Configuring an LDAP namespace for Oracle Directory Server
If you configure a new LDAP namespace for use with an Oracle Directory Server, default
values are generated for you.
Procedure
- In every location where you installed Content Manager, open IBM® Cognos® Configuration.
- In the Explorer window, under Security, right-click Authentication, and then click New resource > Namespace.
- In the Name box, type a name for your authentication namespace.
-
In the Type list, click LDAP - Default values for Oracle
Directory Server and then click OK.
The new authentication namespace resource appears in the Explorer window, under the Authentication component. Check them and make changes as needed.
- In the Properties window, for the Namespace
ID property, specify a unique identifier for the namespace.
Tip: Do not use colons (:) in the Namespace ID property.
- Specify the values for all other required properties to
ensure that IBM Cognos can locate and use your existing authentication
namespace.
The following settings are examples:
- For User lookup, enter (uid=${userID})
- If you use single signon, for Use external identity, set the value to True.
- If you use single signon, for External identity mapping,
specify any attribute, such as the NT user domain ID or the user ID:
(ntuserdomainid=$environment("REMOTE_USER")})
(uid=${environment("REMOTE_USER")})
Important: Ensure that you use only the variable REMOTE_USER. Using another variable can cause a security vulnerability. - For Unique identifier, type nsuniqueid
- If you want the LDAP authentication provider to bind to the directory
server by using a specific Bind user DN and password when you perform
searches, then specify these values.
If no values are specified, the LDAP authentication provider binds as anonymous.
- If you do not use external identity mapping, use bind credentials for
searching the LDAP directory server by doing the following steps:
- Ensure that Use external identity is set to False.
- Set Use bind credentials for search to True.
- Specify the user ID and password for Bind user DN and password.
- From the File menu, click Save.