top of page

Setting up security for Cognos when you don’t have AD

When dealing with Cognos, security is controlled by a mix of connecting to an authentication provider (like Active Directory) and groups and roles that you can create in Cognos. Users always come from the authentication source.

As a developer, when I need to test something with security in Cognos, I'm always faced with the issue that I either need to have access to multiple user accounts or I have to get different users involved.

To deal with this, I needed a solution to security that I can fully control that lives on my laptop. There are various options you can use, but the one I selected is Apache Directory server. First, we need to make sure we have Java installed.

Download and install JRE 1.8 (jre-8u221-windows-x64)

Then we can download Apache Directory server:

I accepted most of the defaults when doing the install.

The only path I changed was the path to the JRE I installed in the first step (C:\Program Files (x86)\Java\jre1.8.0_221).

Answer Yes to start the server.

Download and Install Apache Directory Studio

I use all the defaults for this as well.

Once everything is installed, open Apache Directory Studio. In Connections, choose to add a new connection.

On the next tab, add in the default user as your bind account.

The password is secret.

Click Finish.

Expand dc=example,dc=comRight-click and choose New > New Entry.

Click Next, until Finish.

Repeat and type in ou-groups,ou=system

Right-click on ou=users and select New > New entry and choose Create entry from scratch.

Choose inetOrgPerson and click Add.

Click Next.

Choose uid and enter admin. Click next.

Enter values for cn and sn. Click Finish.

Right-click next in the attributes list and click Add New Attribute. Choose userPassword.

Add more users as needed.

In Cognos Configuration, add a new security namespace Cognos_LDAP and select LDAP and LDAP – General Default Values.

The things you need to change here are:

Namespace ID: <namespace name>

Host and Port: localhost:10389

Base Distinguished Name: ou=users,dc=example,dc=com

User Lookup: uid=${userID}

Restart the service.

839 views1 comment

Recent Posts

See All

How to upgrade Cognos Analytics

Had a chance to join the amazing Ryan Dolley today on a livestream detailing how to upgrade Cognos Analytics like a pro. Upgrades are one of the things I do

1 Comment

Frederic Naud
Frederic Naud
Oct 23, 2021

Thanks Sonya, I struggled with ApacheDS on my laptop and couldn't figure it out. Your article worked for me!

Fred Naud

bottom of page