Creating a Cognos group or role

You can add entries from multiple namespaces, created both in the authentication providers and in IBM® Cognos® software, as members of Cognos groups. You can also create empty groups that do not have any members.

The members of Cognos groups can be users or other groups. The members of Cognos roles can be users, groups, or other roles.

If you plan to create groups or roles that reference entries from multiple namespaces, you must log on to each of those namespaces before you start your task. Otherwise, you will not have full administrative rights for the entries you want to reference.

We recommend that you use the Cognos groups and roles when you set up access permissions to entries in IBM Cognos software because it simplifies the process of deployment. For more information, see Security and Deployment.

When you delete a Cognos group or role, users' access permissions based on it are no longer active. You cannot restore access permissions by creating a group or role with the same name.

To administer users, groups, and roles, you must have execute permissions for the Users, Groups, and Roles secured feature, and traverse permissions for the Administration secured function. For more information, see User capabilities.

Procedure

  1. In IBM Cognos Administration, on the Security tab, click Users, Groups, and Roles.
  2. Click the Cognos namespace.
    Tip: If you want to delete a Cognos group or role, select the check box next to it and click the delete button.
  3. On the toolbar, click the new group New group icon or new role New role icon button.
  4. In the Specify a name and description page, type a name and, if you want, a description for the new group or role, and then select a destination folder and click Next.
  5. If you want to create a group without members, click Finish.
  6. If you want to add members to the new group or role, click Add and choose how to select the users, groups, or roles:
    • To choose from listed entries, click the appropriate namespace, and then select the check boxes next to the users, groups, or roles.
    • To search for entries, click Search and in the Search string box, type the phrase you want to search for. For search options, click Edit. Find and click the entry you want.
    • To type the name of entries you want to add, click Type and type the names of groups, roles, or users using the following format, where a semicolon (;) separates each entry: namespace/group_name;namespace/role_name;namespace/user_name;

      Here is an example:

      Cognos/Authors;LDAP/scarter;

  7. Click the right-arrow button and when the entries you want appear in the Selected entries box, click OK.
    Tip: To remove entries from the Selected entries list, select them and click Remove. To select all entries in the list, select the check box for the list. To make the user entries visible, click Show users in the list.
  8. Click Finish.