This tutorial provides detailed end to end steps along with the relevant screen captures and example involved in providing the LDAP Authentication Mechanism to IBM Cognos analytics Server using the IBM Security Directory Server. This would mainly include
A.Creating the LDAP the directory structure in the IBM SDS and verifying it with IBM SDS commands that can be used for Secured Authentication .
B.Creating the secured Authentication Namespace in Cognos for the IBM SDS and Verifying the same .
- Install and setup IBM SDS on an RHEL system
1.a Download the latest IBM SDS for RHEL from passport advantage
Detailed download Instructions for IBM SDS 6.4 can be found here
1.b Install the IBM SDS
Follow detailed instructions provided in the IBM SDS installation guide to install IBM SDS 6.4.It is easier to use Installation Manager GUI commands to install the installation manager repositories present in the sds64-linux-x86–64-base.tar.Select the “launch the IBM Security Directory Server instance Administration tool at the end of the installation” alternately “idsxinst” command can be run IDS administration tool.
1.c Note down all the ports , these details are needed while configuring the Cognos with IBM SDS.
For Ex:
Port: server port 389
secure server port 636
Admin server port 3538
Admin server secure port 3539
1.d Import the ldif file using IBM SDS Configuration tool
Click on Manage button in IBM SDS instance administration tool to open the server configuration tool.
Goto to LDIF tasks →Import LDIF data → Browse to the ldif file and press OK
1.e Verify that the DN credentials are working by executing following command without any errors
./idsldapsearch -D <COMPLETE DN> -w <PASSWORD> -p 389 -b “ “ -s base objectclass=*
Ex:
./idsldapsearch -D “cn=Eddie Catu, ou=In Flight Systems, ou=Austin, o=sample” -w <PASSWORD> -p 389 -b “ “ -s base objectclass=*
This completes the setup of IBM SDS with sample.ldif file.
2.Configure Cognos NameSpace with the IBM Security Directory Server
2.a Start the cognos config tool
/opt/IBM/cognos/c11_64/bin64/cogconfig.sh
2.b Select Security →Authentication →New resource →Namespace
2.d Configure Name space for IBM Security directory Server
2.e Provide a name for the NameSpace
2.f Select Type(Group) as LDAP
2.g Select Type as “LDAP -Default values for IBM Tivoli”
2.h Press OK.
2.i provide the IBM Security Directory Server’s Host and port details
Ex: <IBM_SDS_SERVER_IP_HOSTNAME>:389
2.j. Provide the base distinguished name and Bind user DN and password:
Ex base distinguished name: o=sample
Bind user DN: cn=root and its password
( In case if you are not using the sample.ldif file that is provided with the IBM Security Directory Server samples, please provide the respective values from your ldif file)
2.k Test the IBM SDS LDAP Authentication:
2.l Goto Explorer->Security->Authentication->Namespace(right click)->Test
and Provide the Complete DN as the user ID and its password
DN Ex: cn=Eddie Catu, ou=In Flight Systems, ou=Austin, o=sample
2.m. Following message is dispalyed on successful configuration
This completes the Cognos configuration with IBM security Directory server LDAP.
