Hi, we have Cognos Express. Two Admin licences, named AD Users. Licensing question for CX-
1) Cognos Express standard install creates a CognosAdmin user. This user is not logged on with at all (only use AD named users through single sign on), but is Administrator and System Admin for Cognos Express Portal.
2) Xcelerator (TM1) has a default ADMIN user, which again does not get used as single sign on and AD named user for Admin function.
Question is - Does anyone have knowledge or experience with the two default install users and how to best manage without compromising the license. COncerned that they will be regarded as named users, dont think deletion is a good idea so should they be restricted?
Cheers in advance
CXMD Cognos Express security TM1
-
jameswebber
- Community Contributor
- Posts: 188
- Joined: Sun Nov 21, 2010 8:00 pm
- OLAP Product: Cognos Express 10
- Version: CE 10.1.1
- Excel Version: 2010
- Location: Wellington, New Zealand
- Contact:
Re: CXMD Cognos Express security TM1
Hi BigG,
Did you get to the bottom of this and what setting do you have for IntegratedSecurityMode in the tm1s.cfg file?
Did you get to the bottom of this and what setting do you have for IntegratedSecurityMode in the tm1s.cfg file?
-
BigG
- Community Contributor
- Posts: 211
- Joined: Tue Sep 15, 2009 11:13 pm
- OLAP Product: IBMPA
- Version: PA 2.0 Cloud
- Excel Version: 2010
Re: CXMD Cognos Express security TM1
Hi, I couldnt get a straight answer from IBM Cognos on licensing for the built in TM1/CX 'Admin' user so we left as ADMIN security (although we do not use it and cannot unless we change the IntegratedSecurityMode).
Our IntegratedSecurityMode setting for SSO in tm1s.cfg for Cognos Express is '5'
Also, For Cognos Express we have confirmation that 'All Express Users' can be Xcelerator DataAdmin (not Admin) from one IBM person (name withheld) willing to reply in writing that:
Our IntegratedSecurityMode setting for SSO in tm1s.cfg for Cognos Express is '5'
Also, For Cognos Express we have confirmation that 'All Express Users' can be Xcelerator DataAdmin (not Admin) from one IBM person (name withheld) willing to reply in writing that:
"We have interpreted the licensing information based on user entitlements for 'All Express Users' and as a result given dataadmin security level within Xcelerator client to our developers. This will allow the users to manage Xcelerator objects, including modification and creation of cubes, dimensions and processes."
GG
-
jameswebber
- Community Contributor
- Posts: 188
- Joined: Sun Nov 21, 2010 8:00 pm
- OLAP Product: Cognos Express 10
- Version: CE 10.1.1
- Excel Version: 2010
- Location: Wellington, New Zealand
- Contact:
Re: CXMD Cognos Express security TM1
Thanks BigG.
I was thinking about getting rid of the TM1 admin user but sound like I will just keep it there.
I was thinking about getting rid of the TM1 admin user but sound like I will just keep it there.
-
BigG
- Community Contributor
- Posts: 211
- Joined: Tue Sep 15, 2009 11:13 pm
- OLAP Product: IBMPA
- Version: PA 2.0 Cloud
- Excel Version: 2010
Re: CXMD Cognos Express security TM1
yes, possible a fall back if everything went pear shaped and you couldnt access the CX server through SSO integrated security, you would revert back the IntegratedSecurityMode in tm1s.cfg and people will appreciate your initiative, pat on back all round...
but, maybe change the default admin user password for security reasons
but, maybe change the default admin user password for security reasons
GG