Product:
Cognos Analytics
Microsoft Windows 2019 server

Issue:

Does the cert expire in 2026 on old Cognos installations?

Solution:

Upgrade to later version of Cognos. The new version of Cognos Analytics and Planning Analytics have updated cert files as of IBM.

“IBM will provide updates SSL certificates as part of the next Planning Analytics Local 2.0.9 release. The best course of action is to configure your own SSL certificates for use with any version of TM1. You really do not need to wait until IBM provides updates certificates.”

If you have older version of TM1 client software and CA11 services, you may need to replace the certificates.

You can check the date of the cert in Cognos Analytics (CA11) with the IKEYMAN.EXE program, then open the camkeystore and check the date on your certificates as picture above show.
The case is that some certificates end date are updated, when you from inside Cognos Configuration do a save.

Open the Cognos Configuration (as administrator) right click the root element –> “Test” then “Save” (re-save) and restart the service. Besides updating the cryptographic keys, you can also see transparency checking the details during this process.

More Information:

https://community.ibm.com/community/user/question/use-our-own-certificats 

For planning analytics this are the files used for certificates;

\bin64\ssl\ibmtm1.arm is the default certificate and it does not expire until 2035. ibmtm1.arm has been in use for a few years now, and even in 2020, its expiration was 2035. The “applixca” files in that folder are just there for some historical/nostalgic reason in my opinion, but I’m always focused on the latest releases, so there is that.

Inside of the \bin64\ssl\ibmtm1.kdb keystore, ibmtm1.arm has already been imported as “ibmtm1_server” and has been set as the default personal certificate. The “keystore” is what the components of PA will use to access the stored certificates and ibmtm1.sth is an encrypted password that PA uses to have access into the ibmtm1.kdb keystore while it is running.

New file \bin64\config.tm1admsrv.json  replaces the Cognos Configuration node that accepted TM1 Admin server settings. It defaults to using the \bin64\ssl\ibmtm1.kdb keystore and referring to the server certificate label ibmtm1_server that represents the imported ibmtm1.arm certificate IBM provided. A fresh install should be all set using ibmtm1.arm inside of ibmtm1.kdb.

You may have a \bin\tm1api.config or \bin64\tm1api.config where Architect and Perspectives have been installed on the users machines. This text file just refers to where Architect/Perspectives can find the keystore if it has been moved from \bin64\ssl\ibmtm1.kdb, if it is at a networked shared location, or it has been renamed. You likely don’t have this tm1api.config file if you never used custom certificates, but I mentioned it just in case. See link but ignore the stale top half. Most of the old Architect and Perspectives SSL Options are deprecated, so the top half is stale.

If you want to see the inside of the \bin64\ssl\ibmtm1.arm cert yourself, make a copy of it, and rename the copy to ibmtm1.crt. Then right-click on it and select “Open”…not “Install”. Microsoft will show you the date, etc. 2035.

Custom certificates for PA are not impossible, but not simple to implement.

NEW for 2.0.9.21/2.1.8/2.1.9 default \bin64\config.tm1admsrv.json file:

{
“tm1AdminNonSSLPortNumber”: 5495,
“tm1AdminSSLPortNumber”: 5498,
“tm1AdminHTTPPortNumber”: 5895,
“tm1AdminHTTPSPortNumber”: 5898,
“tm1AdminSupportNonSSLClients”: false,
    “tm1AdminKeyFile”: “./ssl/ibmtm1.kdb”,
    “tm1AdminKeyStashFile”: “./ssl/ibmtm1.sth”,
    “tm1AdminKeyLabel”: “ibmtm1_server”,
“tm1AdminTLSCipherList”: [],
“tm1AdminFIPSOperationMode”: 2,
“tm1AdminSupportPreTLSv12Clients”: false,
“tm1AdminNIST_SP800_131A_MODE”: false,
“tm1AdminIPVersion”: “IPv4”,
“tm1AdminActivityInterval”: 10,
“tm1AdminInactivityTimeout”: 10,
“tm1AdminRESTAPIToken”: “”
}

From the online documentation:

applixca.der

The original default certificate in DER format used for Java™ certificate stores.

applixca.pem

The original root authority certificate.

ibmtm1.arm

The default certificate file.

ibmtm1.crl

The certificate revocation list.

ibmtm1.kdb

The key database file, which contains the server certificate and trusted certificate authorities.

ibmtm1.rdb

The requested key pair and the certificate request data.

ibmtm1.sth

The key store, which contains passwords to the key database file.

tm1ca_v2.der

The updated default certificate.

tm1ca_v2.pem

The updated default root authority certificate.

tm1store

The Java certificate store containing the public root authority certificate.

https://www.ibm.com/support/pages/how-renew-third-party-ca-certificates-cognos-analytics 

https://community.ibm.com/community/user/discussion/what-happens-when-configurationscerts-expire 

https://community.ibm.com/community/user/groups/community-home/digestviewer/viewthread?GroupId=3067&MessageKey=5a98b967-835b-482b-998c-20bba9d68119&CommunityKey=8fde0600-e22b-4178-acf5-bf4eda43146b&tab=digestviewer&hlmlt=QT 

https://www.tm1forum.com/viewtopic.php?t=16287

Product:

Planning Analytics Workspace 2.1.14
Cognos Analytics 12.0.3

Microsoft Windows 2022 server

Issue:

Sometimes we can not login, but it work if we start a different web browser on your computer. Try EDGE instead of CROME.
Note that PAW and TM1WEB looks like it use different whys to handle cookies at login.

CA may time out and throw one of the following errors:

• Unexpected Server Response
• HTTP Error 431
• Unable to Load Requested View
• Cannot read properties of undefined (reading ‘perspective’)
• DPR-ERR-2107 The User Capabilities Cache cookie cannot be decoded.

Solution:

1. Clear cache and cookies from the affected browser. See KB 15 (Michigan State University) for details.
2. Close completely out of all browser windows.
3. Open an incognito/InPrivate browsing window and use that to access Cognos. See KB 1203 (Michigan State University) for details.
4. Check you go to correct start page ( https://XXXXX.planning-analytics.cloud.ibm.com ) – exchange with your local server name.
5. Check that your local network is working – try a different physical location for your laptop.

There can be other solutions or explanations of this errors – hopefully you can find them at IBM site.

How to retrieve the content of the CAM_passport and userSessionID from cookie?

In Browser window after you log in to the Cognos Connection Portal type any of the following in the address bar of the browser:

• javascript:document.cookie
• javascript:document.write(document.cookie)
• javascript:alert(document.cookie) – This script will popup a window on which it will show up cam_passport and userSessionid
• Or maybe have a look in your user directory under  “C:\Users\yourname\AppData\Local\Microsoft\Edge\User Data\Default” or “C:\Users\yourname\AppData\Local\Google\Chrome\User Data\Default” .. or where the files are stored in modern browsers.

Easier to view cookies in Chrome, perform the following steps:

Open Chrome settings. Right-click on your browser window.
Choose Inspect to enter the Chrome Developer Tools.
Choose the Applications tab. Depending on the size of your screen, you may need to expand your tab options at the top by clicking on the >> symbol:
Open application.
Under the Storage tab, select Cookies to view cookies in Chrome.
You will see all the available websites. Select the website you want to see cookies in Chrome.
Check the domain column, if you have different values here for same cam_passport (cookie) then you can get above errors.  Should only be ONE domain name for the same cookie name.

Name. The cookie’s name.
Value. The cookie’s value.
Domain. If the domain name corresponds with the website you are browsing, it means that these cookies are First-party cookies. If the domain name is different- these cookies are third-party cookies.
Path. The URL that must exist in the requested URL in order to send the Cookie header.
Expires / Max-Age. The cookie’s expiration date or maximum age. This field shows which are session cookies and which are persistent cookies, that operate for a certain duration of time.
Size. The cookie’s size, in bytes.
HttpOnly. If true, this means that it is a HTTP cookie. JavaScript modification is not allowed.
Secure. If true, this means that the cookie is sent to the server only over a secure, HTTPS connection.
SameSite. The SameSite cookie attribute is used by browsers to allow or block cookies based on attribute. It could contain Strict or Lax SameSite attributes.
Partition Key. A cookie’s partition key is the scheme and registrable domain of the top-level URL the browser was visiting at the start of the request to the endpoint that set the cookie.
Priority. It is used with deprecated cookie priority attribute. Could contain Low, Medium (default), or High priority.

More information:

https://kinsta.com/blog/http-error-431/ 

https://privacysandbox.google.com/cookies/basics/cookie-tools 

https://developer.chrome.com/docs/devtools/application/cookies 

https://tdx.msu.edu/TDClient/32/Portal/KB/ArticleDet?ID=998 

https://www.w3schools.com/js/js_cookies.asp 

https://commandlinefanatic.com/cgi-bin/showarticle.cgi?article=art013

https://cookie-script.com/blog/chrome-cookies 

By default the cookie path is the root path to Cognos.

This value can be me modified in Cognos Configuration using the steps below.

1. Open Cognos Configuration.
2. Click Actions–> Edit Global Configuration

3. Go to the General tab and Modify the cookie settings:

4. Modify the path and other information as required.

5. Click OK and save.

Stop and restart the Cognos Service.

https://www.ibm.com/docs/en/cognos-analytics/11.2.x?topic=settings-customizing-cookie 

Product:
Cognos Analytics 12.0.3
Microsoft Windows 2022 server

Issue:

When try to login to CA12 direct from EDGE on the server you get a error:

504 Gateway Timeout: remote server did not respond to the proxy

The webserver reported that an error occurred while trying to access the website. Please return to the previous page.

