Using MotioPI’s User Access panel you can quickly and easily identify (and export) security information on IBM Cognos users. The readily available information includes:
- The user’s access levels to specific Cognos content
- The user’s group and role memberships
This blog entry illustrates how to access and export Cognos users’ security settings using MotioPI.
NOTE: The following steps assume that MotioPI has already been configured to point at the Active Directory or LDAP Instance used by your Cognos environment (see this blog entry for instructions on how to configure this.)
1. Select the User Access Panel
2. Enter Cognos user names manually or choose from a list of current users.
3. Click the submit button and the query will return the users of interest.
4. Now you can select a specific user to examine that user’s permissions on Cognos content as well as the user’s group / role membership (in the bottom pane).
5. As you navigate the tree in the Browser pane, you’ll see the content in each selected folder along with the selected user’s permissions in the Content pane. Now, let us assume you are interested in only the permissions for a specific package and all objects inside of it. You would click on that package in the Browser pane.
6. Now that you’ve selected the root package / folder that you’re interested in, you can export the policy information as an HTML / CSV / Text report. To export go to File | Export Output.
7. From the Export to File window, customize your output by choosing:
- All items or narrow down to include only selected items
- Include both content and membership to view this user’s security for all selected content
- Select recurse folders in order to list content permissions for all objects within the selected package
- Choose from txt, html, or csv output options
8. You will then see a Save dialog where you can select the location to save the output (and the name of the output file).
9. Once the export is complete, MotioPI will provide a button to launch the output directly from MotioPI.
10. Here is an example of the HTML output generated above. Note that it includes both the group / role membership for the user kstrong, as well as his permissions for all Cognos content which is contained below the “GO Sales (query)” package (the selected package).
{{cta(‘1464db86-c7a4-4362-a17b-99feefb18ca8’)}}
{{cta(‘7bac48d8-f050-45a6-b7e7-b00be897fab8’)}}