In this article:

Creating Service User Credentials

Saving Created Service User Credentials

Creating a Service User

A service user of security subsystem ensures:

NOTE. Creating a service user is required for a repository created based on the following DBMS: PostgreSQL, Oracle, or Microsoft SQL Server.

To create a service user of security subsystem in Linux OS:

  1. Create service user credentials on the database server.

IMPORTANT. Database server supports only a single service user account. If database server contains several repositories, create a service user with equal credentials for each repository.

  1. Save the created service user credentials on the computer with installed BI server.

After executing the operations, a service user of security subsystem will be created on the database server and saved according to the selected method on the computer with installed BI server.

TIP. It is recommended to disable the mandatory periodic password change policy for an account of service user of security subsystem in DBMS.

To change password of the existing service user of security subsystem, use the following scripts:

ALTER ROLE "SERVICE_USER_NAME" WITH PASSWORD 'NEW_PASSWORD';

ALTER USER SERVICE_USER_NAME IDENTIFIED BY 'NEW_PASSWORD';

ALTER LOGIN SERVICE_USER_NAME WITH PASSWORD = 'NEW_PASSWORD';

Where:

Creating Service User Credentials

To create service user credentials, start the PP.Util utility located in the folder with installed BI server: /opt/foresight/fp10.x-biserver/bin.

NOTE. When service user credentials are created, the AnalyticsPlatform feature is requested. Study the methods for specifying the LSFORCEHOST or LSHOST system variable before executing PP.Util_start.sh.

To start the application, use the PP.Util_start.sh script with the following parameters:

sudo ./PP.Util_start.sh /create_audit_user metabase_id login password audit_login audit_password db_login db_password

Where:

NOTE. The repository with the specified identifier should be in the repositories list. If a custom schema is specified in repository connection settings, service user credentials will be created for it.

NOTE. The P4AUDIT service user name is reserved by the system and cannot be used.

After executing the operations, service user credentials are created on the database server.

Saving Created Service User Credentials

To save created service user credentials on the computer with installed BI server, start the PP.Util utility located in the folder with installed BI server: /opt/foresight/fp10.x-biserver/bin. To start the application, use the PP.Util_start.sh script with the following parameters:

sudo ./PP.Util_start.sh /save_audit_creds /ALG enc_alg realm|/DC login password

Where:

IMPORTANT. To ensure security during production operation of Foresight Analytics Platform, use the gos or pro value.

Optional parameter. If the parameter is not set, the default value is used.

In Windows OS, credentials will be stored in the settings.xml file located at %PROGRAMDATA%\Foresight\Foresight Analytics Platform.

NOTE. The ProgramData folder is hidden in the operating system by default.

If the file exists in the specified folders, it will be overwritten. If there is not such a file, it will be created.

Optional parameter, it is used only in Windows OS. If the parameter is not set, the default value is used.

In Linux OS, credentials can be stored only in the settings.xml file located at: /opt/foresight/fp10.x-biserver/etc.

NOTE. When setting up repository connection on each client computer or on the computer with installed BI server, IP address or server alias must match with the server specified in the SERVER_DATABASE parameter.

For example: "127.0.0.1|POSTGRES".

NOTE. To avoid syntax errors, enclose the value in quotation marks.

Mandatory parameter.

IMPORTANT. A service user can be locked on an attempt to log in to the repository if his credentials added using the PP.Util utility mismatch the source credentials specified on creating a user. To unlock the service user, contact DBMS administrator.

See also:

Creating and Managing Metadata Repositories | Linux Repository Manager