in the user interface.User authentication in IBM Cognos 8 is managed
by authentication providers. Authentication providers define users,
groups, and roles used for authentication. User names, IDs, passwords, regional
settings, personal preferences are some examples of information
stored in the providers. If you set up authentication for IBM Cognos 8,
users must provide valid credentials, such as user ID and password,
at logon time. In IBM Cognos 8 environment, authentication providers
are also referred to as namespaces, and they are represented by
namespace entries in the user interface.
IBM Cognos 8 does not replicate the users, groups, and roles defined in your authentication provider. However, you can reference them in IBM Cognos 8 when you set access permissions to reports and other content. They can also become members of Cognos groups and roles.
The following authentication providers are supported in this release:
Active Directory Server
IBM Cognos Series 7
eTrust SiteMinder
LDAP
NTLM
SAP
You configure authentication providers using IBM Cognos Configuration. For more information, see the Installation and Configuration Guide.
If multiple namespaces are configured for your system, at the start of a session you must select one namespace that you want to use. However, this does not prevent you from logging on to other namespaces later in the session. For example, if you set access permissions, you may want to reference entries from different namespaces. To log on to a different namespace, you do not have to log out of the namespace you are currently using. You can be logged on to multiple namespaces simultaneously.
Your primary logon is the namespace and the credentials that you use to log on at the beginning of the session. The namespaces that you log on to later in the session and the credentials that you use become your secondary logons.
When you delete one of the namespaces, you can log on using another namespace. If you delete all namespaces except for the Cognos namespace, you are not prompted to log on. If anonymous access is enabled, you are automatically logged on as an anonymous user. If anonymous access is not enabled, you cannot access the IBM Cognos Connection logon page. In this situation, use IBM Cognos Configuration to enable anonymous access.
You can hide namespaces from users during logon. This lets you have trusted signon namespaces without showing them on the namespace selection list that is presented when users log on.
For example, you may want to integrate single signon across systems, but maintain the ability for customers to authenticate directly to IBM Cognos 8 without being prompted to choose a namespace.
You can hide Custom Java Provider and eTrust SiteMinder namespaces that you configured.
For more information, see the Installation and Configuration Guide.
You can preserve namespaces and all their contents in the content store even if they are no longer configured for use in IBM Cognos 8. When a namespace is not configured, it is listed as inactive in the directory tool.
An inactive namespace is one that was configured, but later deleted in IBM Cognos Configuration. The namespace can be deleted from the content store by members of the System Administrators role. You cannot log on to an inactive namespace.
If a new version of IBM Cognos 8 detects a previously configured namespace that is no longer used, the namespace appears in the directory tool as inactive. You can configure the namespace again if you still require the data. If the namespace is not required, you can delete it.
When you delete a namespace, you also delete all entries in My Folders that are associated with that namespace, and their contents.
An active namespace cannot be deleted, but can be updated.
To recreate a namespace in IBM Cognos Configuration, you must use the original ID of the namespace. For information about configuring and recreating namespaces, see the Installation and Configuration Guide.
If a namespace was removed from IBM Cognos Configuration and is no longer required, a member of the System Administrators role can delete it permanently in the directory tool. Deleting a namespace also deletes all the entries in My Folders that are associated with the namespace.
To access the directory administration tool, you must have execute permissions for the directory secured feature and traverse permissions for the administration secured function.
In IBM Cognos Connection, in the upper-right corner, click Launch, IBM Cognos Administration.
On the Security tab, click Users, Groups, and Roles.
If the namespace you want to delete does not have a check mark in the Active column, it is inactive and can be deleted.
In the Actions column, click the delete button.
If the namespace is active, the delete button is not available.
The namespace is permanently deleted. To use the namespace again in IBM Cognos 8, you must add it using IBM Cognos Configuration.
