If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Data Level Security

Started by gatorfe, 09 Jul 2014 10:14:15 AM

Previous topic - Next topic

gatorfe

Currently we have data security setup in Framework Manager under Actions-->Specify Data Security.  It is becoming too manual though as the filters(cmpy, facility, whs) are changing too often and it is time consuming to change all the folders in the model.  Is there any other way to have security at the data level?  We dont want users that run a report in one division to see data for another division.  We have 8 divisions in all.  We are still using Access Manager but are working to move to Active Directory.  This is a cognos 10.2.1 BI environment with 200 users using relational sql db. Thank in advance for any suggestions!

Grim

DB data level security using LDAP. Push the administration of data level security on the DB. You'd then have to configure the Data source connection to use an external namespace.
"Honorary Master of IBM Links"- MFGF
Certified IBM C8 & C10 Admin, Gamer, Geek and all around nice guy.
<-Applaud if my rant helped! 8)

cognostechie

Quote from: gatorfe on 09 Jul 2014 10:14:15 AM
Currently we have data security setup in Framework Manager under Actions-->Specify Data Security.  It is becoming too manual though as the filters(cmpy, facility, whs) are changing too often and it is time consuming to change all the folders in the model.  Is there any other way to have security at the data level?  We dont want users that run a report in one division to see data for another division.  We have 8 divisions in all.  We are still using Access Manager but are working to move to Active Directory.  This is a cognos 10.2.1 BI environment with 200 users using relational sql db. Thank in advance for any suggestions!

Try using a parameter map and cognos macros. I recently implemented security in a way that when the executives run the report, they see all data, when the division incharge runs the same report, he gets to see only his division's data and when a user runs the report who is not authorized, he/she doesn't see any data.  It is not done with the data security but rather putting values on the dimension tables, then creating some roles on cognos admin and then checking the access level using
a parameter map, determining the access level using cognos macros and then applying filters.

gatorfe

Thank you for the information Grim and cognostechie.  Do either of you have any documentation on how to implement your suggestions?  If so we would greatly appreciate the info.  Thanks again.