Hello everyone.
My objective is to move from our corrupted/outdated Access Manager to Active Directory for our Cognos security.
In AD we have thousands of users and a complicated folder structure.
My question is this, when I go to Cognos Administration -> Security and I select the AD directory it displays ALL the users, and ALL the folders, and ALL the machine names that exist in AD. I only need to pull in about a hundred or so users for cognos. IS there a way to tell Cognos to pull in users only from a specific folder in AD? Instead of everything and everyone..
Note: Theoretically I would maintain the specific folder in AD and manually add a new users to cognos there, then assign roles and privileges in the cognos security portal
Currently running Cognos 10.1.1
Any comments on this are appreciated. Thanks. :)
The way that comes to mind to do this is to change from using "Active Directory" type to "LDAP" for connecting to your AD domain, and then changing your "Bind DN" to the specific folder where your users and groups are located.
There might be a way of doing this using the AD Advanced Properties, but I'm not sure what they are. I know you can specify Multi-Domain properties there, not sure about specific folders. Might be something you would want to open a PMR with IBM to figure out if you want to use native AD connection type.
From cognos I think no.
There will be some database for active directory ..right ?
Try if you can get access to that database then you can run queries on it according to your requirement.
Thanks for the replies Grim and Sunosoft !
I was able to speak to a business partner today and he said pulling everything in from AD doesn't affect Cognos performance, which is what I was worried about. It is annoying finding the users I need through the complicated AD structure however it is manageable I think.