Do you know how to implement the security in this scenario?

[jzhang]

I work in an organization where there are lots of structures. Setting up security for this organization is quite a challenge for me. I am looking for someone who have experience in security design/implementation to cast some insight on me. So here is the situation. How can I limit access to a folder in Cognos Connection to users who belong to both groups/roles? For example, I have a FolderA in Public Folder and I only want users who belong to both Sales AND HR groups to have access to this folder, not either one. I don't want to create another group such as SalesAndHR because as the number of departments increase, the number of groups I have to create also multiplies and it will eventually get out of hand. I cannot just add both groups to the permission property of the folder either because this will allow users from either group to have access (remember that I only want users who belong to BOTH groups to have access). If anyone can show me a clean way to approach it, I would greatly appreciate it. Thanks in advance.

[MMcBride]

I understand you may not want to create the extra groups but in this case I am not sure that you have much of a choice.

Cognos Security is set up as an "Or" type security. By this I mean you can say "access to this folder belongs to Group_1 OR Group_2."

What your trying to do is set up security based on an "AND" type security. "Access is only granted if user is in Group_1 AND Group_2"

Keep looking as I am interested to see if someone can find a way around this but I wouldn't get my hopes to high if I were you.