Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
- System Administrator
- Logon
- Splash Screen
- Launch or Stop the Business Analytics Application
- Configure CAC
- Licenses
- About Users, Roles, Resources, Permissions, LDAP, and Dimension Permissions
- Users and Roles - User Management
- Users and Roles - Role Management
- Users and Roles - Resource Management
- Users and Roles - LDAP Management
- LDAP in BusinessObjects
- Users and Roles - Dimension Permissions
- Settings
- Settings - Data Warehouse
- Settings - Foundation
- Settings - Single Sign On
- Settings - Pages
- Settings - Website
- Settings - Dashboard Settings
- Settings - Engine Settings
- Settings - Score Thresholds
- Settings - BA Settings
- Apache Web Server
- Security Recommendations
- LW-SSO
- Cryptography
- Set Up Java
- Localization and Globalization
- Xcelsius Reports
- Browsers and BOE Reports
- Notifications - Entity Report
- External Tools
- Migrate from a Development or Test Environment to Production
- Vertica Back Up
- Business Analytics Back Up
- Disaster and Recovery
Logon
You access the Dashboard, Studio, Explorer, and ADMIN tabs from the main logon page.
Note Only users with the required permissions can view specific tabs.
When you have completed your session, it is recommended that you log out to prevent unauthorized entry.
You access the IT Business Analytics application using a supported web browser, from any computer with a network connection (intranet or Internet) to the servers. It is recommended to restore your browser settings to default.
The level of access granted to a user depends on the user’s permissions. For details, see Users and Roles - User Management.
You can initially access the ADMIN tab through the IT Business Analytics logon page, using your administrator user name and password, created during installation.
Access the logon page
To access the logon page, enter:
- https://<Fully Qualified Domain Name>:<port>/ba. For details, see Apache Web Server.
The ADMIN tab is configured by default with Lightweight Single Sign-On (LW-SSO). LW-SSO enables you to log on and automatically have access to LW HP applications, without needing to log on to those applications. For details, see LW-SSO .
Change the default session timeout of the automatic Log out
Business Analytics automatically performs a security log out of the ITBA session. When the application is idle for a set amount of time the session times out, an automatic log out occurs, and the logon screen is displayed within the ITBA application. The timeout is set by default to 30 minutes.
Note The automatic log out works in conjunction with the ITBA ping interval, configured in Settings - Website. You must select the Enable Keepalive Session check box to enable the automatic session timeout. An automatic log out occurs only after the session timeout has been attained and only on a ping request. If the ping mechanism has been turned off, then no automatic log out occurs. If a user-initiated request comes in between the time of the timeout and the ping, then the session idle time will be reset and the timer will start over again.
Limitation: The session-timeout value cannot be larger than the default expirationPeriod value that is set at 60 minutes .
To configure a session-timeout value to more than 60 minutes, proceed as follows:
-
Configure the session-timeout value. Go to:
$HPBA_Home/glassfish/glassfish/domains/BTOA/applications/fndwar/WEB-INF/web.xml, and replace 30 below with the new session-timeout value:
<session-config> <session-timeout> 30 </session-timeout> </session-config> -
Go to the $HPBA_Home/glassfish/glassfish/domains/BTOA/config/settings/sso/lwssofmconf.xmlxs_ file and replace 120 in the string below with the new value:
<lwssoCreationRef id="ID000002" useHTTPOnly="true" secureHTTPCookie="true"> <lwssoValidationRef refid="ID000001"/> <expirationPeriod>120</expirationPeriod> </lwssoCreationRef> - Restart ITBA.
- Open the ITBA portal and let it sit idle. It will log out after 1 hour instead of the default 2 hours.
If you want to configure the interval to less than 1 hour, you only need to:
- Set the session timeout in the web.xml. Go to:
-
$HPBA_Home/glassfish/glassfish/domains/BTOA/applications/fndwar/WEB-INF/web.xml, and replace 30 below with the new session-timeout value:
<session-config> <session-timeout> 30 </session-timeout> </session-config> - Restart ITBA,
- Open the ITBA portal and let it is idle. It will log out after less than 1 hour.
Configure the default lockout on log on
ITBA logon allows you, by default, 5 consecutive logon attempts before a 15 minute lockout. You can configure the lockout parameters using the following properties file.
To configure the lockout parameters:
- Access the following file: $HPBA_Home/glassfish/glassfish/domains/BTOA/config/conf/bsf.properties.
-
Search for the following parameters:
- accountLockoutMaxAttempts=5
- accountLockoutLockoutPeriod=15
- Change the default logon attempts and lockout period. 0 means that there is no lockout time configured.
- Save and restart the Glassfish service.
Access the logon page and all tabs
-
In a web browser, enter the https://<Fully Qualified Domain Name>:<port>/ba URL.
-
Enter the username and password, and click Log On. After a successful logon, the user name appears at the top right of the application page.
-
Click the ADMIN tab to navigate the admin pages. Only users with the required permissions can view the ADMIN tab.
Note To log on for the first time, use your administrator password created during installation.
User Authentication
User authentication depends on your configuration. For details, see Users and authentication when working with SAP BusinessObjects and LDAP or without.
User Passwords
Passwords can be changed in the User Details pane of the User Management page. Click Edit Details to change a user's password. For details, see Users and Roles - User Management.
Note Depending on your configuration (working with or without SAP BusinessObjects and with or without LDAP), the handling of the password can be different. For details, see Users and authentication when working with SAP BusinessObjects and LDAP or without.
A password must contain the following:
-
At least 6 characters.
-
Characters in upper and lower case or numbers.
-
Must be different from username.
For example: the user name "Jhon" cannot have a "Jhon11" or "11Jhon" password.
Note
- Logon parameters are case-sensitive.
- If a password does not follow the correct conventions then the user is still created in SAP BusinessObjects Enterprise, however the password is not valid and must be changed.
Working with Secure Sockets Layer (SSL) in a Production Environment
You need to use https protocol to access the ITBA application.
https. When you use the https format:
-
IE and Chrome.
- When you use the https format to access the ITBA application, the security certificate issue is displayed. Click the security certificate. In the Certificate dialog box that opens, click the View Certificate link. In the wizard that opens, select the Place all certificates in the following store, select the Trusted Root Certification Authorities location, and click OK. Continue running the wizard. This warning message is not displayed again. The Data Warehouse application opens in SSL mode. After performing the logon operation, you can add the Business Analytics certificate in the successfully launched ITBA application page, not in the application page itself. When the Java security warning contains the correct publisher (Hewlett-Packard Company) you should accept the Java security warning by marking the Always trust content from this publisher check box in order for this popup not to be displayed again.
-
Firefox.
When you use the https format to access directly the ITBA application, and you work with Firefox, you must perform the following procedure:
-
Open the server using https. The following screen opens:
-
Click I Understand the Risks. The following page opens:
-
Click Add Exception. The following screen opens:
-
Click Confirm Security Exception.
-
Note When you use the https format and you want to access SAP BusinessObjects Enterprise reports, the reports are displayed using the http format.
Shared Secret Key
ITBA functionality requires a connection to SAP BusinessObjects Enterprise through a trusted authentication. In order to configure the trusted authentication policy you must define the shared secret key.
Note To change the shared secret key you must change the key in SAP BusinessObjects Enterprise, run the Maintenance Tool to update the BOE linkage and enter the absolute path of the new shared secret key including the file name. For details, see ..
Log out
You can log out by clicking Logout (in the top right corner of the application). The session closes. To log on again, you must provide the user and password.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to SW-Doc@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: