Configuring IBM Cognos Controller 8 to use Single Sign- On



Similar documents
Creating IBM Cognos Controller Databases using Microsoft SQL Server

Integrating IBM Cognos 8 BI with 3rd Party Auhtentication Proxies

Configuring Controller 8.2 to use Active Directory authentication

Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008

Enabling Single-Sign-On between IBM Cognos 8 BI and IBM WebSphere Portal

Troubleshooting Active Directory Server

Enabling Single Signon with IBM Cognos 8 BI MR1 and SAP Enterprise Portal

Enabling Single Signon with IBM Cognos ReportNet and SAP Enterprise Portal

Enabling Single-Sign-On on WebSphere Portal in IBM Cognos ReportNet

Enabling single sign-on for Cognos 8/10 with Active Directory

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Secure Agent Quick Start for Windows

Protecting Juniper SA using Certificate-Based Authentication. Quick Start Guide

Security Assertion Markup Language (SAML) Site Manager Setup

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Scenario 2: Cognos SQL and Native SQL.

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

IIS, FTP Server and Windows

Sophos SafeGuard Native Device Encryption for Mac quick startup guide. Product version: 7

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Multiple Aligned Column Headers in Lists and Crosstabs

MadCap Software. Upgrading Guide. Pulse

Kaseya 2. User Guide. Version 6.1

Hyper-V Server 2008 Setup and Configuration Tool Guide

Interact for Microsoft Office

Defender Token Deployment System Quick Start Guide

Using Internet or Windows Explorer to Upload Your Site

Sophos Anti-Virus for NetApp Storage Systems startup guide

Enterprise Knowledge Platform

CA Spectrum and CA Embedded Entitlements Manager

Windows Clients and GoPrint Print Queues

Using Microsoft Windows Authentication for Microsoft SQL Server Connections in Data Archive

How To Connect To A Wireless Network On Windows 7 (Windows 7) On A Pc Or Mac Or Ipad (Windows) On Pc Or Ipa (Windows 8) On Your Computer Or Mac (Windows). (Windows.7) On An

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

SAS 9.3 Foundation for Microsoft Windows

SMART Vantage. Installation guide

OrgPublisher EChart Security

SINGLE SIGN-ON FOR MTWEB

Configuring User Identification via Active Directory

Phone Manager Application Support OCTOBER 2014 DOCUMENT RELEASE 4.1 SAGE CRM

Active Directory integration with CloudByte ElastiStor

This means that any user from the testing domain can now logon to Cognos 8 (and therefore Controller 8 etc.).

Integration Package for Microsoft Office SharePoint3

Implementation Guide for protecting

Differences between Computer and User Templates

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

Knowledge Base Article: Article 218 Revision 2 How to connect BAI to a Remote SQL Server Database?

Sage 200 Web Time & Expenses Guide

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

SAM Context-Based Authentication Using Juniper SA Integration Guide

HELP DOCUMENTATION SSRPM WEB INTERFACE GUIDE

Desktop Web Access Single Sign-On Configuration Guide

The cloud server setup program installs the cloud server application, Apache Tomcat, Java Runtime Environment, and PostgreSQL.

Mixed Authentication Setup

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

Symantec Managed PKI. Integration Guide for ActiveSync

Configuring Steel-Belted RADIUS Proxy to Send Group Attributes

Configuration Task 3: (Optional) As part of configuration, you can deploy rules. For more information, see "Deploy Inbox Rules" below.

WINDOWS 7 & HOMEGROUP

Windows SharePoint Services Installation Guide

Integration Guide. Microsoft Active Directory Rights Management Services (AD RMS) Microsoft Windows Server 2008

Windows Live Mail Setup Guide

CA VPN Client. User Guide for Windows

NovaBACKUP xsp Version 15.0 Upgrade Guide

StarWind iscsi SAN Configuring HA File Server for SMB NAS

StarWind iscsi SAN: Configuring HA File Server for SMB NAS February 2012

Feith Dashboard iq Server Version 8.1 Install Guide

Enabling SSO between Cognos 8 and WebSphere Portal

CA Nimsoft Service Desk

Aventail Connect Client with Smart Tunneling

ibaan ERP 5.2a Configuration Guide for ibaan ERP Windows Client

WatchDox for Mac User Guide

WS_FTP Server. User s Guide. Software Version 3.1. Ipswitch, Inc.

