If you configured SiteMinder for more than one user directory, you must use the
SiteMinder namespace type in IBM®
Cognos® Configuration. After you add the SiteMinder
namespace, you must also add a corresponding LDAP namespace for each user directory in your
SiteMinder environment.
You
can also use the SiteMinder namespace type
if users are stored in an LDAP server or an Active Directory server.
You
can hide namespaces from users during login. You can have trusted
signon namespaces without showing them on the namespace selection
list that is presented when users login. For example, you want to
integrate single sign-on across systems but maintain the ability for
customers to authenticate directly to IBM Cognos without being prompted
to choose a namespace.
Before you begin
To use the SiteMinder namespace, you must obtain the required SiteMinder
library files, which are shown in the following table, and add the files to the appropriate library
path for your operating system.
Table 1. SiteMinder library files
Operating system |
SiteMinder library file |
AIX
|
libsmagentapi.so
|
Microsoft
Windows 64-bit
|
smagentapi.dll
smerrlog.dll
|
Procedure
- On the computer where you installed Content Manager, append the directory that contains
the SiteMinder library file to the appropriate library path environment variable.
- For AIX® operating systems,
LIBPATH
- For Microsoft
Windows operating systems, PATH
- Open IBM Cognos Configuration.
- In the Explorer window, under Security, right-click Authentication,
and click .
- In the Name box, type a name for
your authentication namespace.
- In the Type list, select the SiteMinder and
then click OK.
- Select the namespace that you added.
- In the Namespace ID property, specify
a unique identifier for the namespace.
Tip: Do not use a colon (:) in the identifier.
- Specify values for the other required properties.
Tip: If you do not want the users to see the namespace name when they log in, set the
Selectable for authentication property to
False.
- In the Explorer window, under , right-click the namespace that you added, and click .
- In the Name box, type a name for
the policy server and click OK.
- In the Properties window, specify
the Host property and any other property values
you want to change.
- In the Explorer window, right-click
the new SiteMinder policy server that you added and click .
- In the Name box, type a name for
the user directory and click OK.
Important: The name must match the name of the user directory that is found in the
policy server.
- In the Properties window, type a
value for the Namespace ID reference property.
- Configure a user directory for each user directory in the
SiteMinder policy server.
- Click .
- Test the connection to a new namespace.
In the Explorer window, under Authentication,
right-click the new authentication resource and click Test.
You are prompted to enter credentials for a user in the namespace
to complete the test.
Depending on how your namespace is configured,
you can enter either a valid user ID and password for a user in the
namespace or the bind user DN and password.
- Configure a corresponding LDAP or Active Directory namespace
for each user directory.
Ensure that you use the same
value for the Namespace ID property that you
use for the Namespace ID property for the SiteMinder
namespace.