Appendix

SQL Connection String Format

The connection string format shown below is to be used with the Enterprise BI Portal. You will need to replace a few pieces of information within the connection string;

• Server FQDN – This is the fully qualified domain name of the SQL server where your database is hosted.

• Database Name – The name of the database used during the database creation process.

Ensure you remove the <> values from the string, these are just to highlight tokenized parts of the connection string.

Server=<Server FQDN>;Initial Catalog=<Database Name>;Integrated Security=true TrustServerCertificate=True;Pooling=False;MultipleActiveResultSets=False;Encrypt=True;Connection Timeout=30;

Web Application Settings

These keys are required for the Enterprise BI Portal to function correctly. They must be entered during the application installation as per the below descriptions.

Key Name Value
ADFSMetadata This is the URL of your ADFS service WS Federation endpoint. (Ex. https://adfs.my.domain/FederationMetadata/2007-06/FederationMetadata.xml)
Wtrealm This is the URL of your web application followed by a trailing forward slash. (Ex. https://myportal.my.domain/)
BiPortalDb This is a SQL connection string for your web application. Please refer to SQL Connection String Format when entering this value.
BiPortalDb_DatabasePublish This is a SQL connection string for your web application. Please refer to SQL Connection String Format when entering this value.

ADFS Claim Descriptions

A pre-requisite to configuring the ADFS Relaying Party Trust for Enterprise BI Portal is that you configure the following Claim Description, if your ADFS has been configured to talk to Azure AD, this may already be present.

Key Name Value
Source user ID http://schemas.microsoft.com/LiveID/Federation/2008/05/ImmutableID

ADFS Custom Rule

This is the custom rule to apply to the Enterprise BI Portal ADFS Relying Trust.

c:[Type ==
"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname",
Issuer == "AD AUTHORITY"] => issue(store = "Active Directory", types =
("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn",
"http://schemas.xmlsoap.org/claims/Group",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
"http://schemas.microsoft.com/LiveID/Federation/2008/05/ImmutableID"), 
query = ";givenName,sn,displayName,mail,userPrincipalName,tokenGroups(objectGUID),sAMAccountName,objectGUID;{0}", param = c.Value);