Solution:

Check that you not are using a proxy, that not allow you to surf on the server.

Go to control panel

Go to system

Search for proxy

Select Proxy settings

Check that manual proxy setup is OFF.

Test again in your web browser to access the IBMCOGNOS site.

More Information:

https://schoolsit.wcgschools.gov.za/index.php/knowledge-base/86-how-to-manually-change-your-proxy-settings-on-windows-10

https://brightdata.com/blog/how-tos/set-up-a-proxy-in-windows-10

https://en.wikipedia.org/wiki/Proxy_server

Product:

Cognos Analytics 12.0.3
Microsoft Windows 2022 server

Issue:

When you look into the cognosserver.log file you find entries like this:

ERROR Audit.Other.DISP.com.cognos.pogo.handlers.engine.ServiceLookupHandler

ERROR com.ibm.bi.platform.commons.web.BIResponseWrapper

Request http://www.ibm.com/xmlns/prod/cognos/sacamsrvc-auth/202311/ Failure <messages><message><messageString>The client did something wrong.
/v1/disp/ibmcognos/sso/cisapi/bi/v1/login user-profile-service 2040 HttpServletResponseCode for /user-profile-service/v1/login is in error: 599

Solution:

As of IBM Support this are not errors. You can ignore them.

They happen when you login with IIS and SSO.

If the user login to the dispatcher direct they do not exist:  http://caservername.domain.com:9300/p2pd/servlet/dispatch

Here is no SSO, so they have to enter there name and password.

More Information:

To check if content manager is up use http://caservername.domain.com:9300/p2pd/servlet

https://www.ibm.com/support/pages/which-roles-and-features-need-be-installed-when-installing-iis-windows-server 

Configuring IIS in Cognos Analytics – IBM Documentation

Product:

Cognos Analytics 12.0.3
Microsoft Windows 2022 server

Issue:

When saving in Cognos Configuration where you have setup SSO to AD, you get a error like below:

[ ERROR ] CAM-AAA-0146 The namespace ‘AD’ is not available.

[ ERROR ] CAM-AAA-0064 The function ‘Configure’ failed.

[ ERROR ] CAM-AAA-0089 The provider is not initialized.

[ ERROR ] CAM-AAA-0036 Unable to authenticate because the credentials are invalid.

[ ERROR ] ADSI Error:

8009030C: LdapErr: DSID-0C090604, comment: AcceptSecurityContext error, data 52e, v3839

System Error:

The user name or password is incorrect.

Solution:

You must start the cognos configuration program with a user that is part of the Active Directory domain. The credentials is passed to the AD DC server, and therefor you get this error. Same error will happen when you do a test.

You can also populate the BINDING with a valid AD user name and password, preferable for a service account, that do not change the password. If the BINDING is filled in, then you can run cognos configuration with a local user that is not part of the domain.

When the IBM Cognos Windows service is run by a valid AD user, then the user credentials who are logging in are passed to the AD DC server, for gathering of information – like what AD groups does the person belong to.

More Information:

https://www.ibm.com/docs/en/cognos-analytics/12.0.x?topic=providers-configuring-cognos-components-use-active-directory-server 

https://www.ibm.com/docs/en/cognos-analytics/12.0.x?topic=analytics-configuring-authentication-providers 

https://www.ibm.com/docs/en/cognos-analytics/12.0.x?topic=new-known-issues-in-120x 

Product:
Cognos Analytics 12.0.4
Microsoft Windows 2022 server

kit_version=12.0.4-2501300500
Manifest=casrv-manifest-12.0.4-2501300500-winx64h.json
Installer=analytics-installer-3.7.38-win.exe

Issue:

How setup CA12 only for CAM authenticate to be used with Cognos Controller?

Solution:

(This doc describe partly the steps you need to do – please read the IBM documentation for more information)

Install IIS with roles like, Web Server, Application Development, NET extensibility, ASP.NET 4.8 etc

Download and install URL Rewrite Module 2.1 https://www.iis.net/downloads/microsoft/url-rewrite

Download and install ARR 3.0 manually https://www.iis.net/downloads/microsoft/application-request-routing

Create a SQL server database for the content store, with a SQL login as DB-owner; if you are not upgrading a old CA database.

Download the CA12 from https://www.ibm.com/support/pages/downloading-ibm-cognos-analytics-1204

Whats new in CA12 is: https://lodestarsolutions.com/tag/ibm-cognos/

Setup CA on a single server: https://www.ibm.com/docs/en/cognos-analytics/12.0.0?topic=analytics-single-server-installation

If you do a upgrade, add this lines to the file preserve.txt in folder install_location/configuration/preserve.

