Installation and Upgrade > Upgrade Guide > Updating to Windchill 12.0.1.0 and above > Configuring Windchill Business Reporting (Cognos) with Active Directory Service(ADS)
  
Configuring Windchill Business Reporting (Cognos) with Active Directory Service(ADS)
Starting Windchill 12.0.2.0, Windchill Business Reporting (Cognos) can be configured with Active Directory Server (ADS).
Cognos migration:
The following configurations are required if you are migrating from the previous Windchill setup with the V3 compliant LDAP Directory Server to ADS.
1. Windchill configurations:
a. Go to Site > Utilities > Info*Engine Administration > Adapters > <service_name>.Ldap > Additional Properties. Add the following properties in the LDAP adapter on the Windchill side:
Property - <service_name>.windchill.mapping.user.attributes
Value – objectGUID
Property - <service_name>.binaryMode
Value – objectGUID
b. Restart the Windchill Server.
2. Cognos configuration:
Before starting the configurations, take the backup of existing cogstartup.xml. For more details on Cognos configurations, refer to Export Cognos configuration from the IBM documentation.
a. Stop the Cognos service.
b. Delete the existing LDAP node.
c. Navigate to Authentication > New Resource > namespace. Right-click and provide the following details for creating the new namespace:
Name - AdministrativeLDAP.
Type(Group) - LDAP.
Type – LDAP values for Active Directory.
On creating a new namespace, provide the following details:
NamespaceID = <Name> (Eg:- AdministrativeLDAP)
Host and port = <HOST>:<PORT NUMBER>
Base Distinguished Name = <BASE DN>
Bind User DN and Password (specify user@domain)
User lookup = (sAMAccountName=${userID})
User external identity = True
External identity mapping =(sAMAccountName=${environment("REMOTE_USER")})
Unique identifier = objectGUID
d. Update the below mentioned additional attributes:
Folder Mappings (Advanced)
1. Object class = organizationalUnit, organization, container
2. Description = description
3. Name = ou, o, cn
Group Mappings (Advanced)
1. Object class = group
2. Description = description
3. Member = member
4. Name = cn
Account Mappings (Advanced)
1. Object class = user
2. usiness phone= telephonenumber
3. Content locale= preferredlanguage
4. Description= description
5. Email= mail
6. Fax/Phone= facsimiletelephonenumber
7. Given name= givenname
8. Home phone= homephone
9. Mobile phone= mobile
10. Name= cn
11. Pager phone= pager
12. Password= userPassword
13. Postal address= postaladdress
14. Product locale= preferredlanguage
15. Surname= sn
16. Username= sAMAccountName
e. Go to Local Configuration > Security > Cryptography and update the SSL Protocol to TLS1.2.
f. Click Save.
g. Right-click on the new namespace created. Click Test. The connection to the namespace should be successful.
h. Restart Cognos.
3. Web Server configuration:
a. Add the following entries to app-cognos-AuthProvider.xml file located at /Apache/conf/:
<provider>
<name> cognos-ldap</name>
<ldapUrl> ldap://<HOST NAME>:<PORT NUMBER>/<BASEDN>?sAMAccountName?sub?(objectClass\=*)</ldapUrl>
<bindDn> <user DN> </bindDn>
<bindPwd> <Password></bindPwd>
</provider>
b. Run the following command at the Web Server prompt from Windchill shell:
ant -f webAppConfig.xml installCognosWebApp
c. Restart the Web Server.
4. Configure db.properties file:
a. Update the Administrator userID and password for the new ADS. The user configured should belong to the Windchill Administrators Group. Set the following properties in the db.properties file and propagate:
wt.cognos.admin.uid
wt.cognos.admin.password
For more details on Windchill Business Reporting post-installation LDAP configuration and verifications, see Windchill Business Reporting Post Installation Instructions. For more details on Windchill Business Reporting configurations for upgrade, see Preparing Windchill Business Reporting for Upgrade.
b. Restart the Windchill server.
Recreating Cognos Roles and Capabilities Mapping with the Windchill Groups
1. You are required to reset the Cognos Administrator’s role to Default. For more details on changing the Cognos Administrator’s role, refer How to restore the built-in group Everyone to the Role System Administrators.
2. Restart Windchill and Cognos services.
3. Run the model update command:
ant –f wbr_actions.xml from <WT_HOME>\installer\wnc
For more details on Cognos configurations, refer to the IBM documentation. For more details on Cognos with ADS configurations, refer Steps to Configure Cognos With Active Directory.