Admin Features Upgraded in Cognos 11.1

Cognos Analytics 11.1 makes a huge step forward with its admin functionality. This release includes important features that were either missing or difficult to access in Cognos 11.0.

In this webinar recording, Cognos veteran and IBM Offering Manager Greg McDonald reviews what changed and shows how you can start taking advantage of these upgrades.

Topics include

  • Administration console vs. manage menu
  • Security
  • Multi-tenancy
  • Architecture
  • Upgrading


Greg McDonald
Offering Manager
IBM Cognos

Greg McDonald has been at IBM for 20 years. He started in Cognos customer support and moved into product management about 8 years ago. Greg’s areas of responsibility are primarily the platform which includes administration and security.

Machine transcript

Greetings everyone, and welcome to this latest installment of the Senturus is Knowledge Series Today, we’re pleased to present admin features that have been upgraded in Cognos. 11.1. We’re being joined by Cognos Product Manager, who’s going to do a live review of some of the new changes.

First, by way of some housekeeping information. You’re all being presented with the GoToWebinar control panel on your desktop. You can minimize that and or restore it using the orange arrows on the UI. Importantly, all of the microphones are muted, but you can submit questions via the questions pane, and we encourage you to do so.

The presentation slide deck first question that we get and get repeatedly throughout the presentations is: Can we get the deck from today’s presentation? And the answer is unequivocally. Yes, it will be posted up or likely has already posted up at More on our Resource library later.

Today’s agenda, we’ll do some quick introductions here.

We’ll go through the administration and management, talk about security, multi tenancy, overview the architecture, upgrades. Then, we’ll give you a Senturus overview for those of you who are new to send tourists, and I encourage you to certainly stick around as we have great additional resources and generally a great Q&A at the end of the presentation.

So, with that, I’d like to introduce our presenter today. I’m pleased to be joined by Greg McDonald is an offering manager at IBM. He’s been with IBM for 20 years starting out in Cognos customer support. And then, moving into product management where he’s been for the last eight years. His areas of responsibility are primarily on the platform, which includes things like administration and security.

Greg resides in Ottawa, Canada. And, as required by Canadian law, Greg’s photos all must be related to hockey. And here is where the solder editor, Detroit Letterings, came on. December 22nd, in Detroit’s. My name is Mike. I’m a Practice Area Director, Solution Architect and Product Manager here at …, and I’m your MC for the day so with that, I’m going to hand the floor over to Greg and Greg Floor is yours.

Hi. Thanks for my great introduction.

So, good morning, everyone, or good afternoon, everyone.

Again, as Mike said, today, we’re going to talk about Administration.

The, this is a presentation I did it, I think, this year.

And the idea of the presentation is certainly not a deep dive into all of the areas that Mike touched on and that are on the screen. Now.

The idea is to, in the next 35 to 40 minutes, give you an overview of where we’re going with regards to our manage and 11.0 and 11.1, and, of course, some of the new feature functionality and 11.1.

Talk to you about some of the new things with regards to security, multi tenancy, a couple of basic slides on architecture, but I can point you to a location where you can get more information on, on our architecture.

And then, of course, as always, when talking about administration, a few slides with regards to our upgrade.

Again, you know, we’re going to talk about these things at a very high level and then at a future time, we can dive into more details with Senturus teams.

So the first, the first thing I always like to talk to customers about is, is the goals of manage. For those cognitive 10 customers who lived in the admin console, you hopefully see the vision we have on the manage or administration team. And it’s really geared at simplification of common tasks and end.

When we, when we talk about simplification cromlech, so we’re not just talking about, um, installation configuration, although those are definitely front and foremost, but things like building jobs, things like that we’ll talk about soon and things like managing your licenses.

Significant enhancements to login in the later 11, 0 and 11 1 releases, then, of course, where we’re going with those things.

But, you know, eventually, our goal is to completely move the administration console, right?

As you can see, and as we’ve moved into 11.1, we’ve certainly removed more features, more functionality, from the Administration console into 11 1, manage.

But we’re not, you know, we’re not anywhere close to being where we want to be.

Our content is still a full content store deployment, as opposed to the functionality that customers truly need under configuration deployment.

So, it’s going to take us, probably the rest of this year and into next year, before we’re ready and willing to remove all of the functionality or move all of the functionality from the administration console into, into manage.

So I talked about a job card. One of the things that customers have been very pleased with, the new job cart, the new workflow. That we’ve got on the right-hand side, have we had more time today, or, less topics would have had a nice demo, but today, it slide where.

But you can see on the bottom right hand side, we, we’ve organized the allowed you to organize the jobs. We have drag and drop functionality.

You can set defaults a global level, for the job, at individual levels, and then, the last bullet on this slide is the one that I really want to talk about, because that’s been the number one complaint from our administrators up till now. And that is that in the Admin console, they have the ability to build.