RoomWizard Synchronization Software Manual Installation Instructions

Application Note. ShoreTel 9: Active Directory Integration. Integration checklist. AN June 2009

Introduction VITAL SIGNS FROM SAVISION / FAQS Savision B.V. savision.com All rights reserved.

Installation Guide for Microsoft SQL Server 2008 R2 Express. October 2011 (GUIDE 1)

SOA Software API Gateway Appliance 7.1.x Administration Guide

CA Technologies SiteMinder

Check Point FW-1/VPN-1 NG/FP3

Dell Compellent Storage Center

Integrating LANGuardian with Active Directory

MY HELPDESK - END-USER CONSOLE...

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Active Directory Reporter Quick start Guide

StarWind iscsi SAN Software: Using StarWind with VMware ESX Server

Sophos Endpoint Security and Control standalone startup guide

How to Secure a Groove Manager Web Site

Active Directory Provider User s Guide

Citrix Systems, Inc.

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

SELF SERVICE RESET PASSWORD MANAGEMENT WEB INTERFACE GUIDE

Scan to SMB(PC) Set up Guide

LifeCyclePlus Version 1

Sophos SafeGuard Native Device Encryption for Mac Administrator help. Product version: 7

Quick Start Guide For Ipswitch Failover v9.0

How-to: Single Sign-On

How to Use Remote Access Using Internet Explorer

Transcription:

Guideline Configuring IBM Cognos Controller 8 to use Single Sign- On Product(s): IBM Cognos Controller 8.2 Area of Interest: Security

Configuring IBM Cognos Controller 8 to use Single Sign-On 2 Copyright Copyright 2008 Cognos ULC (formerly Cognos Incorporated). Cognos ULC is an IBM Company. While every attempt has been made to ensure that the information in this document is accurate and complete, some typographical errors or technical inaccuracies may exist. Cognos does not accept responsibility for any kind of loss resulting from the use of information contained in this document. This document shows the publication date. The information contained in this document is subject to change without notice. Any improvements or changes to the information contained in this document will be documented in subsequent editions. This document contains proprietary information of Cognos. All rights are reserved. No part of this document may be copied, photocopied, reproduced, stored in a retrieval system, transmitted in any form or by any means, or translated into another language without the prior written consent of Cognos. Cognos and the Cognos logo are trademarks of Cognos ULC (formerly Cognos Incorporated) in the United States and/or other countries. IBM and the IBM logo are trademarks of International Business Machines Corporation in the United States, or other countries, or both. All other names are trademarks or registered trademarks of their respective companies. Information about Cognos products can be found at www.cognos.com This document is maintained by the Best Practices, Product and Technology team. You can send comments, suggestions, and additions to cscogpp@ca.ibm.com.

Configuring IBM Cognos Controller 8 to use Single Sign-On 3 Contents 1... INTRODUCTION...4 1.1... PURPOSE... 4 1.2...APPLICABILITY... 4 1.3...EXCLUSIONS AND EXCEPTIONS... 4 2... CONFIGURING CONTROLLER TO USE SINGLE-SIGNON...4 2.1... OVERVIEW... 4 2.2... DEFAULT BEHAVIOUR... 5 2.3... DETAILS... 7 2.4...CAN YOU USE SINGLE-SIGNON WITHOUT USING WINDOWS AUTHENTICATION?... 8 2.5... APPENDIX TROUBLESHOOTING. 12

Configuring IBM Cognos Controller 8 to use Single Sign-On 4 1 Introduction 1.1 Purpose This document is a quick guide on how to configure a Controller 8 application server to use single-signon. 1.2 Applicability Controller 8.2 1.3 Exclusions and Exceptions There are no known exclusions and exceptions at the time the document was created. 2 Configuring Controller to use Single-Signon 2.1 Overview This guide is intended as a quick-start guide, for the most popular of environments. The official documentation 1 takes precedence over this document. This document should be used as a companion to: Configuring Controller 8 to use Active Directory authentication Configuring Controller 8 to use Access Manager authentication It is assumed that: There is one Controller 8 application server The server is configured to use either Active Directory or Access Manager authentication. 1 For the full information, see Chapter 7 (p77+) Configuring Series 8 or Windows Authentication of the document Cognos 8 Controller Installation and Configuration Guide (English) ( ctrl_inst.pdf ) which can be found on the installation CD, or can be downloaded from http://support.cognos.com.

