Security Polcies Not Refreshing

[campbe07]

Howdy,

I a currently having an issue where when I change any security permissions on Cognos Connections through any set of properties, they still will note enable on the user.  I even changed a user from a Directory Administrator to a Consumer, and even after having him log out of the server entirely, when he logged back into cognos he could still use any of the studios, and has access to the administration piece.

I'm wondering when I click log off for this user, if it actually is logging off.  When I click logoff, and it takes me to the log on again screen, it takes me straight back to the Welcome page with the user already logged in, instead of to a login screen.  Is anyone else having this issue or have any advice?

Thanks,
campbe07

[josepherwin]

It might worth to Close all your IE after you logoff. Sometimes it still cache the information in regards to the user even after you press the logoff button.

Therefore, to clear up the cache, close all your IE and start over again.

[swordfish]

I concur with experience. You delete browser cache (cookies) and login again. That should solve it.

Regards
Swordfish

[campbe07]

UPDATE:  The issue was resolved by removing the everyone group from the System Administrator piece, which was there by default, as well as removing the everyone group from all other subsequent roles except the roles desired.

However, I am still having the issue where the login/logoff page is still not coming up.  It is just automatically signing in the user.  Any thoughts?

J

[CognosPolzovatel]

I'm not sure I fully understand your question, however, I think the following information should assist you:
In the Cognos Configuration, what do you have set for restrict access to members of the built-in namespace? True or False? This parameter allows for administrators to restrict user access to the application. Hence, if set to True, users can access the app. (Cognos) if they belong to at least one group/role in the built-in namespace.

Also, in the Cognos Configuration, under Security > Authentication and Cognos: what do you have set for Allow Anonymous access? This should be set to False. If this is set to True then the user will not be prompted to provide logon credentials. "The anonymous authentication uses a pre-defined account under which all anonymous users are logged in."

Finally, once you determine these above parameters (whatever meets your business needs):
In Cognos Connection, as admin, navigate to Tools > Capabilities (in Cognos 8.2). This is where roles/groups (recommended, versus adding users individually) tool access is controlled. I.e., whether the role/group should have access to 'see' & use Report Studio, Query Studio, etc.

Hope this helps.