Admin. Admin, tasks, right. Retention, rule updates, internal external consistency checks, and they can throw these into a job that they executed.

All of your, talk to me, on a detailed or one-on-one level, I would say weekly, biweekly, or monthly, at a minimum.

Some of these tasks, and coming very soon.

In the future 11.1 release, we’ll be that feature will be back in or in the new job cart.

And you’ll be able to, as an administrator, you’ll be able to build out those that are important system tasks that need to happen typically.

And realistically off hours, right?

These are the type of tasks you weren’t running during the day, and look for those in the near future. And, again, the idea with the new job card is we allow it to be controlled by the administrator, right? Unlike jobs, previously in earlier releases where everybody had access to them, Now, we have a capability so, some significant enhancements and, and, Still, some direct. Yet, and that seems common throughout the next 35 minutes. In that.

Know, some of the things we’re talking about are coming, you know, soon or later this year.

A big change we made was the not we call a simplification, really of routing rules, but the management of some, again, UI based.

Very similarly to what we did with the job, Cartwright, as an administrator of an organization that uses routing rules heavily and there are a significant number of use cases where routing rules are required.

Again, the ability to drag and drop the order of the routing rule, so that they happen mm, it can be easily adjusted based on your needs.

The ability to quickly and easily go in and copy a routing rule, right, instead of building a routing rule from, from, from the beginning. A lot of times, administrators, or, or, you know, power users, report authors who have access to routing rules.

They can build routing rules off previous ones. So, we’ve, we’ve done a lot of work in this area.

And, are actually quite excited about it.

Again, when we talk about administrators and manage and administrators, and then administration console, no.

We truly have tried to lift, um, and update, and enhance features that were in the Admin Console.

This is, again, one of those areas where it’s almost complete, that there’s one aspect where you have to create the routing group, the server group.

And that still needs to be done in the Admin console. So, that will be coming over fairly soon. And then this is one area that, you know, administrators no longer have to go to the Admin Console for, and, again, we encourage them to use the managed because of the Enhanced functionality.

Now, here’s an area that we’re all, you know, we’re all pretty excited with, and that’s in the new, log unit that was introduced in. The first iteration of it was introduced early in 11, 0. Primarily, around 1108, 1009.

But for customers, on the earlier versions of 11, or customers on 11 who haven’t tested out the diagnostic logging in session logging, it’s a huge enhancement over what we had in earlier versions. And. And diagnostic logging is the typical server type logging that you need to do where your, as you can see on the screen.

Where your trying to debug a content manager, or a report server, or a dispatch, or or a routing rule problem. And for our administrators on the phone, in our old world, we would have to go into the configuration directory.

And in there we would find the appropriate IPF log.

Rename it, in some cases, have to restart the system and use routing rules to force the request. Especially in, in, in, in larger customers with 20, 30, 50 report servers.

You will force a request to go to a certain server in our new world.

You go into Manage system, diagnostic logging.

And you simply choose the logger that you want.


And, they’re named they weren’t in, they’re named as they were in Cognos 10, as the IPF logs. We’re working on the proper naming of them.

But, the point is, with customer support or development guidance, you were able to enable them in the UI.

No need to restart the system Run through the test case. And the log files are created for you.

Cession logging is something that customers have been asking for, for, quite some time, and, and, you know, this is specific to a feature or functionality, maybe, maybe as an administrator, you’re setting a global theme.

And for some reason, you know, you’ve got a specific user on the system, attending a very unique problem.

And historically, session tracing, some people could call it, refer to it as died tracing, is very difficult to do.

And 11.1, now with session tracing, as an administrator, you enable the feature so that the user can see it in his my profile or preferences.

Once this feature is enabled, the user can then step through the problem they’re encountering.

When they’re completed with the problem, the log files created that touch every component that the request touched along the way.

And the reason this is so valuable, it’s because there’s no additional noise in the log file. So from a customer support development perspective, or an administrator’s perspective, who’s trying to debug an issue on, on premise, on their own environment?

Very powerful. Very easy to read. And, again, no noise.

And the administrator enables and disables the function should the user not disable or turn off session tracing by default, then by default, we turn it off for them. You know, when they close the browser, session tracing for that user is turned off after 15 minutes. Or, again, the administrator goes into manage diagnosed or session logging and turns off the feature for everyone.

It is not a feature that I encourage people to leave on, because again, no, our users of our system are always curious.

And when they see something that’s available to them under My Preferences habit says, well, let’s click it and see what happens.

So we encourage administrators to keep it off by default, and turn it on only when needed.

Now, for Log My Session, which are the two screens on the, on the left-hand side.

Once the feature is enabled by the admin, then they hit the user hits, Log My session, and the next screen comes out.

They turn on the session logging and they’re immediately given a log identifier that log identifiers, what they send to their admin, who then knows what log file to gather off the system after the test case has been completed.

Now, the user after running the test case can simply turn it off here if they’re diligent enough about it, if not, again, we turn it off for them.

