Controller licensing - what is the difference between an Administrator and non-administrator user?
What is the difference between an Administrator and non-administrator user, in relation to the licensing of the Controller product?
Customer would like to make sure that their administrative and non-administrative users have the correct permissions inside Controller, in order to comply with IBM's licensing policies.
The information in this Technote was correct at the time of writing. However, please contact your IBM Sales representative for 100% confirmation of your specific contract with IBM.
- For most customers, the summary below is correct.
A Controller administrative user can have access to all menu items.
A Controller Standard User may have access to all menus in Controller with the exception of financial change/write access to menus in the 'Maintain' menu.
Full details are inside the attached document "What defines a Cognos Controller Administrator .pdf", however (to summarise) a Standard User may have access to the following menus:
- Company - ALL
- Group - ALL
- Reports - ALL
- Transfer - ALL
- Help - ALL
- Maintain: only the following:
- Maintain/Configuration/Automatic Journals/Reports
- Maintain/Company Structure/Reports
- Maintain/Extended Dimension X Structure/Reports
- Maintain/Extended Dimension X Structure/Change Table - Reports
- Maintain/Linked Structure/Reports
- Maintain/Period locking/Change - Period locking by company
- Maintain/Period locking/Reports
- Maintain/Batch Queue/View
- Maintain/Installation/Local Preferences
- Maintain/User/Change Password
- Maintain/User/Personal Defaults
- Maintain/User/Manage Active Users
- Maintain/Database/Database Selection Mode
- Maintain/Status/Change Status
- Maintain/Status/The information in this Technote was correct at the time of writing.
- Maintain/Special Utilities/Clear Local Cache
* NOTE: The menu item 'Maintain/Rights/Users' allows a 'standard' user to perform changes (write access) to the logon/user/security configuration of an end user. However, it does not allow them to modify any financial information. For this reason, from Controller 10.3 onwards this menu item is allowed.
- The reason why this menu item is allowed (for standard users) is the concept of allowing a customer to create a non-Finance administrator user (for example, a menu of the I.T. department) whose job is to create new (or modify existing) users in the system. However, that 'standard' user would not use the Controller software for any financial administration (instead, merely I.T. user administration purposes).
TIP: The method to restrict users to only seeing some menu items, is by creating a 'security group' and restricting the rights as required: