Update Model Security; Union Of Custom Views - IBM Cognos User Manual

Update Model Security

When the security data in your authentication provider is updated, you are
required to update the security objects associated with Cognos Transformer custom
views.
When custom views are enabled for a model, Cognos Transformer reads the
security objects from the namespace configured in IBM Cognos Configuration.
Because there is no automatic synchronization of security objects between Cognos
Transformer custom views and your configured namespaces, when the hierarchy of
the associated security data is changed, or users are deleted, the model gets
updated but the associated custom views become invalid.
To update the security objects in your model, confirm that the users, groups and
roles are valid in the configured namespaces, and then adjust your custom views
accordingly.
Note: When you remove users, groups, or roles from your model, they are not
deleted from your authentication provider.
Step to Remove Obsolete Security Objects
Procedure
From the Security menu, click Remove Obsolete Security Objects.
Results
The security objects are updated, and groups, roles, and users no longer present in
the configured IBM Cognos namespaces are removed from the custom view.
Steps to Remove Security Objects From a Model
Procedure
1. From the Security menu, click Show Security Objects.
2. In the Security objects imported into model list, select the security object you
3. When you finish removing the security objects from the custom view, click OK.

Union of Custom Views

For the sole purpose of migration from IBM Cognos Series 7 security to an
alternate security provider, Cognos Transformer allows you to place security
objects from different namespaces within a single custom view.
IBM Cognos BI does not support secured PowerCubes that have been associated
with multiple namespaces except during the testing of migration. We do not
support the deployment of cubes secured against multiple namespaces within a
production environment because IBM Cognos BI does not indicate to end users
when they are not accessing the full view of the cube. For this reason, when you
deploy cubes for use in production, ensure that they are secured against only one
namespace by selecting the Restrict PowerCube authentication to a single
namespace option in the Signon properties in the Publish PowerCube as Data
Source and Package wizard.
The Security Object Management dialog box shows the security objects
imported into the model, and their associated custom views.
want to remove from the model and click Unassign Custom View.
Chapter 7. Adding Security
151