Cognos Analytics

Cognos Analytics

Connect, learn, and share with thousands of IBM Cognos Analytics users! 

 View Only

  • 1.  Reporting off current folder and report permissions

    Posted Thu April 28, 2022 04:27 PM

    Good afternoon all...

    I have something I need to clean up. Not one I created, nonetheless, it needs to be cleaned up but I fret that...

    1) This is not the right place to ask.
    2) There isn't a short and easy answer.

    I know there are Audit tables I am reporting off of to capture user and run data on reports run within our environment. But is there a way I can build a report in my Cognos environment to pull the current folder and report permissions setup for a tenant in our Cognos environment? 

    Client was migrated and nothing came over from the old environment. I want to try and help assist them with cleaning it up by running that in the old environment. Sounds like the only other way is to go in and take screenshots of the folders at least and then later dig in to see if any reports had custom permissions on them. 

    Thanks!



    ------------------------------
    Jeff Stein
    ------------------------------

    #CognosAnalyticswithWatson


  • 2.  RE: Reporting off current folder and report permissions

    Posted Fri April 29, 2022 02:48 AM
    Hi Jeff, 

    As far as I am aware there is no way to generate permissions by object (report, dashboard, folder, package etc) using the audit package. You may want to take a look at tools like Netvisn, Metamanager or Motio for such extensive information. Or may be if any body else on this forum has any queries that can be run against the content store they would share. 

    Regards,

    ------------------------------
    Kiran Passumarthi
    www.linkedin.com/in/kiranpassumarthi
    ------------------------------

    Original Message


  • 3.  RE: Reporting off current folder and report permissions

    Posted Mon May 02, 2022 07:00 AM

    Hi Jeff,

    There is - to my knowledge - still no out of the box solution for this. Not sure if tools like Meta Manager or Motio can achieve this nowadays.
    Most settings in Cognos can easily be found somewhere in the Content Store database. However, the security policies are written encoded in hex, and you can't simply edit them via scripts. 

    I have been regularly asked by our clients to implement an additional Audit framework. In this 'element61 Audit' tables, one can not only see executed report information, but also the real content on the system, and one can link both. We also in this way undoubled the log data for user activity (by default it shows logon timestamps and logoff timestamps, and not real logged in timings), and added several KPI's which were not available by default.

    As an add-on to this, upon specific request of one of our clients, I built a solution a few years ago that decoded the security of each report/folder, and was able to list it in the Audit tables. We were even able to then use these helper functions to automatically look for specific users/roles in the security and adapt them automatically. The client was running 2000+ reports in 1000+ folders, so the research was worth it, instead of trying to manually adapt this one by one.

    On the negative side, my scripts were specific for a SQL Server Database. Any other database would need quite some work on changing the scripts.
    It will take several days of work to get this same solution working for another client. And time is an issue in my fully packed agenda.

    I would look into MetaManager to see if they can help out on this.
    If not, if you are interested to talk about this, please contact my company (www.element61.be) and ask for the IBM Cognos department to look into aiding you in this.

    Kind regards,
    Joeri



    ------------------------------
    Joeri Willems
    ------------------------------

    Original Message