If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Active Directory Search restriction

Started by sdf, 18 Dec 2018 12:48:50 PM

Previous topic - Next topic

sdf

Hi Gurus,

I wanted to know if there's something wrong in our Active Directory namespace setup or what we are having is an expected scenario.
in all our environments, when users navigate to Active Directory Namespace (admin users), the users are presented with the directories that they are allowed to traverse. But when the user is in the root folder of the AD namespace and do a search, the results shows all users and groups that belong to different OUs. It seems the whole AD is exposed to everyone.

Another case of such, when selecting recipients of a report send through email. Same scenario when doing search in the AD namespace.

This is true as well when using AD in framework manager for object/content security. When searching users, all results are shown for the whole AD regardless of the OU.

Is this a normal behavior or can we do something in Cognos side or AD side to prevent users from seeing AD objects that does not belong to their OU.

Hope you can shed some light.

sdf

Reinhard

Hi,

well, one of my customers had the same behavior but I cannot remember if we found any way to change this.

Regards,