If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Cognos Portal Access

Started by kc9400, 19 Oct 2015 08:22:05 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

kc9400

19 Oct 2015 08:22:05 AM Last Edit: 19 Oct 2015 08:23:59 AM by kc9400
Good afternoon all,

I'm struggling to configure the Cognos Portal security. The aim of this is to secure the Cognos portal so that anonymous users can't get into it. Disabling anonymous in the Confguration doesn't work because this also prevents the user running the report from the default action url without logging in.

All reports are accessed via a secure portal where the user clicks a link and the link is pointed to the Default Action URL of a report.

If I remove the 'Everyone' group from the System Administrators role I can no longer run the reports as I get errors regarding access to packages. I've setup a new group for users (includes everyone and anonymous) and added Traverse, Execute, and Read permissions and I've added this group to the report permssions and to the package and it still doesn't run.

I've read a fair few documents and as far as I can tell it should work.

Does anyone have any tips on how to get this working?

If you need any further information let me know and I'll do what I can to provide it.

Thanks

When life gives you lemons, throw them at someone.

Northern_Monkey

#1
04 Nov 2015 05:06:17 AM
Seems you're in a pickle.
I always remove the 'everyone group' from the sys admin group. Do you really want everyone to be able to take down services from within cognos admin?
Do you have an LDAP provider?

I think you may need a broader security plan.

For example, I remove 'everyone' from all roles.
I then assign the users/groups from the external security namespace to a role(s). These roles are then used in conjunction with capabilities.
Examples of Roles/Group created:
Admin
Consumer
Report Developers

I then assign users to these groups.

In the short term, an option from the cognos config you want to look at is:
'Restrict access to member of the built in nampespace'.

bdbits

#2
06 Nov 2015 04:55:04 PM
If you've got everyone with System Administrators you are likely in gross violation of your license agreement.

You should peruse the documentation here: http://www-01.ibm.com/support/knowledgecenter/SSEP7J_10.2.2/com.ibm.swg.ba.cognos.cbi.doc/welcome.html

Especially the Administer and Deploy > Business Intelligence Administration and Security Guide.

kc9400

#3
12 Nov 2015 08:35:09 AM
Thanks for the feedback so far, I'll be investigating further.

Hopefully I'll find a suitable solution
When life gives you lemons, throw them at someone.
Print
Go Up Pages1
User actions
BSP Software Documentation
MetaManager Documentation and Knowledgebase
Version Control Documentation and Knowledgebase
BSP Software Resources About Us
MetaManager BSP Software Training BSP Software
Integrated Control Suite YouTube Channel Micro Strategies Inc
Security Migration IBM Cognos
Integrated Management Suite