If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

enrty level access/deleting user related queries

Started by venkys4u_, 06 Jan 2012 12:30:06 AM

Previous topic - Next topic

venkys4u_

I tried these stuffs in 8.3

Question1
related to user account deleted in active directory

1.created a user (NTLM active directory), using that user id I created some reports and gave access to query studio

2.Deleted the user ID from the computer manage instead of disabling the user..

3.Tried content store consistency check -> find and fix..( I guess my folders of the user will be deleted)

4.checked the permission,members in the query studio properties.. ( now I can see  as "unavailable" for the user which i deleted and there is no user name or any check box to remove it)

Is it not possible to deleted the entry  name "unavailable" from the properties of query studio capabalities? what can we do further with this?


Question 2:
I dont no how about in a real cognos environment but i tried using learning version at personal computer
when I add a new user account in computer manage, the user id is getting pulled to NTLM namespace but the user is getting into the group of
All authenticated users, everyone and the user is able to see all the restricted folders.. It seems like any person in an organisation who have access to computer can see any folders, reports in cognos..

Could you please share your experience in securing the environment when a new user added to the active directory?

thanks for ur time
venky

MFGF

1. You should simply be able to check the "unavailable" entry in Query Studio capabiliities and remove it. If not, try running the Find and Fix consistency check again.

2. Every single user of the Cognos instance will belong to the Everyone group (hence the name), and anyone who logs in (ie everyone except anonymous users) will belong to the All Authenticated Users group.  This is entirely by design and is correct behaviour. All you need to do to secure your system is to remove access to relevant folders for the Everyone group and the All Authenticated Users group.

Regards,

MF.
Meep!

venkys4u_

#2
3 thanks to u MFGF..

1.I didnt get check box for the entry "unavailable" however I ll try once again and let u know.. (by the by I have done it twice i think)

2.Is it not possible to do anything like restricting everyone or all authenticate user group other than removing them from the folders whatever i create? also Is it not possible to restrict other users whom I dont want to give permission to them? i mean other than disable the user account(suppose there is be 1000 users in MMC/NTLM but I want only 50 users to access cognos and other users should be kept away from cognos .. what is the best way to make it)

Thanks for ur time
venky

lia

I have the same problem. Without adding the users from NTLM, the users are able to login and see the contents in Cognos portal. How to restrict the users and i want to give access to only those users who are in Cognos namespace.

Anybody solved this issue before..

thanks