Technical Blog Post
Tivoli Common Reporting missing user and group permissions.
When the user or group permissions disappears in Tivoli Common Reporting , this can be caused by corruption of the VMMProvider or a too large repository .
Early version of the Tivoli Common Reporting uses the Federated Repository and this is configured to use the Internal File Repository.
This repository contains users and groups settings including access permission and rights as this are built into Tivoli Common Reporting.
It does not require the users or groups to exist anywhere outside Tivoli Common Reporting.
You can edit or assigned users and groups using the reporting portlet. The File Repository where you managed Users and Groups is the navigation console item
There are two security namespaces for a single system TCR installation, they are Cognos and VMMProvider.
For a distributed TCR installation, VMMProvider is not installed.
VMMProvider contains all the users and groups for the federated repository and it is as shown below:
Tivoli Common Reporting comes with reporting roles already defined. These roles are defined here:
What makes these roles easy to use is that all reporting objects by default have the predefined roles set
properly on them. You only need to add users and groups to the roles.
To use the predefined roles, remove everyone from all the predefined roles that they exists in, then add
your users and groups to the roles. This procedure is described here:
From Tivoli Common Reporting 3.1.2 on-wards admin rights won't be given to non admin users by default.
Please see the link below.
If you have a large repository and the VMMProvider is not returning all the groups, then update the properties file to disable and return all groups and users.
This means that the administrators will use the search feature to find the groups and users.
<install>\..\tipv2\profiles\TIPProfile\installedApps\TIPCell\IBM Cognos 8.ear\p2pd.war\WEB-INF\lib\VMMprovider.properties.
Starting in TCR 2.1.1 the default is not to return all groups and users, requiring the administrator to use the search function.