Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Deployment of security with Cognos ReportNet

Status
Not open for further replies.
hellvixen

hellvixen

Technical User
Feb 2, 2006
2
GB
This is very extensive problem so I will summarise.
We are currently experiencing issues with the security when deploying ReportNet across our development, test and production environments. We are finding that each LDAP is not in synch with the others because the CAM ids are inconsistent, this results in a failed deployment because the security does not work properly.

We have spoken with Cognos and there is no white paper or best practice on the deployment of Access Manager with Reportnet.
Has anyone had the same or similar issues? Any advice would be much appreciated.

Thanks,
Nix
 
Sort by date Sort by votes
You are using multiple LDAP sources for security? Why?

Please explain, "this results in a failed deployment because the security does not work properly."

 
Upvote 0 Downvote
We are using a separate LDAP for each environment as follows,

DEV LDAP the developers can add new user classes for
development and testing purposes. We have 4
different development teams developing in
parallel and up to 4 separate projects using
different security models. The security added
in this LDAP does not necessarily get promoted
to Prod. Once ready to deploy we export to a
LAE file and then manually edit so that only
the new users classes we require are in the
file. We then merge with test giving test
priority.


TEST LDAP the developers can add in security specifically
for User Acceptance testing. The security for a
user in UAT is not usually the same security
they will have in Prod therefore again we do
not want to promote everything.

PROD LDAP we only add new users to the user classes in
this LDAP. The users classes can be
existing or new one promoted from Dev through
to Test and then Prod.

In summary the testing we do in the Dev and Test LDAPS means that if we didn't have separate enviroments we could potentially effect production users which is a risk we are not willing to take.

Since using ReportNet we have found that when we set the security up in Dev everythiggn works fine. When we deploy to test, as mentioned above, the security for some user classes no longer works. After investigation this was found to be inconsistent CAM ID's in the LDAP. For example, User1 has a CAM ID of 12345 in Dev and 54321 in Test therefore CRN no longer recognises the user.

I hope I have explained this clearly, if not let me know.

Nikki.
 
Upvote 0 Downvote
Nikki,

did you find any solution? I am new to reportnet8. any help would be appreciated.

ravina
 
Upvote 0 Downvote
seriously.. why are you using multiple LDAP sources ????

if you really have to use a zillions ldaps, they should be kept consistent through the use of ldif/lae files.

i would consider it a breach in security if it were to work in any other way.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

tushargaurav
  • Locked
  • Question
date time prompt not working in arabic language in cognos
Replies
0
Views
264
tushargaurav
tushargaurav
Emperatriz Stredel
  • Locked
  • Question
Two Cognos reports with two Models (Framework Manager)
Replies
0
Views
256
Emperatriz Stredel
Emperatriz Stredel
Goutham3835
  • Locked
  • Question
Dateset in Cognos framework
Replies
0
Views
225
Goutham3835
Goutham3835
NileshDhande
  • Locked
  • Question
Can I use web api as data source to cognos?
Replies
0
Views
287
NileshDhande
NileshDhande
aortiz268
  • Locked
  • Question
Congos table of contents help pls
Replies
0
Views
219
aortiz268
aortiz268

Part and Inventory Search

Sponsor

Back
Top