Configuring IBM Cognos Components to Use Active Directory Server

If you install Content Manager on a Microsoft Windows operating system computer, you can configure an Active Directory namespace as your authentication source.

If you install Content Manager on a UNIX-based computer, you must instead use an LDAP namespace to configure Active Directory as your authentication source. If you install Content Manager on a mix of Windows and UNIX computers, you must use an LDAP namespace to configure Active Directory for all Content Managers. When you use an LDAP namespace to authenticate against Active Directory Server, you are limited to LDAP features only. You do not have access to Active Directory features such as advanced properties for domains and single signon with Kerberos delegation.

If you install Content Manager on a Linux®-based computer, the same restrictions apply as for UNIX. You must use an LDAP namespace to configure Active Directory as your authentication source.

If you want to use Microsoft SQL Server or Microsoft Analysis Server as a data source and use single signon for authentication, you must use Active Directory as your authentication source.

You cannot connect to the Active Directory Global Catalog, which is a caching server for Active Directory Server. If the connection uses port 3268, you must change it. By default, Active Directory Server uses port 389.

Procedure

  1. Configure IBM® Cognos® components to use an Active Directory Server namespace
  2. Enable secure communication to the Active Directory Server, if required
  3. Enable single signon between Active Directory and IBM Cognos components