Setting Access to Secured Functions or Features

You set access to the secured functions and features by granting execute permissions for them to specified namespaces, users, groups, or roles.

Typically, you grant execute permissions for the feature and traverse permissions for its parent secured function. For example, to grant access to Report Studio and all its functionality, you grant execute permissions for the Report Studio secured function. If you want to grant access only to the Create/Delete secured feature within Report Studio, grant traverse permissions for the Report Studio secured function and execute permissions for the Create/Delete secured feature.

Before you begin

You must have set policy permissions to administer secured functions and features. Typically, this is done by directory administrators.

Before you start setting permissions on capabilities, ensure that the initial security settings are already changed.

Procedure

  1. In IBM® Cognos® Connection, click Launch, IBM Cognos Administration.
  2. On the Security tab, click Capabilities.

    A list of available secured functions appears.

  3. Choose whether to set access for a function or for a feature:
    • To set access for a function, click the actions button Actions icon for the function name, and click Set properties.
    • To set access for a feature, click the actions button for the feature name, and click Set properties.
    Tip: Functions that have secured features have links.
  4. Click the Permissions tab.
  5. Choose whether to use the permissions of the parent entry or specify different permissions:
    • To use the permissions of the parent entry, clear the Override the access permissions acquired from the parent entry check box, and click OK.
    • To set access permissions explicitly for the entry, select the Override the access permissions acquired from the parent entry check box, and then perform the remaining steps.
  6. If you want to remove an entry from the list, select its check box and click Remove.
    Tip: To select or deselect all entries in a page, click Select all or Deselect all.
  7. If you want to add new entries to the list, click Add and choose how to select entries:
    • To choose from listed entries, click the appropriate namespace, and then select the check boxes for the users, groups, or roles that you want.
    • To search for entries, click Search and in the Search string box, type the phrase you want to search for. For search options, click Edit. Find and click the entry you want.
    • To type the name of entries you want to add, click Type and type the names of groups, roles, or users using the following format, where a semicolon (;) separates each entry:

      namespace/group_name;namespace/role_name;namespace/user_name;

      Here is an example:

      Cognos/Authors;LDAP/scarter;

  8. Click the right-arrow button and when the entries you want appear in the Selected entries box, click OK.
    Tip: To remove entries from the Selected entries list, select them and click Remove. To select all entries in the list, select the check box for the list.To make the user entries visible, click Show users in the list.
  9. Select the check box next to the entry for which you want to set access to the function or feature.
  10. In the box next to the list, select the proper check boxes to grant execute permissions Grant execute permissions icon for the entry.
  11. Click Apply.

    In the Permissions column, an icon that denotes the execute permissions granted appears next to the namespace, user, group, or role.

  12. Repeat steps 8 to 10 for each entry.
  13. Click OK.
Parent topic: Secured Functions and Features