If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Can Cognos use 2 LDAP

Started by cogtrack, 03 May 2013 09:25:31 AM

Previous topic - Next topic

cogtrack

Currently in cognos configuration-->Security-->Authentication, there is one LDAP(use Active Directory 1). I want to add 2nd LDAP as new namespace, use different AD server, will it work?
what I want to achieve is I can switch the LDAP, allow different user under different AD server to access Cognos.
Thank you.

Olivier

Hi,

yes you can do it via Cognos configuration (right click authentication) but users will be prompted to choose authentication source when accessing portal.

To avoid such a behavior, you can install a second gateway and force the namespace to be used so that users are not prompted.
The way I did it :

Install Gateway components in a separate folder
Open Cognos configuration of the new cognos installation and setup your new authentication source
In the environment setup, fill in the gateway namespace based on the name you defined
Setup  IIS to configure a new virtual directory using a different name (ex. cognos8_B)
and you are done...

Keep in mind that people in authentication source 1 might not be able to see objects (reports, ...) of authentication source 2 and reverse.

Hope it helps

Have a nice WE

Olivier

cogtrack

Super...Thanks a lot Olivier

karun218

Hi All ,

The thread may be old. But I have question here.

I am also having similar requirement where I need to configure 2 different LDAP  namespaces . The reason to configure 2 namespaces is LDAP2 is backup for LDAP1. So when ever the LDAP1 server is down automatically LDAP2 namespace should be active.

In the above scenario , If the same user is logging into the application they should be able to all content Irrespective if namespace.

Note *: LDAP 1 server has same user structure as of LDAP2

Please suggest

Thank you

Regards
Karun

MFGF

Quote from: karun218 on 26 Aug 2014 03:03:20 AM
Hi All ,

The thread may be old. But I have question here.

I am also having similar requirement where I need to configure 2 different LDAP  namespaces . The reason to configure 2 namespaces is LDAP2 is backup for LDAP1. So when ever the LDAP1 server is down automatically LDAP2 namespace should be active.

In the above scenario , If the same user is logging into the application they should be able to all content Irrespective if namespace.

Note *: LDAP 1 server has same user structure as of LDAP2

Please suggest

Thank you

Regards
Karun

Hi,

That's not going to work the way you hope. Adding a second namespace (albeit with the same users) will in all likelihood mean that the users in each namespace have different CAMIDs within Cognos, so Cognos will not recognise them as the same user, even though they have the same name. This means you would need to duplicate all of the current security restrictions for the users and groups in the second namespace, and any new rules you define moving forwards would need to be defined twice, which is a horrible overhead.

You don't specify what LDAP you are using, but generally LDAP providers support failover in their own right using their own technologies. This sounds like a better bet to me.

MF.
Meep!

ricky_ru

Step 7

Specify the values for the Host and port property.
To support Active Directory Server failover, you can specify the domain name instead of a specific domain controller. For example, use mydomain.com:389 instead of dc1.mydomain.com:389.

https://www.ibm.com/support/knowledgecenter/en/SSEP7J_10.2.1/com.ibm.swg.ba.cognos.c8pp_inst.10.2.1.doc/t_ap_active_dir_srvr.html