When we move to Diagnostic logging, again, these are the traditionally IPF, flood IPF configure files that we had in our configuration directory that we required an administrator to have physical access to the machine.

Right now. There is no physical access required for the administrator to turn on and turn off this type of logging.

And what we’re, what we’re really excited about are, what we’re very happy about is the second tab you see.

So by default, all of the typical AAA for security CM for content, manager, dispatcher, any liberty issues we may be encountering. Alright, we have a list of ones that are enabled. They’re called built-in topics.

But let’s assume that we have a very specific issue that customer support and development are working with you to try to figure out what is going on with a request or with some sort of problem on the system.

What we can do now is the administrator can click on the right hand tab called Custom Topics. Development can build a topic or a logger, that is specific to tracing the, or debugging the problem that you’re encountering. They send it to you. It’s an XML document.

As the administrator, you simply upload it. It becomes available on the list. You enable it, run through the test case.

And that’s it? No, no more access to the file system. Now.

I continually say no more access to the file system, and I am partially stretching the truth in that.

Up until this point, there is no access to the file system, where this feature isn’t quite complete, is in both session and diagnostic logging.

The option for the administrator to view the specific log in the browser through some sort of a log viewer, or simply to download it.

So that can be sent to customer support or development.

Um, in my opinion, would, would, would mark this feature complete.

So, again, that’s an area I’m hoping to get to early this year, fingers crossed.

And again, for session logging, perhaps the users offered an option to download the log file, I tend to think that, that might not be the ideal situation.

But at a very minimal, once the user session has been, has been, once a user has gone through the test case and the session finished, then the administrators should at least be offered in the Manage Session logging pane. An option to download that specific log identifier for the issue. So, we still have some work to do.

But, I think, most administrators on the phone will agree, that this is a, this is a great enhancement over what we had previously.

And again, you know, regardless of the number of servers in your system, enabling it and disabling it this way pushes it out through our configure service to all the servers on your environment.

So, very nice.

Very nice new option, and 11 later, 11.0 and 11.1.

I always like to talk a little bit about customization and automation and, and as most know, our public APIs aren’t complete.

But we do now have a public rest API available for, especially for those service provider type organizations where you’re providing a service to.

Many people, many groups, whatever the case may be, we now have an API available for pushing out themes, which is very new.

Extension is a great way for an administrator to be able to build and control difference or make available.

Two users, different options, and themes and extensions, very powerful administrative tools.

When we talk about delegation of duties, which I probably didn’t do enough talking about it in the first slide but the, the idea of managers so that it doesn’t take a system administrator to do everything.

Themes is one of those areas, right, where we have an administrator, in this case, we happen to call them the Library Administrator, which encompasses a few things.

But, a system administrator can delegate to somebody who in the organization is a design person familiar with your corporate colors, images, and delegate that seaming duty to somebody else, which is really great.

And then, I call out customization of Cognos roles, because, today, you can only customize a cardinal rule, not a group, or an l-dap group.

And, really, the reason that this slide is here is because we have a lot of customers that have gone down the path of using customization and what customization of the Cognos rule allows you to do is hide features in the product. Right?

Hide things from the UI that perhaps you don’t want a group of users, or, sorry, a role of users to necessarily see what I like to always warn administrators about is that is not the same as a security feature.

This is a customization, meaning that we have many smart users in this world.

And when you don’t use a secure future by secure future, I mean something controlled by capability. Right?

Where the products Greg McDonald has been denied access to report studio.

There is absolutely no way in our product. Greg McDonald is going to access Report Studio.

Now, we’re using a customization of a role.

What we’ve done is hide the studio from Greg … from the Cognos UI. But that doesn’t mean a smart Greg McDonald being this one.

But, a smarter one could gain access through a URL to launch Report Studio.

And I’m just using reports to view an example, simply to call out the fact that customizing a role is not securing it.

Another thing, for customers that have their own custom sign in pages outside the product, we have a very, very nice group of a themes extensions and custom sign on samples.

So, if you’re a customer who likes to change the look and feel, no longer do you have to go outside to customize the sign in or login screen, right?

We provide great samples in the product that’ll give you a jumpstart into doing them and then of course, on the right hand side, setting them globally.

Right, not only the feature of the product, but we allow you to quickly and easily set them based on group.

Based on the role or globally across the product?

Now, here’s a sore spot for, for customers, entering into going from 10 to 11. And I was, are creating and managing of JDBC connection now.

Data server connections is primarily geared at JDBC, read are dynamic query management.

We had a lot of issues with the fly out panels and, and really around usability.

With regards to, as the panels fly out, there’s, as you can see on the screen, as general setting schemas, permissions, JDBC, URLs, and, and, right now, going on, right now, so, not for Cognos 11.1.1 or 11.1 point 2. But, very shortly after that, these data server connections are going to be redone with significant emphasis on ease of use.

