Thursday 5 April 2012

UNDERSTANDING GROUPS AND CAPABILITIES


Hi Guys,
Things discussed below
1)Groups and roles
2) Capabilities.
3)Read,write,traverse,set policy options
Note:-Below are list of Container Objects Folders,Packages,groups,roles and namespaces
What are Different permissions available?
1) Read
You can view all the properties of a entry and create a shortcut to that entry.
If you want to open a report in report studio you require read permission.
It allows you to copy a entry.
2) Write
You can delete a entry.
Make chagnes to it.
3)Execute
Means user can run a report.But cant open it in report studio unless he has read.
4)Set Policy
You can change security settings for a entry.Without set policy you cannot see security settings
of a entry
If person has set policy permission for a entry he can take ownership of the entry
5)Traverse
If a user has traverse permission to a package then he can see the reports in that package
traverse is must if you want to go inside a package or a folder
What is the differnece between write and execute??
If you do not have traverse option for parent entry container , you cannont access the entries below it
Most access permission are aquired from parent entries.If you do not explicitly specify properties for a entry.They are taken from parent entries.You can define permissions for entries which are different from parent permissions.
Trusted Credentials -Must be created when you want other ppl to use your credentials to certain
tasks because they do not have their own credential.I have never tried creating these.
Intial Security– When you first install Cognos
System administrator has access to all .Initially Group everyone is added to system adminstrator
that is the reason everyone can see administrative tasks.
Every person if he is there in any group or not there in anygroup he is automatically there in
everyone group.
Consider below Case:-
Now you want to create 3 roles
Developer,
Business user,
Advanced business user.
You create that group and add it to any existing role.According to capability and permission set
for that role the permissions of that group will be set.
Now what do you mean by setting capabilities for a role and assigning properties for a container.What is the difference???
What are capabilities?What do they allow you to do?
Example..You can specify if a user has read permission to reports in a package.Now this is
possible because user is part of a group and that group has read permissions to that report.Now
capabilities specify what a group can do once they are inside report studio.That is called
capability.
Below is the list of some report studio capabilities
1)Allow external data
2)Bursting
3)Usign HTML Items in report
4)Use Userdefined sql in reports
What are different roles in cognos administration and what capabilities they have??
Roles by default have the capabilities.Like suppose you have report administrator role and you
try to give only traverse permission to that role.By default it has capability to go inside and
change the role.
Notice that when you add a role some properties are set by default and you cant change them.If
you add report administator to report properties.It automatically assumes property of set policy.
Report adminstrator role capability does not allow it to see security tab.
How to show package only for limited groups and hide for all the others??
Just add the group that should have see the package simple.

No comments:

Post a Comment