If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Active Directory Search restriction

Started by sdf, 18 Dec 2018 12:48:50 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

sdf

18 Dec 2018 12:48:50 PM
Hi Gurus,

I wanted to know if there's something wrong in our Active Directory namespace setup or what we are having is an expected scenario.
in all our environments, when users navigate to Active Directory Namespace (admin users), the users are presented with the directories that they are allowed to traverse. But when the user is in the root folder of the AD namespace and do a search, the results shows all users and groups that belong to different OUs. It seems the whole AD is exposed to everyone.

Another case of such, when selecting recipients of a report send through email. Same scenario when doing search in the AD namespace.

This is true as well when using AD in framework manager for object/content security. When searching users, all results are shown for the whole AD regardless of the OU.

Is this a normal behavior or can we do something in Cognos side or AD side to prevent users from seeing AD objects that does not belong to their OU.

Hope you can shed some light.

sdf

Reinhard

#1
19 Dec 2018 07:17:21 AM
Hi,

well, one of my customers had the same behavior but I cannot remember if we found any way to change this.

Regards,
Print
Go Up Pages1
User actions
BSP Software Documentation
MetaManager Documentation and Knowledgebase
Version Control Documentation and Knowledgebase
BSP Software Resources About Us
MetaManager BSP Software Training BSP Software
Integrated Control Suite YouTube Channel Micro Strategies Inc
Security Migration IBM Cognos
Integrated Management Suite