Many design sessions with customers have gone on to build them.

And then, of course, our classic query connections, No, still managed in the admin console.

Oh, very quick slide here on scheduling, and.

Subscribe, subscriber subscription. Now, the fact is, that a subscription is a lightweight schedule.

It is still controlled by the capability of scheduling.

Therefore, you can still dictate whether a user can schedule by minute bisected by hour by day, by month by year, so on and so forth.

But what we had in Cognos 10 was that very detailed customers would call it heavy schedule, right?

Where you had, as you see on the right hand side, and that’s only part of the options, many, many options for …, make creating a schedule, whether that be on a report, a burst, A, job, whatever the case may, be. And we really needed or were told, we really needed to simplify.

So what we did was, we introduced this subscribe option.

And what administrators need to understand is that the subscribe option is just a lightweight schedule, right?

It’s still behaves the same way, you still track it as a user, in my activities and schedules, and as an administrator, you still track schedules and subscriptions in activities.

And, again, we’ve done a lot of work and 11.0, 13, an 11.1 point 1, and two, with regards to some of the functionality that was missing and on the right hand side.

You know, you can see, that you can filter the schedule or Activity, story or subscription. Under the All Filter, you can further filter what it is you need to do by user, whatever the case may be. And then, on the right-hand side, some of the things that were missing from the earlier releases of 11, probably up to 11, 11. Although, don’t quote me on that, it was sometime around there.

Was things like run, one, modify the schedule, right?

So, all of the things that the customers were, we’re letting us know we’re missing from the product I think in this area and I’m not going to, I’m not going to sugarcoat this.

That is probably one of the ugliest bar charts that we have.

So, you know, this is another area that we would like to continue to enhance.

Right, we’d like to put a visualization in there that administrators can actually come in here and functionally use, drilled down onto start to leverage our own product more significantly for our administrators. So you will, by no stretch of the imagination, are we done here.

Just calling out that, if you were to move from earlier 11 to 11, 1, or 10, in the, in this area in particular, I think you’d be very happy, 11. Time check here. We’re about halfway through. Just wanna. Make sure we’re on pace here, OK. Thanks. Perfect. Thanks. Yep, thanks.

Um, you know, is the people capabilities and contacts.

Again, an area where as an administrator, you typically lived in two worlds.

Right? You lived in Manage four accounts.

And the Admin Console for capabilities and contacts. Well, now, you can see an 11.1.

The full functionality back. This is one area of the product, where, as a user, sorry, as an administrator, you no longer have to go back to that administrative costs.

That Administrative Console, The old one now, like to call out a couple of great things about the new features.

The, the search are defined, right, so that you can quickly get to the capability of the top rate, or contact that you’re looking for.

And, again, when we start to take a look at what we’re hoping for later this year, it’s the ability for an administrator to go into accounts, go into the l-dap provider that speaks to your corporate directory and begin to look at the capabilities assigned to an individual.

Which is really exciting because today, as you know, if you’re debugging some sort of an issue with a user, you’ve got to ask the user for a screen capture of their groups roles, unless you’re using something like audit extension, which we’ll talk about later, to Debug.


So, a really great enhancement that I’m looking forward to later this year.

System Configuration tasks.

So, again, no.

What we’re trying to show here is that the real true end goal to all of this is that you as an administrator never have to touch or look at Cognos configuration.

On an individual machine, again, we’re not there. We’re not close to being there, but that’s the direction we’re moving.

And in the next few years, that is absolutely where we’re going.

The point of this slide is to show you that we’ve already made the jump, right?

Diagnostic logging, sending security function, sending things that you would typically set in Cognos configuration. Or, access to the file system is now being pushed to manage.

Right? When we go to 11.1, that previous screen was 11.

We’ve moved that bar further forward, and 11.1, showing you then. Now, you’re setting log limits through the browser.

If you see, at the bottom right-hand side, you’re working with development, they say, Oh, in order to do that piece of functionality, or enable an old behavior, or whatever the case may be, typically you might have to modify a system file, not anymore with our advanced settings, development gives you the key value pair.

You press OK, and through our Configure service, we push it out to the system for you.

So, again, giving the administrator the power to work the system from his desktop without having to enable SSH sessions or remote desktop sessions to servers and do this across. Right? Again, it’s not about one server.

In a typical production environment, you know, we’re looking at upwards of, you know, tends to potentially hundreds of servers.

So feature I always like to call out when we jump to security. Right? The licensing and auditing hot topic. All the time.

And thanks, Mike. I’m going to speed it up a little bit here.

Right? This is the number one thing I talk about any deep dive I do on security.

The ability to be audited or, sorry, when the customers audited. This was one of the first things that an auditor is going to look at in a namespace.

In Cognos analytics, you as an administrator enabled namespace.

Typically, your corporate l-dap, if this setting is set to false, that technically means anybody with the cognitive analytics URL.

And part of your corporate l-dap has access to the system.

