This means that any user from the testing domain can now logon to Cognos 8 (and therefore Controller 8 etc.).



Similar documents
Configuring Controller 8.2 to use Active Directory authentication

Enabling single sign-on for Cognos 8/10 with Active Directory

Configuring IBM Cognos Controller 8 to use Single Sign- On

Accessing the Media General SSL VPN

Windows 7 Hula POS Server Installation Guide

How to Access Coast Wi-Fi

Managing Users, Computers, & Groups

Change Advanced Proxy Server Configuration Settings

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008

Active Directory Syncing

How to connect to the diamonds wireless network with Vista.

IIS, FTP Server and Windows

Configuring the Active Directory Plug-in

Video Administration Backup and Restore Procedures

Integrating LANGuardian with Active Directory

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Secrets of Event Viewer for Active Directory Security Auditing Lepide Software

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

How to Install the Active Directory Domain Services (AD DS) Role in Windows Server 2008 R2 and Promote a Server to a Domain Controller

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Creating Home Directories for Windows and Macintosh Computers

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Active Directory Integration for Greentree

Windows Firewall must be enabled on each host to allow Remote Administration. This option is not enabled by default

Virtual Office Remote Installation Guide

Setting Up Sharp MX-Color Imagers To Scan To

Contents Introduction... 3 Introduction to Active Directory Services... 4 Installing and Configuring Active Directory Services...

How to integrate RSA ACE Server SecurID Authentication with Juniper Networks Secure Access SSL VPN (SA) with Single Node or Cluster (A/A or A/P)

Avatier Identity Management Suite

Application Note 8: TrendView Recorders DCOM Settings and Firewall Plus DCOM Settings for Trendview Historian Server

Livezilla How to Install on Shared Hosting By: Jon Manning

How to Use Remote Access Using Internet Explorer

Set Up Setup with Microsoft Outlook 2007 using POP3

JusticeConnect AVL for Windows SETUP GUIDE

Hosted Microsoft Exchange Client Setup & Guide Book

Changing Passwords in Cisco Unity 8.x

Managed Security Web Portal USER GUIDE

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Configuration Guide. Remote Backups How-To Guide. Overview

Hallpass Instructions for Connecting to Mac with a Mac

How to Connect to YaleSecure (Yale s secure wireless network)

Mozilla Thunderbird: Setup & Configuration Learning Guide

Installing Microsoft Outlook on a Macintosh. This document explains how to download, install and configure Microsoft Outlook on a Macintosh.

Quality Center LDAP Guide

Interact for Microsoft Office

Client Configuration Guide

Configuring User Identification via Active Directory

Active Directory Integration

Download/Install IDENTD

MAC OS X 10.5 Mail Setup

Configuring Active Directory Binding for OS X (10.4.x) within Miami Dade Schools

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

CloudCall for Salesforce- Quick Start Guide. CloudCall for Act! CRM Quick Start Guide

Configuring Eduroam in Windows Vista

Exostar LDAP Proxy / Secure Setup Guide. This document provides information on the following topics:

Connecting to UNOSECURE using Windows 7

OFFICE 365 SELF- CONFIGURATION GUIDE

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

Virtual Private Network (VPN)

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Integrating Trend Micro OfficeScan 10 EventTracker v7.x

Tech Tips Helpful Tips for Pelco Products

CRM to Exchange Synchronization

Configure Single Sign on Between Domino and WPS

Web based training for field technicians can be arranged by calling These Documents are required for a successful install:

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

SafeWord Domain Login Agent Step-by-Step Guide

CA Spectrum and CA Embedded Entitlements Manager

Delegated Administration Quick Start

Active Directory Authenication

Changing Your Cameleon Server IP

Migrating MSDE to Microsoft SQL 2008 R2 Express

PingFederate. Identity Menu Builder. User Guide. Version 1.0

StarterPlus Mailbox Software Setup Guide

ShadowControl ShadowStream

SSL Installing your new Certificate

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

INSTALLATION INSTRUCTIONS FOR UKSSOGATEWAY

educ Office Remove & create new Outlook profile

Creating a New Domain Tree in the Forest

Immotec Systems, Inc. SQL Server 2005 Installation Document

Viewing and Troubleshooting Perfmon Logs

Remote Access: Internet Explorer

SecureAware on IIS8 on Windows Server 2008/- 12 R2-64bit

Proctor Caching User Guide

AT&T Global Network Client Domain Logon Guide. Version 9.6

SQL Express to SQL Server Database Migration MonitorIT v10.5

Configuring Sponsor Authentication

AXIS 1440 Print Server For EPSON Printers: Product Update. Important Information for Windows

