click the search icon next to Role Name.

14) Click on "Create" button add details as below and also assign the Roles and users to newly creating group

15) If you want to customize the Application Polices do the same as Step 12,13,14 .

16) Open the Repository Tools-->Identity

Below image shows you the users and groups that we created in Weblogic Console,double click on the User(saichand_user) you can find saichand belongs to NewRole group.

17) Setting permission to the catalog login to analytics as a Admin user the username and password are the same as that we used at installation time(weblogic).

Click on Permission after logging to the analytics.

18) Set the permissions to the folder as "Full control" ( in my example)

19) Logout and sign in as user that you created(saichand_user) ,now you are able to see dashboard observe the user name Signed In as youruser_name

For creating users in bulk mode check this http://www.varanasisaichand.com/2013/09/creating-users-in-bulk-using-wlst.html

Reference : http://download.oracle.com/docs/cd/E14571_01/bi.1111/e10543/authentication.htm#CACBCCJB