Troubleshooting
Problem
Superuser clicks 'Maintain - Rights - Users'. Superuser selects a Controller user (for example 'John Smith', and then clicks browse button '...' next to 'CAM User'. Instead of a box (containing a list of users to choose from), superuser receives an error message. This means that the Superuser is unable to add new users in Controller.
For more information, see Unable to add new user.
Symptom
Information
There are no CAM Users available in the popup list
[OK]
Cause
The Controller system has encountered a problem trying to find the unused members of the Cognos security group "Controller Users".
More Information
The Cognos Connection website is used to administer Cognos security.
Inside the security section, there are two security groups that are relevant to Controller:
All Controller administrators/superusers must be a member of the group/role 'Controller Administrators'.
The error message "There are no CAM Users available in the popup list" is caused when Controller cannot find any more/new/spare users inside the role 'Controller Users'.
There are many potential causes for this to occur, for example:
More Information
The Cognos Connection website is used to administer Cognos security.
- For Controller 10.1 onwards, Cognos Connection is located here: http://<servername>/ibmcognos
- For Controller 8.x, Cognos Connection is located here: http://<servername>/cognos8
Inside the security section, there are two security groups that are relevant to Controller:
- Controller Administrators
- Controller Users
All Controller administrators/superusers must be a member of the group/role 'Controller Administrators'.
- For more information why, see separate IBM Technote #1371155
- Each and every Controller user must be a member of 'Controller Users', otherwise they are not authorised to use Controller.
The error message "There are no CAM Users available in the popup list" is caused when Controller cannot find any more/new/spare users inside the role 'Controller Users'.
There are many potential causes for this to occur, for example:
- Scenario #1 - All the Cognos namespace users have already been mapped (to a Controller user), so there are no spare users left.
- For example, the Controller administrator has forgotten to add all the relevant users into the 'Controller Users' group.
- This Technote shall mainly concentrate on this scenario.
- Scenario #2 - Erroneous entries inside the Controller database (table 'XCAMUSER')
- This has caused the process (where the user mapping check occurs) to fail
- For more info, see separate IBM Technote #1365555
- Scenario #3 - Cognos BI service has a problem (for example run out of system resources)
- This has caused the process (where the Cognos BI reporting service transfers the list of users to the Controller system) to fail.
- For more info, see separate IBM Technote #1386249
- Scenario #4 - (rare) All of the following are true:
- Active directory is strictly partitioned into separate OUs (for separate clusters of users, for example separate companies)
- The Cognos Analytics role 'Controller Users' contains an Active Directory (AD) group
- The AD group contains at least one user who is a member of the 'wrong' OU
- In other words, that one 'bad' user belongs to an OU which is not designed to be used by that Controller/CA system.
Environment
Controller configured to use Cognos (CAM) authentication.
Resolving The Problem
Scenario #1
Launch Cognos Connection, and add the relevant Active Directory users/user-groups (or Access
Manager user classes - if using Access Manager) to the Cognos role 'Controller Users'.
Launch Cognos Connection, and add the relevant Active Directory users/user-groups (or Access
Manager user classes - if using Access Manager) to the Cognos role 'Controller Users'.
Steps:
1. Launch Cognos Connection
2. Logon as a BI (Cognos) administrator
3. If prompted, click 'Administer IBM Cognos Content'
4. Click 'Security' tab
5. Underneath the 'Directory' pane, open the namespace 'Cognos'
6. Locate the group 'Controller Users'
7. Using your mouse, travel to the right-hand side, and click on the 'properties' icon:
8. Click the tab 'Members'
9. Click the 'Add' button, and follow the wizard to add the relevant users/groups
1. Launch Cognos Connection
2. Logon as a BI (Cognos) administrator
3. If prompted, click 'Administer IBM Cognos Content'
4. Click 'Security' tab
5. Underneath the 'Directory' pane, open the namespace 'Cognos'
6. Locate the group 'Controller Users'
7. Using your mouse, travel to the right-hand side, and click on the 'properties' icon:
8. Click the tab 'Members'
9. Click the 'Add' button, and follow the wizard to add the relevant users/groups
- For example, use http://<servername>/ibmcognos (or http://<servername>/cognos8)
TIP: For more information on this subject see the attached Proven Practice document '04. Configuring Controller 8.2 to use Active Directory authentication - Proven Practice _document v1.0b_.pdf'.
Scenario #2 - Erroneous entries inside the Controller database (table 'XCAMUSER')
See separate IBM Technote #1365555
Scenario #3
For more info, see separate IBM Technote #1386249
For more info, see separate IBM Technote #1386249
Scenario #4
For more info, see separate IBM Technote #1079337
Related Information
1365555 - There are no CAM Users available in the popup
1412954 - Error 'There are no CAM Users available in th
1386249 - Error 'There are no CAM Users available in th
1371155 - The user currently logged in is not authorize
1079337 - Missing CAM Users (inside 'Maintain - Rights - Users'), and potential…
[{"Product":{"code":"SS9S6B","label":"IBM Cognos Controller"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Controller","Platform":[{"code":"PF033","label":"Windows"}],"Version":"10.2.0;10.1.1;10.1;8.5.1;8.5;8.4;8.3","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Historical Number
1033618
Was this topic helpful?
Document Information
Modified date:
20 April 2021
UID
swg21347200