That could potentially mean you need a license for every single one of those users with simply putting this to true as it is on the screen.

Means that, um, that user or group in the URL has to explicitly be added to a Cognos group.

A rule effectively limiting the number of licenses required in your environment. Right? And, and that’s something that should be on every customer’s installation.

Content based capabilities. Something I love to talk about in lots of detail. Essentially, what this capability does is it allows you what a package or folder level to control. What, product capabilities can be used with that asset?

So example, on the screen here I have gone to my audit package Weathers, under no circumstances. Do I For this particular package, one query studio, to be used against any audit report.

So I can simply go in here, add everyone explicitly deny.

Um, Query Studio.

And with a minimal click, nobody can know, I’m using that as an audit.

You might have packages that return, potentially, return millions or billions of rows or data, and you may not want a dashboard hitting it, or a user accessing it by accident.

Rural content based capabilities are phenomenal and my goal is to continue to expand those datasets, modules and uploaded files securing Cognos Analytics: Millimeter. Again, this is a long, long topic.

However, we have a draft document that I’m going to give Pinterest access to.

What this document does is step you through securing Cognos analytics and to end with suggested cryptography.

Obviously, we don’t want unsecured communication anywhere in our application, this document steps you through configuring the system because while our document documentation no.

God help me, I’d have to try to find some things sometimes, but, documentation is complete, but there’s information all over the place. And, what we’ve done is we’ve gathered this practice into one comprehensive document that walks you through with screen captures, how to set up, essentially, what’s on the screen. Right? And that is, end to end encryption from your entry point, your hardware firewall. Your load balancer, SSL, TLS 1.2, right, all of these things enabled in the product and should be enabled by default communication between the Cognos components.

Community, all temporary files, what systems should not have temporary files encrypted while none?

All the way down from the content manager communicate into the content store database over SSL.

And then, of course, you’ve purchased an enterprise database, they have data at rest capabilities. And they should be absolutely used at all times.

Again, I’ll make the docket the draft document available published later this year.

But happy to get feedback on it earlier from, from anybody on the phone, um, open ID Connect. So, we have a lot of customers still today, asked me about….

When we talk about Web based authentication, thermal was obviously, a big one in the market.

However, I know it doesn’t, not a web based authentication mode. So, you know, there needs to be a browser. Sorry, at the browser based. So there needs to be a browser. If somebody has a type stuff in to it and click OK. It doesn’t assemble, isn’t great and isn’t big on groups. Well, obviously, these things are extremely important to a business intelligence applications. So when we started looking at web based security, we talked to some of the big companies, like often paying, and where they were going and what they were doing. And all of them are going towards open ID Connect.

And Open ID Connect is a very robust and very flexible, well strict, but flexible way of connecting to an IDP.

And as you can see, on the left-hand side, Active Directory Federation services locked a pain, Salesforce, all of these traditional, thermal ID identity providers are all moving over to open. I mean, they’ll support both, but there are moving over to open ID Connect and out of the box today when you install Cognitive Analytics 11.1.

No ADFS doctor pink salesforce. These are all in the box.

They’re all available for you to select five parameters, maximum for the, the, the most complicated one, and you’re communing with your IDP. Them.

Open ID Connect allows for credentials, right.

You can save credentials, whereas you can’t with Sam also.

Scheduling reports thermal. Not so good. Open ID Connect. Excellent. So, if you’re looking at web based authentication, and I hope you are, you know, take a look at what we have, Talk to your IDP.

In most cases, every single one of the ones on the left, fully support, open ID Connect. But it’s probably one of their newer versions.

And I would say within the last year and a half.

We then entered the new one at the bottom there, the generic, which allows us to connect to to ones that aren’t available in the box, touch very quickly on the next two slides, auditing. New for auditing is dashboards, these stories are audited and we’ve introduced three new packages.

Sorry, three new reports, that allow you a little bit more in default.

And you can always go in and create what you need with DFM package. But one of the big ones, obviously, is the deleted user account, right? We have new requirements in the market, GDPR, things like that where you have to report that a user has been deleted from your system.

So that allows for it.

Hot topic I hope on this phone administrator’s cognitive analytics audit extension is available for 11 and 11.1. I encourage you to go out and get it.

Yeah, the account audit, I think I have about five minutes left, right, Mike?

That’s about right.

You can run a little bit longer than that, OK, thanks, the audit extension is an account audit, which allows you to audit all user preferences all when they entered into the system.

Even with the audit, when they left the system, the content audit, really important to, if you’re interested in tracking changes to objects, who changed, when the permission was changed on it.

Who gave certain capabilities to a person and an individual, um, or even a group of individuals.

And, this was a huge mess for us when going from 10 to 11. And it took us, took us a little bit to get there, but I’m happy to say that the audit extension is back. And, again, if we look to the future, I truly hope this becomes just part of our default audit package. It’s very easy to configure, very easy to install.

