We are on 11.0.6 with security to Active Directory. Users that are not in any roles or groups can still log into Cognos although they cannot do anything. Is there a way to ensure that only users that are in the AD groups that are tied to a Cognos role can get past that sign in screen? Thanks in advance!
Disable Anonymous, Everyone.
The group All Authenticated Users is the one that allows all AD users access to Cognos.
You will have to hunt through and find the above three and decided which ones you need disabled. Though if you disable all three, then all that is left after the specific groups and users you have brought across.
Make sure you have added yourself to the System Administrators bucket so you don't lock yourself out of the portal.
To solve this issue simply set the property "Restrict access to members of the built-in namespace" to true in Cognos Configuration > Security > Authentication
Description:
This parameter allows administrators to restrict user access to the application.
When this parameter is enabled, users can only access the application if they belong to at least one group or role within the built-in namespace (does not include the group "All Authenticated Users").
Good luck,
RA