#TM1 files
templates/ps/portal/variables_TM1.xml
templates/ps/portal/variables_plan.xml
templates/ps/portal/icon_active_application.gif
webcontent/planning.html
webcontent/PMHub.html
webcontent/tm1/web/tm1web.html
webcontent/bi/planning.html
webcontent/bi/PMHub.html
webcontent/bi/tm1/web/tm1web.html

#CA files
#templates/ps/system.xml
#templates/ps/portal/system.xml
templates/ps/portal/variables_CCRWeb.xml

Run the analytics-installer-3.7.38-win.exe to install CA 12.0.4

Select language and click next

Click next

Mark “i accept the terms.. ” and click next

Ensure you install to correct drive and click next

Click Yes

Leave the 3 selected and click next

Click install

Click done

Copy the SQL driver sqljdbc42.jar to folder C:\Program Files\ibm\cognos\analytics\drivers

Start Cognos Configuration and change to FQDN (full qualified domain names) in this places for the server:

• Environment
  • Gateway URI
  • External dispatcher URI
  • Internal dispatcher URI
  • Dispatcher URI for external applications
  • Content Manager URIs
• Environment > Configuration Group
  • Group contact host
  • Member coordination host
• Security > Cryptography > Cognos
  • Server common name
  • Subject Alternative Name > DNS names
  • Subject Alternative Name > IP addresses

Setup the SQL server database connection for Content Store:
Right Click Content Manager and select Delete. Confirm deletion.
Right Click Content Manager > New Resource > Database.
Set the Name; Content store.
Set the Type (Group); Microsoft SQL server database
Set the Database Server and Port number (1433).
Set the User ID and Password for the database.
Set the Database name.

Save the configuration and start IBM Cognos service from Cognos Configuration.

Browse to  http://yourservername:9300/p2pd/servlet  to see if it is up.

If it is a new installation, use the CA_IIS_Config script to create the needed values in IIS.

Open the C:\Program Files\ibm\cognos\analytics\cgi-bin\templates\IIS\CA_IIS_Config.bat in Notepad++

Edit the servername to FQDN

Change SSO to True, and save the file.

Run the CA_IIS_Config.bat script from a DOS prompt as administrator.

https://www.ibm.com/docs/en/cognos-analytics/12.0.0?topic=services-configuring-iis-in-cognos-analytics

Press Y, then check that the URL rewrite looks like they should.

(*) Always use FQDN (not NetBIOS name or IP address) values when configuring the relevant server name.
(*) Always use lowercase characters for all of your URLs (website addresses), for example Rewrite URLs.

Browse to http://yourservername/ibmcognos/  to check that it works.

Configure the Authentication Provider.
Right click Authentication Source > New Resource > Namespace.
Set the name. Name should be the same as the domain name.
Set the Type (Group), Active Directory is Default.
Set the Type, leave as blank, the default.

https://www.ibm.com/docs/en/cognos-analytics/12.0.x?topic=server-configuring-active-directory-namespace

In the Explorer window, under Security > Authentication, and select the Active Directory namespace.
Click in the Value column for Advanced properties and then click the edit icon.
In the Value – Advanced properties dialog box, click Add.
In the Name column, type singleSignonOption
In the Value column, type IdentityMapping.
Click OK.

Before you get SSO to work, you need to change “allow anonymous access” to False, inside Cognos Configuration at Security – Authentication – Cognos.

Before you do more adjustments to CA, install the latest Cognos Analytics Fix Pack.

Get the latest fix pack https://www.ibm.com/support/pages/ibm%C2%AE-cognos-analytics-fix-lists

Entitled Bundled Customers use this link Cognos Analytics 12.0.4 IF2 to get access to download Cognos Analytics 12.0.4 Interim Fix 2.

Cognos Analytics Customers use the Fix Central link below.

Setup of Cognos Fix Pack, should be similar to this steps:

Stop Internet Information Services (IIS) Manager (the Default Website).
Stop all IBM Cognos services through the Services Manager if they are active.
Set all IBM Cognos windows service to manual.
Reboot Windows server.
Back up the content store database.
If your IBM Cognos environment is customized, back up the entire IBM Cognos location.
Go to the location where you downloaded the files.
Run the analytics-installer-3.7.38-win.exe file, to start install of fix pack.
Follow the directions in the installation wizard, installing in the same location as your existing IBM Cognos server components if already present.
Open IBM Cognos Configuration, save the configuration.
Set all IBM Cognos service to automatic. Except below service if they exist on the server:
IBM Cognos Controller Consolidation
IBM Cognos Controller Java Proxy
IBM Cognos Controller User Manager
IBM Cognos FAP Service
Start the Internet Information Services (IIS) Manager (the Default Website).
Reboot the server.
Check that the IBM Cognos service is running, before you try to browse to: http://yourservername/ibmcognos/

If you start with server hostnames and later change to FQDN in Cognos Configuration you get error like this:

ERROR com.ibm.bi.rest.RESTClient [Default Executor-thread-12] NA Certificate for <WIN2022PAL> doesn’t match any of the subject alternative names: [192.168.1.106, win2022pal.pacman.local]
javax.net.ssl.SSLPeerUnverifiedException:

You must use FQDN names from the beginning in the Cognos Configuration.

You must in CA create the two user roles, and add the users that should run Cognos Controller to them.

Go to Manage – People – Accounts, select Cognos namespace, and click on new role.

Enter the name Controller Administrators, and create one more role called Controller Users.

For Controller Users click on dots and select properties. Under Members add the users that should be running the Cognos Controller program.

Cognos Controller need two roles called ‘Controller Users’ and ‘Controller Administrators’ in CA. It is considered best practice to ensure that all users in Controller are attached to the ‘Controller Users’ role and those defined within Controller as ‘Controller Administrators’ being to the role of the same name. Additionally add the ‘Controller Administrators’ role to the list of members in the ‘Controller Users’ role to ensure that you don’t have to add the administrative users to the ‘Controller Users’ role.

If you still do not get the Roles in CA for Cognos Controller to work (to give you SSO into cognos controller client), try to restore a old Cognos Content store that already contain this roles, so you get the correct role setup.

To add the Cognos Controller parts to IIS, after you have installed CA11.

1. In the Internet Information Services (IIS) Manager, expand the node with your server name, and select Application Pools.
2. Select DefaultAppPool and then from the Actions pane, select Advanced Settings.
3. Set the .Net CLR Version to v.4.0.
4. Set Enable 32-Bit Applications to False.
5. Set Identity to LocalSystem.
6. Set Idle Time-Out to 600 minutes.
7. Click OK.
8. Expand Sites and under your web site, create the following virtual directories as shown in the table, if they not already exist.

   Alias	Location
   IBMCognos	controller_install_location\webcontent or C:\Program Files\ibm\cognos\analytics\webcontent
   IBMCognos/controller	controller_install_location\ccrvdir  (e.g. C:\Program Files\ibm\cognos\ccr_64\ccrvdir )
   IBMCognos/controllerbin	controller_install_location\webcontent\ccr ( C:\Program Files\ibm\cognos\ccr_64\webcontent\ccr )

9. Select the controller virtual directory.
10. Double click on HTTP redirect. 
11. Select Redirect Requests to this destination and enter the following path:
    /controllerbin/app.publish/CCR.application
    
    
12. Click Apply.
13. Right-click your parent virtual directory (ibmcognos) and click Add Application.
    1. Set Alias to ControllerServer.
    2. Set Application pool to DefaultAppPool.
    3. In the PhysicalPath field, enter controller_install_location/ControllerProxyServer. (C:\Program Files\ibm\cognos\ccr_64\ControllerProxyServer)
    4. Click OK.
14. Click Apply and click OK.

To make cognos controller talk to CA, you need to change in Cognos Controller configuration;

• Start IBM Cognos® Controller Configuration using the Run as administrator option.
• Under Web Services Server > Report Server point the URI to the addresses.

  Configure the following addresses:

  Server	Value
  Report server URI for Cognos Analytics	http://CA_server/bi/v1/disp
  Dispatcher URI for Cognos Analytics	http://CA_Server:9300/p2pd/servlet/dispatch

Save and go to Server Authentication and change to CAM Authentication.

Save and go to Client Distribution Server Configuration – this need to be updated, the WSSurl is used by the client program.

Enter the FQDN to the controller server and save.

Then to get Cognos Controller web to use Active Directory from CA, you need to do:

• In the Cognos BI installation folder, <BI_installation_folder>/templates/ps/portal/, create a file with the name variables_CCRWeb.xml.
• The content of the file variables_CCRWeb.xml must be as follows:

  <CRNenv c_cmd="http://{host_name}:{port_number}/#!/CamLogin">
     <cookies> 
        <param name="cam_passport"/>
     </cookies>
  </CRNenv>
• Locate the file com.ibm.cognos.fcm.web.properties in the C:\Program Files\IBM\cognos\ccr_64\fcmweb\wlp\usr\servers\fcm.web folder.
• Open the file com.ibm.cognos.fcm.web.properties and set the following properties:
  1. biUrl: the URL that the user must go to when CAM authentication is needed. The default location is http://servername:80/ibmcognos/bi/v1/disp.
     
  2. biDispatchEndpoint: the endpoint to which Controller Web connects to validate CAM users and CAM passports. The default location is
http://servername:9300/p2pd/servlet/dispatch.
     
  3. loginMode: the authentication type. Set it to CAM
     

Save and reboot the server, to ensure that all works as it should.

