COGNOiSe.com - The IBM Cognos Community

General Discussion => General Discussion & Gossip => Topic started by: mmgudipati on 19 Mar 2009 10:56:52 PM

Title: Change password for users
Post by: mmgudipati on 19 Mar 2009 10:56:52 PM
how to change the passwords for users who use Cognos ReportNet and PowerPlay Enterprise Server?

please suugest
Title: Re: Change password for users
Post by: xiska on 03 Apr 2009 04:44:14 PM
Hi

Depending on your infrastructure it is somewhere between easy and impossible.
Lets assume you have a Series 7 Namespace single server default setup. This infra-case opens the following opportunities:
1. using the upfront part from the ppes. (stage basic)
2. use the iis with the challenge response as sso (stage basic)
3. integrate or use the CRN/C8 webservice to set up a request wich uses the batch mantanance API (stage basic and may result in errors)
4. use a servlet to make a change on next logon response (advanced with java know how)
....
Title: Re: Change password for users
Post by: ash123 on 23 Jun 2009 06:41:19 PM
Hi xiska 

i have a similar need to create web page to allow users to change their passord for logon to Cognos Connection 8. We are using Sun one LDAP as security in CAM.

Can you please detail out one of the best options step by step

Thanks a lot !
Title: Re: Change password for users
Post by: xiska on 18 Aug 2009 01:27:45 PM
Hi

Assuming a standard Series 7 configuration.
You need some knowledge about the Cognos AccessManager and the LDAP Server itself.
Try to log into the LDAP using the Sun One Server Console 5.x.
Go to the directory with the port 389 - usually named data52.
Goto o=Cognos,c=ca > Authentication data > default > camSignons > basic and you will see all users - lets say the logins to be more precise.
Then change the value of authmiscellaneous from <MiscellaneousData><PswdFrceChge base64=\"false\">0</PswdFrceChge></MiscellaneousData> to <MiscellaneousData><PswdFrceChge base64=\"false\">1</PswdFrceChge></MiscellaneousData>.
Try to log in and you will be asked for a new password.
You cannot get the login direct - first you get the name of the user.
The entrydn attribute will show the name of the Name object which can be found at o=Cognos,c=ca > Authentication data > default > camUsers.

That's for the structure.
You need a little jsp site which collects the username (out of the cookies) connects to the ldap using the ldapjdk.jar, sets the value for authmiscellaneous and disconnects.

Remember to make sure that you use a Series7 NS for this solution. Having a usual LDAP structure is similar.
A similar collection also works with NTLM.
Having a 15.2 or 16.0 schema will cause some trouble changing the password value - because there are 2 different encryption types while one is unknown.

Have fun!