The URL is at the bottom of your screen. However, Google Cognitive Satellites are extension. Great white paper on it. Please read it, provide feedback.

Licenses, smell, and the area of investment for Cognitive Analytics 11 was licenses, right.

We continued to have customers complain that, you know, they had no true way of monitoring, at least not an easy way.

Or if they were being audited of showing an auditor, or showing somebody internally in their cut in their own environment.

What was being used? What wasn’t being used? So, we introduced this in cognitive analytics, and it’s absolutely phenomenon, as you can see, the license roles, Analytics, Admin, Explorer, user, and information distribution.

Those are now default Cognos roles in the in the Cognos namespace, and, those are the license roles.

And, we’ve already assigned the proper capabilities to them, so that if you use them, obviously, this screen will update, um, as you would expect.

But, what I’m very pleased to tell you is that we don’t base it just on the cognitive analytics role, right? The analytics administrator, or explorer. What I mean by that is, we’ve done this, the calculation, based on the capabilities of the user.

Yes, they roll up to one of these, but they’re not explicitly tied to the actual built-in rule, meaning that if you still use the author or the Consumer Built-in Rule, or you use your own, when the user logs in, we calculate the capabilities that are assigned to them, and we assign them to the proper license role.

And of course, the owned is a typing field, so you, as the administrator, can type in the, the licenses that have been procured for you so that you know if you breeched your licenses, and then the little greater than sign. On the right hand side. If you clicked on that, let’s assume you have 2, 2 licenses own. But Use showed up this four.

You can click on that arrow, and we show you which users have logged in and have those capabilities.

And that’s really important for an administrator to quickly and easily determine who has perhaps granted capabilities that they shouldn’t have.

And if we look at that other feature I was talking to you about where an administrator in the future will be able to see the capabilities, groups, and roles assigned to a user, you can vary. You can see very quickly, and easily how we’re helping our administrators.

You have complete control over who’s accessing their environment and with the right capabilities.

Now, I’ve got two slides here. I’ll scroll over very fast. This is an hour to hour deep dive conversation, not multi tenancy. What I like to say about multi tenancy at a high level is that.

In terms of an upgrade or in times of amalgamation, multi tenancy is a great way where you say you have three departments in your organization, they all have their own dev, u.a.t. and production. Why? Because they have to be segregated.

Well, multi tenancy allows you to bring those environments together to, one, say, Senturus of excellence, but still, 100% isolate those tenants so that users from tenants have no idea they can be seen differently.

They can be customized differently to whatever you need have.

Further to that, we actually have Tennant auditing, so that you can audit individual a tenant, you have complete control of a tenant, you can disable one tenant, and he didn’t pay his bill.

You can turn them off, here’s a user that’s running some crazy report.

It’s affecting the system, you can actually terminate sessions from a tenant, A tenant of multi tenancy offers you. A significant level of control, especially in, in, in, in terms where you’re trying to eliminate the number of administrators you have potentially have an environment amalgamate systems, deprecate Hardware multi tenancy is a great way of accomplishing that.

I’m going to skip over that slide because it’s.


And what I’d like to say, lastly is that.

Our architecture, um, complicated and has changed!

Just give me one second, I apologize.

And has changed significantly over the years and wildly. The architecture looks complicated.

In fact, are topology, has stayed very much the same. We have a Gateway tier and application tier content here in a data tier. And what we don’t want customers doing is thinking that it’s much more complicated than it was before.

Um, you know, the same three levels that same installation happened that that has always done.

As we move into 11.1, what’s really important for a customer that’s upgrading to know is that they have significantly more resources, have been added to the system, right, for smart, or whatever the case may be.

Eight gig of additional memory is a big one that you have to be aware of.

Capacity planning, if you’re doing a major upgrade.

Again, this is something that you can talk to your CTP, or even me.

About getting somebody comes in.

Does an interview with you, Takes a look at your environment and ensures that everything is running well.

Then, of course, upgrading is a plan.

It’s something that you have to look at, and absolutely plan up. This is four stages of the Upgraded Now, if you go to our cognitive community.

We go into detail about each one of these four steps and how they can help you. How you need to evaluate systems before.

You even begin to go in and go through an actual upgrade, right? Evaluate resources’. Talk to your users, look at auditing what is and what isn’t you.

Then, of course, Life Cycle Manager, I’ve got great presentations on that on the community, also that I’ll share, and they really help you with regards to doing side-by-side regression testing during the upgrade.

And then, that’s it. With that, I’ll hand it over to Mike again. Thank you very much.

Great, thanks, Greg. So, everybody, stick around to answer some of the questions. The great questions in the question logs, after I run through a few slides here. And those of you on the line, as Greg did, a very high level overview here. And we obviously had to sit in the time allowed. Please put in the question pane, if you’d like us to go into other areas that perhaps were covered today, or any deep dive requests for subsequent webinars that we can plan or individual calls. Right. Of course, you can always reach out to us here at Senturus and well.