(You must also do all the other settings that is for Cognos Controller Web, to make it work, above is only to get the SSO to use CA.)

https://www.ibm.com/docs/en/controller/11.1.0?topic=only-configuring-controller-web

More information:

https://www.ibm.com/docs/en/cognos-analytics/12.0.0?topic=gccs-suggested-settings-creating-content-store-in-microsoft-sql-server

https://www.ibm.com/support/pages/how-can-i-change-collation-controller-database

https://www.ibm.com/support/pages/node/559381

https://www.ibm.com/docs/en/controller/11.1.0?topic=web-cam-authentication

https://www.ibm.com/docs/en/cognos-analytics/12.0.0?topic=essbadscc-enabling-single-signon-between-active-directory-server-cognos-components-use-remote-user

https://www.ibm.com/docs/en/cognos-analytics/12.0.0?topic=gateway-configure-cognos-analytics-your-web-server

https://www.ibm.com/docs/en/cognos-analytics/12.0.x?topic=essbadscc-enabling-single-signon-between-active-directory-server-cognos-components-use-remote-user

https://www.ibm.com/support/pages/how-configure-sso-single-sign-controller-cognos-analytics

https://www.ibm.com/docs/en/controller/11.1.0?topic=web-cam-authentication

https://www.ibm.com/docs/en/controller/11.1.0?topic=only-configuring-controller-web

https://www.ibm.com/support/pages/node/7176858 

Product:

Cognos Analytics 11.1.7  kit_version=11.1.7-2304260612

Issue:

How apply a fix pack for CA 11.1.7?

Solution:

Download the fix pack from IBM. https://www.ibm.com/support/pages/node/6985631 

Make a backup of the content store by export it from inside Cognos Connection:

On the Cognos Analytics ‘Welcome’ dashboard, click the ‘Manage’ tab and select ‘Administration Console’.

Select the ‘Configuration’ tab and click ‘Content Administration’ on the left-hand side.

In the top right-hand side, click the icon ‘New Export’.

Specify a name for your new export (full backup contentstore) and click ‘Next’.

Click the ‘Select the entire Content Store’ radio button and select ‘Next’.

Choose the location where you want to store the deployment archive. Click ‘Next’.

Assign a password to your archive. The password must contain at least 8 characters. Re-enter your password for confirmation and then click ‘OK’.

Verify the details you have input before clicking ‘Next’.

Select ‘Save and run once’.

Specify a time when you want to run the export and click ‘Run’.

Click ‘OK’ to complete the export.

To save time, move content in folder D:\Program Files\ibm\cognos\analytics\deployment to d:\temp before the upgrade. Copy the few files you need back after the upgrade.

Backup the configuration in cognos configuration:

1. Open Cognos Configuration.
2. Click File > Export As.
3. Select a location and enter a file name for the XML file.
4. Click Save.

Make a backup of the following files to a d:\temp folder:
D:\Program Files\ibm\cognos\analytics\webcontent\planning.html
D:\Program Files\ibm\cognos\analytics\webcontent\pmhub.html
D:\Program Files\ibm\cognos\analytics\webcontent\web.config
D:\Program Files\ibm\cognos\analytics\webcontent\tm1\web\tm1web.html

D:\Program Files\ibm\cognos\analytics\webcontent\bi\planning.html
D:\Program Files\ibm\cognos\analytics\webcontent\bi\pmhub.html
D:\Program Files\ibm\cognos\analytics\webcontent\bi\web.config
D:\Program Files\ibm\cognos\analytics\webcontent\bi\tm1\web\tm1web.html

D:\Program Files\ibm\cognos\analytics\templates\ps\portal\variables_CCRWeb.xml
D:\Program Files\ibm\cognos\analytics\templates\ps\portal\variables_plan.xml
D:\Program Files\ibm\cognos\analytics\templates\ps\portal\variables_TM1.xml

D:\Program Files\ibm\cognos\analytics\configuration\cclWinSEHConfig.xml

Restore only the missing files after the installation.
Files to be preserved during an upgrade are listed in the D:\Program Files\ibm\cognos\analytics\configuration\preserve\.ca_base_preserve.txt file. Do not edit this file. Instead, edit the D:\Program Files\ibm\cognos\analytics\configuration\preserve\preserve.txt file if you want to remove or preserve certain files or directories when upgrading.

################################################################
#
# IBM Confidential
#
# IBM Cognos Products: Preserve Files by the Install
#
# (C) Copyright IBM Corp. 2017
#
# Edit this file (preserve.txt) to remove or preserve files or directories when upgrading. 
#
# 
# Instructions:
#
# - Edit preserve.txt before running an upgrade on an existing install.
# - Use '#' at the beginning of a line to insert a comment.
# - The keyword "exclude:" can be used to remove files inside a preserved directory (see examples below).
# - List directories or files relative to the installation root directory (see examples below).
#
#
# e.g.: To remove this file: <installdir>/media/samples.doc, add this line:
# exclude:media/samples.doc 
#
# e.g.: To preserve the file <installdir>/msgsdk/cm_ldkspec.xml, add this line:
# msgsdk/cm_ldkspec.xml
#
# e.g.: To preserve the contents of the folder: <installdir>/cps/sap/webapps, add this line
# cps/sap/webapps
#
# Note on order of precedence: Files to be excluded should be specified first (before the directories which contain them).
#
################################################################

# Specify files to exclude first


# Specify files or folders to preserve

If you have changed security or use certificates, then you need to also backup all the certificates store files.

