Disable anonymous access, if required.
Configure Cognos 8 components to use an authentication provider.
Cognos 8 components run with two levels of logon: anonymous and authenticated. By default, anonymous access is enabled.
You can use both types of logon with your installation. If you choose to use only authenticated logon, you can disable anonymous access.
For authenticated logon, you must configure Cognos 8 components with an appropriate namespace for the type of authentication provider in your environment. You can configure multiple namespaces for authentication and then choose at run time which namespace you want to use. For more information, see the Administration and Security Guide.
If you upgraded from ReportNet and Cognos 8 detects a previously configured namespace that is no longer configured, the unconfigured namespace appears in the list of authentication providers in the Administration portal. You can configure the namespace if you still require the user account information. Otherwise, you can delete the namespace. For information about deleting the namespace, see the Administration and Security Guide.
Also, when upgrading from one version to another, you must use the same authentication namespace for both versions. Otherwise, the new version may not contain the same policies, users, roles, and groups.
Cognos 8 components support the following types of servers as authentication sources:
Active Directory Server
Cognos Series 7
Custom Authentication Provider
LDAP
eTrust SiteMinder
NTLM
SAP
If you use more than one Content Manager computer, you must configure identical authentication providers on each Content Manager computer. This means that the type of authentication provider you select and the way you configure it must be identical on all computers for all platforms. The configuration must contain information that is accessible by all Content Manager computers.
When Cognos 8 is installed on a single Linux computer, or when Content Manager is installed on a Linux computer, Cognos 8 can be configured to use only LDAP V3-compliant directory servers and custom providers as authentication sources.
Some authentication providers require libraries external to the Cognos 8 environment to be available. If these libraries are not available on Linux, the authentication provider cannot be initialized.
If you want to configure one of the following as your authentication source, you must install Content Manager on a non-Linux computer:
Cognos Series 7 namespace
Active Directory Server
NTLM
eTrust SiteMinder
SAP BW
If you enable security, you must configure security settings immediately after you complete the installation and configuration process. For more information, see the Administration and Security Guide.
Important: We recommend that you do not disable security after you enable it. If you delete a namespace, the user preferences, My Folders, and My Pages entries are permanently lost. Existing permission settings will refer to users, groups or roles that no longer exist. While this does not affect how the permissions work, a user administering the permission settings may see "unknown" entries. Because these entries refer to users, groups, and roles which no longer exist, you can safely delete them.
After you configure an authentication provider for Cognos 8 components, you can enable single signon between your authentication provider environment and Cognos 8 components. This means that a user logs on once and can then switch to another application without being asked to log on again.
To use an authentication provider and to require users to authenticate:
| | Disable anonymous access, if required. |
| | Configure Cognos 8 components to use an authentication provider. |