Get you the answers that you need. So, with regard to things that we can help you with, in terms of upgrade assistance from Senturus, we have a range of options that range from Quick Starts to help you obviously, get up and running quickly. We do the installation and configuration of a dev environment, plus the documentation that goes along with that. From there, it goes into more full upgrade implementation, where it’s across all your appropriate environments and all the components there.

And then we also offer a BI concierge service where we give you access to our entire team of experts that you can fill in as needed, based upon your project or your upgrade or implementation requirements. If you’re interested in that, you can reach us at the e-mail there are at the AAA number, at extension 85.

So, real quick overview before we get into the Q&A.

So, weird Senturus are known by our clients for providing clarity from the chaos of complex business requirements, all the myriad data sources that you find, the data that you’re drowning in, and constantly moving targets.

So, we are experts bridging the gap between IT and the business users, deliver solutions that give you access to reliable, analysis, ready data across your organization, so you can quickly and easily get the answers that you need, at the point of impact, the decisions you make and the actions you take.

Our consultants are leading experts in the field of analytics, possessing years of Pragmatic, real-world expertise, and experience advancing, the state-of-the-art, were so confident in our team, in the Senturus methodologies that we uniquely back our projects with 100% money back guarantee.

We’ve been doing this for quite a while, approaching 20 years here, over 1200 clients in 2000 projects. The breadth of clients, many of whom you recognize in the slide, if you’d please FAFSA, you’ll recognize a lot of those. We’ve covered just about every industry out there.

From the Fortune 500 to the mid-market and Solve Business problems across many different functional areas as well, including the Office of Finance Sales and Marketing, Manufacturing Operations, HR, and IT. So if you need someone to help you with your next analytics projects, we’d love the opportunity to leverage our experience in your organization.

A few upcoming events here we have.

Data modeling is required skill featuring Senturus, Albert Valdes that you can register for its That’s coming up on March 28th.

And then, moving to the Cloud Pros, Cons and Considerations will be another excellent webinar on Thursday, April 11th. So, please visit our website at for that.

Always invite people to take a look at our resources page. If you go to, you can see upcoming events, our resource library, and our blog, where you can find bite size information around. What’s top of mind? The resource library is tremendously valuable.

It has, in addition to today’s webinar, the recording, the presentation, and the completed question log, it has all kinds of great information, past webinars, with all kinds of great content out there.

Then, lastly, training options, if you go to We have excellent, regularly scheduled courses that are live, hands-on, and interactive, and a virtual classroom, with very experienced excellent instructors. We also offer large group and private instruction, as well as highly cost effective, self-paced learning.

Then we’re going to jump back over here to the Q and A and so hopefully you’ve had a little time to take a look at that. Of course, we always get questions around, I’ll give you an easy one right out of the gates, here. Any rumors or information on availability of 11.2?

Well, yeah, I love them. 1, 2, I would say you could probably almost hold your breath and wait for it.

OK, so, imminent.

Yep, in terms of best practices for cleaning up custom security settings from C 10 that came over from the content store. When upgrading to see, do you have any, any tips on that or any resources?

Well, I’m not sure what custom setting.

You’re talking about one option of cleaning up if you’re, if you are willing and, I think it’s a great idea is a Cognos deployment file and not a full content store deployment, but just a package and folder deployment.

It allows you to strip security from all the content, import it and then re-applied security in neither using a new namespace.

Maybe you’re moving over to a web based authentication, which would be phenomenal, but it does, it allows you to strip the current security off objects and re-apply them in the new environment. Full content store or database upgrade, won’t allow you to do that.

That’s great, so you can kind of start with a clean sheet. Is a question about the oddest Audit Extension? Is that available 1111 when cloud version.

Now I don’t think it is yet.

I know that the offering manager for Cloud, David Cushing, I know he does have plan to enhance the auditing in the cloud with the audit extension. But I don’t think it’s available there yet.

Good requests per day, or there’s an RFP out there, or an idea that I encourage you to vote on for that.

Great question here around configuring the JVM. How do you configure that for the new compute service?

Excellent. Actually, the new compute services that don’t. And by default, as you saw on the slide, eight gig, and by default, the compute services based on the same size as the query service, it is the child of the query service. Now, if you go up to the analytics community by the end of next week, we’ll actually have it documented.

I’m not going to say it’s a tuning document.

Because it isn’t a tuning document, although it allows customers to go down that route. Because what it does is, it explains.

A lot of our current, I don’t want to say legacy, but some of our current processes, C plus processes are Java process, talks about our rest processes.

Talks about our JVM, the default, and actually make some recommendations loosely based on size of an environment, as you can imagine. Tuning a BI application.

Any BI application isn’t a thumb suck.

It takes a significant amount of technical knowledge and knowledge of the user community to what they’re doing Types of reports, user concurrency output. Output types right. HTML significantly later than PDF generation size.

