Interesting. Your connection string must be correct, but the provider is not initialising.
When you attempt to test from Cognos Configuration, it will be in the context of your username (since you launched the Cognos Configuration application), not as the service account.
So in times where the user context is critical (like SQL server windows auth for the service account), it is important to either login as the service account or start the Cognos service from the control panel, not from the play button in Cognos Config.
If you can login as the service account that will be the ultimate test, otherwise start the service form the control panel in order for the service account to be used, not the account you launched Cognos config as.
Windows can do some funny things with access and group policies in an enterprise, so keep digging into the service account and try to ensure it has access all areas.
------------------------------
Luke Peterson
Business Analytics Advocate
IBM
------------------------------
Original Message:
Sent: Wed December 11, 2019 09:25 AM
From: Chris Stadler
Subject: Trying to Configure Active Directory 11.1.4
Thanks for the info. I did try that tech note and it did not help. The problem is it doesn't even pass in testing. I also downloaded the software you recommended and that works with the same exact info. So I am open to any other suggestions.
------------------------------
Chris Stadler
Original Message:
Sent: Tue December 10, 2019 11:32 PM
From: Luke Peterson
Subject: Trying to Configure Active Directory 11.1.4
Hello Chris,
Based on your error string the following technote should help: https://www.ibm.com/support/pages/node/498113
Since you can connect using the LDAP provider the above is more likely to be the case (Cognos service cannot start the AD provider on your server). Try running the Cognos service as user in the local administrator group (service account with non expiring password added to local administrators group).
If this doesn't help, try connecting with AD explorer using the connection information you have: https://docs.microsoft.com/en-us/sysinternals/downloads/adexplorer
This will help rule out connection properties, but think the service account will help based on what we have seen.
Let us know how you go.
Regards,
Luke.
------------------------------
Luke Peterson
Business Analytics Advocate
IBM
Original Message:
Sent: Tue December 10, 2019 03:26 PM
From: Chris Stadler
Subject: Trying to Configure Active Directory 11.1.4
We are starting the process of moving to Active Directory from a different LDAP software. I however appear to be unable to figure out how to do this is in COGNOS. I have set the host and bind information but it fails every time in testing. I can use the same server:host and setup as an LDAP within COGNOS and it tests fine (using the fully qualified DN for the bind). Therefore, I know the server is up and working and has communication (ports opened) for this to work.
What is the missing piece to get just Active Directory to work? I am guessing my Bind information is wrong but I have no idea at this point what it should be as I have tried every possible combination of username, server\user, fully qualified dn and .\username that I can think of for the bind user, and am 100% sure the password works as I can connect with multiple other tools using it. So I am not sure what would be wrong here. I have also tried all the various technotes that come up in relation to this.
AM-AAA-0146 The namespace 'AD' is not available.
CAM-AAA-0064 The function 'CAM_AAA_Configure2' failed.
CAM-AAA-0089 The provider is not initialized.
ADSI Error HRESULT Returns:
ERROR_DS_SERVER_DOWN
ADSI Error:
System Error:
The server is not operational.
CAM-AAA-0124 The Active Directory function call to 'getDomainTreesTopology' failed.
------------------------------
Chris Stadler
------------------------------
#CognosAnalyticswithWatson