Monday, April 15, 2013

OBIEE RPD password lost?

Is there a way around if password for OBIEE RPD is lost?

In the days of OBIEE 10g, we had an option in NQSCONFIG.ini file to bypass the authentication by changing authentication type, and setting it to bypass, using the following parameter:



When we save this file, after that RPD will open no matter what user ID / password is specified.

However, this security loophole was plugged in OBIEE 11g. If password for RPD is lost for 11g, starting from scratch might be the only option.

The above loophole can be especially dangerous, if someone can get a copy of production RPD, which points to production databases. It can be used (or misused) to build reports pointing directly to production databases (which does not require someone to know password for production database).


1 comment:

  1. That loophole was useful as well as very dangerous. It's a good thing that it was fixed in 11g.

    ReplyDelete