Stop the Cognos Analytics Service and close down Cognos Configuration. Stop the Apache or IIS webserver services.

Launch the downloaded installation file (analytics-installer-2.2.27-win.exe) and follow the wizard.

Choose your Language and click Next.

Choose What you want to install – for an upgrade this will be IBM Cognos Analytics click Next.

Choose to Accept the license and click Next.

Choose the location. This must be the location of your Cognos Analytics instance that you would like to upgrade and also the shortcut folder name. Click Next.

Click Yes to confirm you are Installing in the same location and are overwriting a previous installation.

Click Install at the summary screen.

When complete click Done to complete the upgrade.

Open Cognos Configuration – you will be prompted that older versions of Configuration files were found and configuration files have been upgrade to the latest version. click OK and Save your configuration.

Repeat the steps for all servers in your distributed environment, before starting the Cognos Analytics Content Manager Services first and then the rest.

Check the file D:\Program Files\ibm\cognos\analytics\cmplst.txt to see what version is installed.

More Information:

https://www.ibm.com/support/pages/ibm-cognos-analytics-11x-fix-lists 

https://www.ibm.com/support/pages/how-export-entire-content-store-cognos-analytics-11 

https://pmsquare.com/analytics-blog/2022/6/8/how-to-find-your-cognos-version-build-and-common-name

https://www.ibm.com/docs/en/cognos-analytics/11.1.0?topic=servers-copying-cognos-analytics-certificate-another-server

https://www.ibm.com/support/pages/how-add-3rd-party-ca-allow-ssl-between-components-ibm-cognos-analytics-11

Product:

Cognos Analytics

Problem:

What are the tables for in CA11 database?

Solution:

This is a old list for Cognos 8, maybe it is still valid.

CMSYSPROPS This table has the Content Store Version.
CMOBJNAMES This table has the names of all the objects in the content store.
CMOBJPROPS1 Users, Roles \ Group Distribution list and contact information such as Email, phone number, Fax Given name etc are stored in this table
CMOBJPROPS2 Report scheduling information is stored. This table has fields like hour, day week etc
CMOBJPROPS3 Stores Screen Tip and Object description provided while creating the objects are stored here
CMOBJPROPS4 Stores the printer paper setting details like height and width of A3 , A4 , letter and 11X17 paper orientations
CMOBJPROPS6 Has the details of the all packages which were published using the FM.
CMOBJPROPS7 This table stores the XML of all reports and models. This is basically to maintain the metadata about the structure of the reports and models.
CMOBJPROPS10 Contact information is stored in this table. This table has columns like Contact Email and Contact.
CMOBJPROPS11 This table stores the data sources configuration details like connect string, the cube location etc.
CMOBJPROPS13 It stores the names of parameter passed to the range prompts
CMOBJPROPS14 Has details regarding the versions, creation time etc of the objects in the content store.
CMOBJPROPS16 This table provides the status of the multiple services of Cognos like LogService, MonitorService, ReportService, SystemService, JobService
CMOBJPROPS17 Stores performance details of each component like “query Studio, Analysis Studio, Event Studio” etc
CMOBJPROPS18 This table stores the drill path from the source to the final target report.
CMOBJPROPS20 Stores details regarding which are all the reports for which prompting has been enabled. And also has the details of which are the reports which has the default report options overridden.
CMOBJPROPS24 Stores the printer configuration details
CMOBJPROPS25 Stores the data regarding the objects deployed, like the deployed folder, the reports, the number of folders present in the deployment archive, etc
CMOBJPROPS26 This table stores the data about all the packages imported / exported in C8, with the properties selected during the process.
CMOBJPROPS27 Has the details regarding the data source created in the content store using Cubes.
CMOBJPROPS30 Stores the registration , service description etc details about portlets in this table
CMOBJPROPS31 Has the custom logging level for each of the Cognos services, CMID can be be linked to CMOBJNAMES for the names of each of the services
CMOBJPROPS32 Has the details of the stored procedures used as the query items in the FM model.
CMOBJPROPS33 Detail related to users, user groups user roles.
CMOBJPROPS34 Has the details regarding the drill through parameters of the drill through reports. The parameter assign values are present in coded format
CMOBJPROPS36 Has the list of all the Models published using framework manager
CMOBJPROPS37 This table has the details of the routing sets configured for server / load balancing for each package published in the content store
CMOBJPROPS38 Configuration details about number of items to retrieve in studios, for a package are saved under this table.
CMOBJPROPS39 Has values for properties of reports and views. PROPID can be linked to CMPROPERTIES for property names
CMOBJPROPS52 Contains the properties for the connections
CMOBJPROPS55 Has the URI for icons for each entry in Cognos Connection
CMLOCALES Has the locale ids associated with each language supported by Cognos 8

