Access permissions and credentials

When a content store is initialized, the IBM® Cognos® Business Intelligence administrator sets the access permissions for your organization's data. He or she specifies which users and groups have access to a specific report or other content in IBM Cognos software. The administrator also specifies the actions users can perform on the content. These permissions can be modified at any time to accommodate changes within the organization.

For more information about setting access permissions, see the IBM Cognos Administration and Security Guide.

For users of IBM Cognos for Microsoft Office, specific permissions must be granted for the following types of activities:

Access permissions for users

At minimum, users must have traverse and read permissions for the parent entries of the entries in IBM Cognos Connection that they want to access. The parent entries include container objects such as folders, packages, groups, roles, and namespaces.

Note: If the administrator has granted users or the group to which users belong execute and traverse permissions on the package, they can run reports from a package, but not open the package in an IBM Cognos studio.

Access to IBM Cognos Connection entries associated with data sources secured against multiple namespaces

Data sources in IBM Cognos software can be secured against multiple namespaces. In some environments, the namespace used to secure the data source is not the primary namespace used for access to IBM Cognos Connection. When users try to access an entry that is associated with a data source secured against multiple namespaces, they must be logged on to all of the required namespaces.

When single signon (SSO) is enabled, users are automatically logged on to the namespace.

This functionality applies to IBM Cognos Viewer only.