Step by step guide for connecting PC to wired LAN at dormitories of University of Pardubice

pcanywhere Advanced Configuration Guide

Windows Vista: Connecting to the wireless network at Hood College

Kentico CMS 7.0 Intranet Administrator's Guide

Mac OS X Secure Wireless Setup Guide

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

Riva GroupWise for Active Directory - Admin Guide

6) Click the lock in the lower left corner of the Directory Utility Window and authenticate with the local administrator account s credentials.

Transcription:

ChaseReferrals and multidomaintrees Graphical explanation of the difference Imagine your Active Directory network looked as follows: Then imagine that you have installed your Controller report server inside the testing.mcmcse.com domain: You then launch Cognos Configuration, and create a Cognos 8 Active Directory namespace which points to one of the domain controllers inside the testing.mcmcse.com domain. This means that any user from the testing domain can now logon to Cognos 8 (and therefore Controller 8 etc.).

Scenario #1 Imagine that you had users inside the 2 child domains (i.e. the domains BELOW the original one) of testing (for example cisco.testing.mcmcse.com and cmptia.testing.mcmcse.com ) who also wanted to login to Cognos 8: The way to allow users from these 2 child domains to login is to enable chasereferrals (see later).

Scenario #2 Now imagine that you wanted ALL users from the ENTIRE active directory forest to have the ability to login: In this case, way to allow users from *all* of these domains to login is to enable MultiDomainTrees (see later). TIP: If you enable MultiDomainTrees then this makes the setting chasereferrals irrelevant. In other words, there is no need to have both MultiDomainTrees and chasereferrals settings enabled.

Enabling ChaseReferrals and multidomaintrees For full details, see the documentation (for example page 153 of Cognos 8 Controller 8.3 - INSTALLATION AND CONFIGURATION GUIDE (English) ctrl_inst.pdf ) which came with your product. For the sake of convenience, below are extracts (the chapter Include or Exclude Domains Using Advanced Properties ) from this example, complete with screenshots: = = = = = = = = = = = = = = = = = When you configure an authentication namespace for Cognos 8 components, users from only one domain can log in. By using the Advanced properties for Active Directory Server, users from related (parent-child) domains and unrelated domain trees within the same forest can also log in. Authentication in One Domain Tree If you set a parameter named chase_referrals to true, users in the original authenticated domain 1. and all child domains of the domain tree can log in to Cognos 8. Users above the original 2. authenticated domain or in a different domain tree cannot log in. Authentication 3. in All Domain Trees in the Forest If you set a parameter named multi_domain_tree to true, users in all domain trees in the forest can log in to Cognos 8. Steps On the computer where you installed Content Manager, start Cognos Configuration. In the Explorer window, under Security, Authentication, click the Active Directory namespace. 4. In the Properties window, specify the Host and port property: 5. For users in one domain, specify the host and port of a domain controller for the single domain. 6. For users in one domain tree, specify the host and port of the top-level controller for the domain tree. For users in all domain trees in the forest, specify the host and port of any domain controller in the forest. Click in the Value column for Advanced properties and click the edit button. In the Value - Advanced properties window, click Add. Specify two new properties, chasereferrals and MultiDomainTrees, with the following values:

7. 8. Click OK. From the File menu, click Save. = = = = = = = = = = = = = = = = = The most relevant section is highlighted in red. After making the above changes, naturally you need to restart the Cognos 8 service (see icon highlighted in picture above). TIP: For more information on how Active Directory forests work, and their design, see third-party websites such as the following: Active Directory Hierarchies - Free AD Tutorial - http://www.learnthat.com/software/learn/1295/introduction_to_active_directory/page/5/ Active Directory Study Guide - http://www.mcmcse.com/microsoft/guides/ad.shtml Best Practice Active Directory Design for Managing Windows Networks - http://students.estrellamountain.edu/larson/ms/ad3/ad3.htm

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information