Running the script after your manual steps can indeed give errors.
The same when re-executing the script.
It requires a specific cleanup procedure:
https://www.ibm.com/support/pages/how-properly-clear-microsofts-internet-information-service-iis-configurations-setup-new-configuration-iis-support-ibm-cognos
As that will wipe out all your manual labor, you need to make sure it is worth it during this troubleshooting session.
Make sure to edit it with the right variables, before executing it.
Once executed correctly, please have a look at my earlier questions.
------------------------------
STEFAN VERMEULEN
------------------------------
Original Message:
Sent: Thu September 10, 2020 08:42 AM
From: Vincent Dsouza
Subject: Cognos 11.1.7 Single Sign on not seamlessly integrating with AD
Hi Stefan,
Thanks for your advice, However when I try to execute the bat file. I am getting an error message "( was unexpected at this time" and the execution of the batch file terminates.
What could be the issue?
Vincent
------------------------------
Vincent Dsouza
Original Message:
Sent: Tue September 08, 2020 02:56 PM
From: STEFAN VERMEULEN
Subject: Cognos 11.1.7 Single Sign on not seamlessly integrating with AD
The manual IIS configuration is quite tedious, so using the supplied batch file is strongly advised.
Do you use the AD connector or an ldap connector to point to Active Directory?
In the sso virtual directory, go to authentication, and in the "windows authentication" section, what providers are listed from top to bottom?
Did you check on NTFS level that domain users have read/run/execute rights on the analytics folder?
------------------------------
STEFAN VERMEULEN
Original Message:
Sent: Tue September 08, 2020 12:07 PM
From: Vincent Dsouza
Subject: Cognos 11.1.7 Single Sign on not seamlessly integrating with AD
Thanks, Stefan for your reply.
The link that was used to configure IIS is appended below. There is also a batch file installation however I prefer to configure it based on the instruction in the URL below.
Also, In IBM configuration an Authentical to Active Directory has been created in the security profile and the test is successful.
https://www.ibm.com/support/knowledgecenter/en/SSEP7J_11.0.0/com.ibm.swg.ba.cognos.inst_cr_winux.doc/t_gateway_iis.html#gateway_iis
Vincent
------------------------------
Vincent Dsouza
Original Message:
Sent: Fri September 04, 2020 08:40 AM
From: STEFAN VERMEULEN
Subject: Cognos 11.1.7 Single Sign on not seamlessly integrating with AD
There was an sso issue with the 11.1.7, so make sure you use the updated IF001.
As for SSO itself, it comes in various tastes like NTLM, Kerberos or Kerberos with Constrained delegation.
If can be configured on both the AD connector and the LDAP connector, again both in various tastes.
Could you link to the documentation you used, as that would be a first good step for me to understand what you are using.
------------------------------
STEFAN VERMEULEN
Original Message:
Sent: Wed September 02, 2020 09:49 AM
From: Vincent Dsouza
Subject: Cognos 11.1.7 Single Sign on not seamlessly integrating with AD
Hi,
Based on the IBM documentation, SSO has been configured to integrate with Active Directory however when users click on the home page URL they are prompted to enter their network credentials and then successfully sign-on to Cognos. With SSO configured users should not be prompted to enter their network credentials to sign on to Cognos.
There are no issues with single sign-on on version 10.2.1, what could be the issue with version 11.1.7
Vincent
------------------------------
Vincent Dsouza
------------------------------
#CognosAnalyticswithWatson