If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Status Tab: Grant access to a new group

Started by marcebna, 26 Sep 2016 10:20:41 AM

Previous topic - Next topic

marcebna

In Cognos 10.2.1, Which permissions are required to grant access to all Status tab content and see all activities to a new profile/group?

Seems that granting Read, Execute and Traverse to "Run activities and schedules" secured function is not enough. With this permissions, the members just see part of the information, not all the data that a System Administrator sees. On the parent secured function ( Administration ) the group has Traverse and Execute permissons.

As result, users (group members) should access to ALL Current Activities, Past Activities, Upcoming Activities and
Schedules on the Status tab in IBM Cognos Administration
Thanks

bdbits

I do not know the answer offhand, but be very careful granting permissions to anything normally designated only to System Administrators. Should your licensing be audited, this could result in all those people given the permissions being considered admins and requiring the expensive admin licensing.

marcebna

Tanks, I'll take that advice. The assignment is to just see the Status tab and view activities. Beyond licencing issues, I would like to know which permissions are needed.

MFGF

Quote from: marcebna on 28 Sep 2016 10:08:58 AM
Tanks, I'll take that advice. The assignment is to just see the Status tab and view activities. Beyond licencing issues, I would like to know which permissions are needed.

Hi,

You really need to push back on this. Granting users access to the System Administration console means they are then classed as Administrator users - whatever further privileges you deny. I heard of a situation where IBM discovered this had inadvertently been done by a client. The compliance charge that resulted had many zeros at the end of it. There's no point in spending time researching how to manipulate the permissions if you're not going to be able to do this while remaining within your license terms. You really should take bdbits seriously - he's potentially saving your business from an error that could cost a LOT of money...

Just my tuppence (or 2c elsewhere in the world) :)

MF.
Meep!

marcebna

Again, the role with this permission assigned is considered as administrator and the licencing is in correspondence. We are not talking about licencing, but that all the assignments needed for a role to see ALL  the activities (current, past & scheduled)

We have a role in charge of monitoring this part, but granting Read, Execute and Traverse to "Run activities and schedules" secured function is not enough. With this permissions, the members just see part of the information, not all the data that a System Administrator sees. On the parent secured function ( Administration ) the group has Traverse and Execute permissons.

As result, Role Members (licence as administrators paid!) should access to ALL Current Activities, Past Activities, Upcoming Activities and Schedules on the Status tab in IBM Cognos Administration