TM1 Forum

Posted: **Thu Jun 09, 2011 7:46 pm**

Hello,

I was wondering if anyone has had any luck using the "Applix TM1 OLE DB MD Provider" and authenticating against Cognos (i.e. IntegratedSecurityMode=4). I've tried using it (via VB and a UDL) and receive an error:

"Test connection failed because of an error in initializing provider. 'i383215' : Client name not found on the server"

Now I've tested this same connection going against an instance using native TM1 security and it succeeds. This is the ID I use to login but I'm not sure if Cognos internally keeps it as something different or if this fucntionality is just not going to work. I then went to Cognos server and noted the following in the logs each time I went log in (this doesn't mean anything to me, but I figured it can't hurt to include):

09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : enter ...
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : Client IP = null
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.getClientDomain() : did not get SERVER_NAME from TrustedEnvVar
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.getClientDomain() : did not get SERVER_NAME from Env Var
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.getClientDomain() : .bear.com
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : no cookie <pajpm1-test> found from the client browser
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : no cookie <pajpm2-test> found from the client browser
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : no cookie <pajpm3-test> found from the client browser
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : no cookie found from the client browser
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : no cookie <pajpm1-test> found from the SDK Credential
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : no cookie <pajpm2-test> found from the SDK Credential
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : no cookie <pajpm3-test> found from the SDK Credential
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.logon() : no token or id/pwd provided!
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.createUserRecoverableException() : display message - Please enter your credentials for authentication.
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.createUserRecoverableException() : reason -
09 Jun 2011 20:39:02 [DEBUG] -- BSCAuthenticationProvider.createUserRecoverableException() : Create an UserRecoverableException

Thanks,
Brad

Posted: **Fri Jun 10, 2011 2:57 am**

Hi Brad,

I haven't tried personally, but my suspicion is that you won't get that to work as long as you are using that setting for IntegratedLoginMode.

Why don't you try mode 5, which is mixed mode between Cognos and standard TM1 authentication. That way, you can create a 'mdx_user' client and 'mdx_read' group (for example) and have ADOMD use those credentials. There should be no problem having CAM-derived users and groups and admin defined ones co-existing in this mode.

HTH

Robin

Posted: **Fri Jun 10, 2011 7:42 pm**

Thanks Robin, this approach would indeed work and is a good idea. Unfortunatly, our infastructure group would not allow a special/functional TM1 user ID specific to exist. We have a pretty complex security model that Cognos connects to. It wouldn't fly to have a user ID that bypasses it and also force our operate group to remember this "special" user's password.

Thanks,
Brad

TM1 Forum

Cognos Security and OLE DB Provider

Cognos Security and OLE DB Provider

Re: Cognos Security and OLE DB Provider

Re: Cognos Security and OLE DB Provider