Question & Answer
Question
Customer would like their end users to logon to Controller by using their Windows (domain / active directory) username and password.
- How can they achieve this?
NOTE: This Technote only relates to when using Cognos Analytics as the authentication mechanism.
- If using the older "Cognos BI" product, then see separate IBM Technote #623043
- If using Windows Authentication (direct) then see separate IBM Technote #6209654.
Cause
Customer would like to use Cognos (CAM) authentication, using a Cognos Analytics (CA) server as the security namespace source.
Answer
In general, the steps to enable Active Directory authentication are the same for using 'Cognos Analytics' as they are when using 'Cognos BI'.
However, there are the following differences:
=========================================
(1) If you intend to enable Single Sign On (SSO = where users are not prompted for their Windows usernames/passwords) then you will need to install and configure the 'Optional Gateway' component for Cognos Analytics.
(2) By default, Cognos Analytics does not automatically include the roles 'Controller Users' or 'Controller Administrators'
Steps
1. Launch Cognos Connection
2. Click tab 'Security'
3. Click on the 'New Role' button:

4. Create a role called: Controller Administrators

5. Click Next, Finish
6. Create a role called: Controller Users
7. Click Next, Finish
=========================================
- Therefore, in general you can use the same instructions as written in the separate IBM Technote #623043.
However, there are the following differences:
=========================================
(1) If you intend to enable Single Sign On (SSO = where users are not prompted for their Windows usernames/passwords) then you will need to install and configure the 'Optional Gateway' component for Cognos Analytics.
- TIP: For more information, see separate IBM Technote #2002465.
(2) By default, Cognos Analytics does not automatically include the roles 'Controller Users' or 'Controller Administrators'
- Therefore you must manually create these missing security roles.
Steps
1. Launch Cognos Connection
- TIP: By default, this is here: http://<servername>:9300/bi/v1/disp?b_action=cogadmin
2. Click tab 'Security'
3. Click on the 'New Role' button:

4. Create a role called: Controller Administrators

5. Click Next, Finish
6. Create a role called: Controller Users
7. Click Next, Finish
=========================================
Related Information
[{"Product":{"code":"SS9S6B","label":"IBM Cognos Controller"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Controller","Platform":[{"code":"PF033","label":"Windows"}],"Version":"10.3.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
18 May 2020
UID
swg22012534