So that document will give you some insight into what the processes are when it comes to tuning or steadying JVM.

The best thing to do is a technical professional through your sales rep, take a look at the presentation on the community, or again, engage us on a capacity plan.

For BI data sources, is there an option for encryption? Like you have an ODBC connections where there’s a check box where it will take care of some of that stuff or is that something that’s available or will be available?

Yeah, encryption on all data sources is available through JDBC.

And that’s assuming, of course, that the data source you’re connecting to be a secure data store database.

But, yes.

It’s a matter of importing the database certificate into R Cognos key store, or CA Sort key store and there’s pretty good detail, pretty good documentation on doing that, and also for encrypting communication between the content manager and the content store database.

So, yes, both are available and I highly encourage you to utilize both.

Somebody put this question in the logs like three times. So they really wanted answered its saying that transformer V 11 is not compatible with TLC, 1.2 yet. Is that are there plans to have that updated?


Yep, we have that coming later this year, OK, fantastic. Where can people find out more about the license counter because they want to know about resetting for users that they deleted, for example?

So, for a user that they believe, well, we have that report.

That allows them to my favorite question again.

They’re interested, sorry, I scrolled forward here. More about the license counter so they’re really interested in how it resets for users that were deleted, for example.

OK, good, good question, actually.

And actually, you should again, I’m going to keep telling that community because I want I’ve created an administrative section in the cog in the analytics community, the folders are there, the placeholders? Are there a license?

A deeper dive on licensing, presentation, and a couple of videos are coming, but the short answer is, whether you’ve used the external consistency, check the Administrative tasks that I encourage you to use. Run it on a scheduled basis. It checks the person who’s previously logged into Cognos with your l-dap. If the user exists, we move on. If the user doesn’t exist, we flag them for deletion. The process can automatically delete that user for you or is the administrator. You can read the output, go in and delete the profile now.

As you said, the user is logged in, therefore, that license taken up.

Now, once you go into the license Managed license pane, if you hit Refresh, we will validate that all of those users still exist. If the user doesn’t, then that’s how the licenses is freed up. Just one more comment on that.

The same holds true for changing the, the, the capabilities of a user. So, today, I realized that I have an administrator who shouldn’t be.

We calculate that user’s license role based on the last time they logged into the system, right?

That’s the way the feature works. So, if, as an administrator, I figure out why Greg McDonald has too much capability and what capability has, and I remove it.

Well, when I go to my managed license, even if I hit refresh, Greg … still shows up as a user and an analytics administrator.

However, the next time I login on recalculated and the right license role will be free. License will be freed up for administrator and placed properly in information distribution or wherever it is I belong.

Great. Thanks For the question about the increased memory requirement. So, is that additional eight gigabytes of ram required slash recommended for all three tiers? And can you talk a little bit about that?

It’s on the, it is on the application tier, it is recommended a minimum of eight gig, Again, you know, this is based on our own performance and load testing here at here at IBM, right, and we’re doing it our performance testing based on what we have from small, medium, and large customers, again, no, I could I could look at one customer system and maybe we could determine rather quickly based on errors based on performance whatever the case may be that the JVM needs to be increased But again, thumb sucking isn’t the way to determine the proper size it can just cause the application to misbehave.

The best default, by default, is eight gig, if?


The best thing you can do really, is, is look at a capacity plan with one of our client technical professionals, or your favorite partner, and.

And adjusted based on your usage. Other than that, yes, we, we, we have increased it based on our own performance tests, the eight gig. We feel that’s the best place for all customers to start.

That’s great. Yeah. And obviously, every deployments, different things get complex fairly quickly, and the ramifications for not doing that right can be significant. So we certainly have a team of people who’ve done a lot of these things that can help you make sure you get it right the first time.

So one last question here. We’re coming up on the top of the hour questionnaire, where someone uses a custom Java authentication provider, and then when this, so, when they turn that restriction on to members of the built-in namespace, it causes a sign on. Or are you aware of any remedies for that?

No, I am absolutely not.

But for whoever asked that question, please provide them my e-mail address because I would love to look into that for them.

I’ve never seen that. And I would consider that a defect.

Certainly, look into that. So, we’re at the top of the hour here. So, for any questions that we weren’t able to get to today, will, we will, we download the question box, and we’ll answer the questions and publish those again on Senturus resources, on our site along with the recording. And the deck, so thank you everyone for joining us today. If you could advance the last slide, please, Greg, and we appreciate you joining us today. Please feel free to reach out to us again for this and any other analytics needs you might have at our website here, insulates or AAA number. Connect various social media platforms, LinkedIn, Slide share, YouTube, Twitter, and Facebook. And we look forward to seeing you again soon on one of our knowledge series. Installments want to thank our presenter today, Greg. Thank you very much for some great information, and everyone have a great rest of your day.

Connect with Senturus

Sign up to be notified about our upcoming events

Back to top