Cognos权限管理注意的地方

Cognos权限管理注意的地方

Everyone
This group represents all authenticated users and the Anonymous user account. The membership of this group is maintained by the product and cannot be viewed or altered.

You can use the Everyone group to set default security quickly. For example, to secure a report, you grant read, write, or execute permissions to the report for the Everyone group. After this security is in place, you can grant access to the report to other users, groups, or roles, and remove the group Everyone from the security policy for this report. Then, only users, groups, and roles that you specified have access granted to the report.

You can use the Everyone group to apply security during deployment , but you cannot deploy the group itself .

System Administrators
This is a special role. Members of this role are considered root users or super users. They may access and modify any object in the content store, regardless of any security policies set for the object. Only members of the System Administrators role can modify the membership of this role.

The System Administrators role cannot be empty. If you do not want to use System Administrators, you can create an empty group in the Cognos namespace or in your authentication provider, and add this group to the membership of the System Administrators role.

When this role is created during the content store initialization, the group Everyone is included in its membership. This means that all users have unrestricted access to the content store. Immediately after installing and configuring Cognos 8, you must modify the initial security settings for this role and remove the group Everyone from its membership .

You can deploy this role .

将everyone 从System administrator 删除,然后将everyone禁用!!!!