We recently moved from Cognos Access Manager Security to Active Directory Security. In cognos cofiguration the AD namespace binding credentials is setup with an account that also is used as the log on to run the cognos services. Why this account was used for the binding credentials I am not sure. The consultant that originally set this up is long gone and of course it was the first time they had done this. That is the only thing this account is used for. In active directory we setup different cognos groups based on the division of the cmpy the user works for and attached the users to these folders. We attached these groups to the security at the report folder level and data level in framework manager. What is the recommendation on what the binding credentials account should be used? Any feedback would be appreciated. Thank you for your time.
You need an account that has access to browse the AD tree.
I tend to use the service account for binding credentials as the passwords tend to be set to not expire. Any account you use going forward may need to have that in mind.
Hi gatorfe,
Use your service account credentials rather than using any administrator or user credentials.
Regards
BVK