Configuring IBM Cognos Controller 8 to use Single Sign-On 5 2.2 Default behaviour When Controller is using either Access Manager of Active Directory, you are prompted to log in when you point your browser http://servername/cognos8. After you log in, you can open Controller from a link on the IBM Cognos Connection web site:

Configuring IBM Cognos Controller 8 to use Single Sign-On 6 You are then prompted to log in again. This document demonstrates how to remove these prompts.

Configuring IBM Cognos Controller 8 to use Single Sign-On 7 2.3 Details First, you configure your web site to use Windows Authentication. By default, the web site uses anonymous authentication. On the Controller 8 application server, open your Computer Management screen and right-click Default Web Site and select Properties. The Default Web Site Properties dialog appears. Click Directory Security > Edit and clear the Anonymous access check box. Click OK. Restart the IIS service by opening a command prompt and typing IISRESET.

Configuring IBM Cognos Controller 8 to use Single Sign-On 8 2.4 Can you use single-signon without using Windows authentication? The following method is valid if using an Access Manager (sometimes referred to as an IBM Cognos Series 7 namespace). To confirm that you are using an IBM Cognos Series 7 namespace, open IBM Cognos Configuration. Under Security > Authentication, you see a Cognos Namespace. When you select the Namespace the Type is listed as IBM Cognos Series 7. Open Access Manager Administration. Open the Properties sheet for the default namespace and click the Signons tab.

Configuring IBM Cognos Controller 8 to use Single Sign-On 9 Under Active signons, click Both. You need to ensure that each Access Manager user has an appropriate Windows (domain) userid.

Configuring IBM Cognos Controller 8 to use Single Sign-On 1 In Access Manager Administration, expand Users. Right-click one of the users and select Properties. Click User Signons. Under OS signons click Add and enter the Windows login information for that user. Repeat the above process for each Windows user, and each corresponding Access Manager userid, so that all Controller users are configured. You have now configured true Windows single-signon. When the user logs onto Windows, this is the last time they need to log on. Controller authenticates the user automatically, using the Windows userid (for example, DOMAIN\SMITHJ), which is mapped to a Controller native user account (for example, ADM).

Configuring IBM Cognos Controller 8 to use Single Sign-On 1 The following method is valid if you are using an Active Directory namespace and you are not using Kerberos Delegation. To confirm that you are using an ADS, open IBM Cognos Configuration and expand Security > Authentication. Select the domain, in this example it is labeled ENTDomain, and the Type is set to Active Directory in the Resource Properties list. In the Resource Properties list, select Advanced Properties. Click the Edit button. The Advanced Properties dialog appears. For the singlesignonoption value, select IdentityMapping.

Configuring IBM Cognos Controller 8 to use Single Sign-On 1 Save and then restart IBM Cognos Configuration. After doing the above, you are not prompted to log on to either IBM Cognos Connection or the IBM Cognos Controller link. 2.5 Appendix Troubleshooting Confirm that the client computer is sending the IIS web site the end-user s credentials. All Controller client/server communication, uses the HTTP protocol to the IIS web server. It is important that the client s computer sends Windows credentials to the web site. Confirm that the server zone that the Controller server belongs to, on the client computer s Internet Explorer settings has Automatic logon with current username and password enabled. Open Internet Explorer, from the Tools menu, click Internet Options > Security > Custom Level. The Security Settings dialog appears. Under User Authentication > Logon click Automatic logon with current username and password. Click OK.

Configuring IBM Cognos Controller 8 to use Single Sign-On 1 Can you use single-sign on without using Windows authentication? Single signon (without Windows authentication) in Controller is only valid between the Controller client and the Controller Excel client.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information