envisn
  • Home
  • Tools for Cognos
    • NetVisn
    • UniVisn
    • AutoVisn
    • DocuVisn
  • Company
    • About
    • Management Team
    • Customers
    • Partners
    • News/Media
  • Support
  • Resources
    • Custom Queries
    • Ebooks
    • Tutorial Videos
    • Cognos Security
    • Cognos Data Lineage
    • Cognos Audit Data
  • Blog
  • Contact

Cognos Security

Security in Cognos is composed of a just a handful of object types, but understanding these objects and how they work together is critical in implementing a manageable and secure Cognos environment.

cognos security overview

Namespaces in an IBM Cognos Environment

There are at least two namespaces in every Cognos environment: the internal Cognos namespace plus external security namespace(s).

The Cognos namespace is integral with the Cognos BI application. The objects it contains of security interest are Groups and Roles which can optionally be organized into Namespace Folders. (Other objects in this namespace which are not directly used in security are data sources, printers, contacts and distribution lists.) External namespaces (also called Authentication Providers) are defined in the Cognos Configuration program and can be of a variety of types, including Active Directory and LDAP among others. Once configured, the complete external security hierarchy of objects is available to Cognos consisting of Groups and Accounts organized into Namespace Folders.

Groups and Roles in an IBM Cognos Environment

Though different object types, Groups and Roles behave identically. They are containers which hold references to Accounts along with other Groups and Roles. These references are called members of the group/role.

Only the Groups/Roles in the Cognos namespace can be modified to add or remove members. The external namespace Groups must be managed using the namespace’s editing tool, such as the Active Directory Users and Computers program. The organization of members into the Groups/Roles is the most important factor in setting up an effective security system since they are commonly used to define permissions to Cognos content store objects.

Accounts in an IBM Cognos Environment

Authentication to the Cognos applications is performed through the external namespace. A user must provide valid credentials for an account object in the namespace to gain entry to the application.

Once authenticated, the user’s visibilities to objects and actions that can be performed are completely controlled by the memberships of the account and the security applied to both the content store objects and capability objects (to be covered later in the series).

Mastering IBM Cognos Security

A user’s permissions in Cognos are determined by memberships of the Account object used for authentication. But the calculation of these memberships can become complicated. Read More >

Understanding Cognos Access Permissions Settings on Cognos objects

Cognos Access Permissions settings on Cognos objects are use to grant or deny access or actions for specific security objects, usually Groups or Roles. There are five access permissions which are described briefly here.
Read More >

Key Insight into Cognos Security

If you’re a Cognos administrator there’s lots of key information you just need to have access to, especially in the area of security. Here we’re going to focus on what some consider among the top needs. These are:

  • Groups, Roles, Memberships and Members
  • Security profile of a role, group or account
  • Inherited security
  • Object security
  • User permissions - licensing

Read More >

5 Biggest Mistakes with IBM Cognos Security

The biggest issues in the area of Cognos security as seen by Cognos administrators, collected informally from a series of questions responded to over the past 14 months.
Read More >

cognos security management

NetVisn Makes Cognos Security Simple

The unique processing of object security by NetVisn provides the base view (what you can see in Cognos Connection) along with an Account view. This view translates security implemented through groups and roles into a display of security by account by applying permissions based upon memberships.

NetVisn's Security Editor makes it easy to manage changes to security and set up new accounts.   Learn more about NetVisn's Security Editor >

Learn more about how you can manage Cognos Security more efficiently with Netvisn.

Contact Us to Learn More

See how Netvisn can simplify your security needs in Cognos!

Netvisn Security slide

free download mastering ibm cognos security
video cognos security

Video: Cognos Security Management in NetVisn

This video demonstrates how you can view and manage security in Cognos in your Cognos environment more efficiently with the unique features only available with NetVisn.

Cognos Tools
from Envisn

NetVisn
AutoVisn
UniVisn
DocuVisn

Cognos Resources

Envisn’s IBM Cognos Blog
Custom Query Library
Tutorial Videos
Mastering Cognos Security
Content Store Survival Guide

About Envisn

Customers
Partners
News/Media
Privacy, Copyright & Liability

Contact Envisn

Request a Demo
Support

978-779-0400
info@envisn.com
© 2017 Envisn, Inc.

233 Ayer Road
Harvard, MA 01451 USA

Serving North America, Europe, and the UK with plans to expand to other areas in the near future.