More Information:

https://www.envisn.com/envisn-cognos-blog/bid/43348/Demystify-Your-Cognos-Content-Store-Part-II 

https://www.cognoise.com/index.php?topic=28289.0

Below will list all reports

With CognosContent AS (
Select a.CMID, a.PCMID, b.NAME, b.Name as Parent, c.name as Content
,Cast(b.NAme as varchar(max)) as path
, 0 as level
from cmObjects a
inner join CMOBJNAMES b on a.CMID = b.CMID
inner join CMCLASSES c on a.CLASSID = c.CLASSID
Where b.ISDEFAULT = 1
and a.PCMID =0
and a.CMID = 2
UNION ALL
Select a.CMID, a.PCMID, b.NAME as parent, d.NAME, c.NAME
, d.path + '\' + CAST (b.Name as varchar(Max)) as path
, d.level + 1 as level
from cmObjects a
inner join CMOBJNAMES b on a.CMID = b.CMID
inner join CMCLASSES c on a.CLASSID = c.CLASSID
inner join CognosContent d on a.PCMID = d.CMID
Where b.ISDEFAULT = 1
)
Select NAME as ReportName, path, level, content from CognosContent
Where
Content = 'report' or Content = 'dashboard' or content = 'analysis'
order by path

Product:

Cognos Analytics 11
Microsoft Windows 2019 server
Microsoft SQL server

Issue:

How can i see in a report the schedules that are active in CA11?

Solution:

The information is in the CA11 Content Store database. You have to make a SQL query like this:

SELECT  [CMID]
,[TASKID]
,[STARTDATE]
,[ENDDATE]
,[ENDTYPE]
,[EVERYNPERIODS]
,[DAILYPERIOD]
,[MONTHLYABSDAY]
,[MONTHLYRELDAY]
,[MONTHLYRELWEEK]
,[TYPE]
,[YEARLYABSDAY]
,[YEARLYABSMONTH]
,[YEARLYRELDAY]
,[YEARLYRELMONTH]
,[YEARLYRELWEEK]
,[ACTIVE]
,[WEEKLYMONDAY]
,[WEEKLYTUESDAY]
,[WEEKLYWEDNESDAY]
,[WEEKLYTHURSDAY]
,[WEEKLYFRIDAY]
,[WEEKLYSATURDAY]
,[WEEKLYSUNDAY]
,[PRIORITY]
,[INTRARECURSTART]
,[INTRARECUREND]
,[INTRARECURINTERVAL]
FROM [dbo].[CMOBJPROPS2]
Where ACTIVE = 1

To list all objects name use:

select ob2.cmid,
c.name as className,
n.name as objectName
from [dbo].[CMOBJPROPS2] p
inner join CMOBJPROPS26 o on p.cmid=o.cmid
inner join CMOBJECTS ob on ob.cmid=o.cmid
inner join CMOBJECTS ob2 on ob.pcmid=ob2.cmid
inner join CMOBJNAMES n on n.cmid=ob2.cmid
inner join CMCLASSES c on ob2.classid=c.classid

More Information:

https://www.ibm.com/docs/en/cognos-analytics/11.1.0?topic=mobile-enable-disable-scheduling

https://community.ibm.com/community/user/businessanalytics/communities/community-home/digestviewer/viewthread?GroupId=3061&MessageKey=439d5b09-46a1-4fe1-988f-e468bb5c2254&CommunityKey=6b10df83-0b3c-4f92-8b1f-1fd80d0e7e58&tab=digestviewer 

Product:

Cognos Analytics 11.1.7

Microsoft Windows 2019 server

Issue.

How do i find the version of CA11 i have installed?

Solution:

Check the cmplst.txt file in folder D:\Program Files\ibm\cognos\analytics

The row Manifest=casrv-manifest is the closeset to find the version/build number you can compare to site at IBM.

Operating System Version: 10.0
Manifest=casrv-manifest-11.1.7-2101131319-winx64h.json
Installer=analytics-installer-2.0.20100517-win.exe

Search 11.1.7-2101131319 on the IBM page – if it is not lised, you have a interim fix pack between two other numbers.

More Information:

https://www.ibm.com/support/pages/how-determine-which-version-cognos-analytics-you-have-installed 

https://pmsquare.com/analytics-blog/2022/6/8/how-to-find-your-cognos-version-build-and-common-name

https://www.ibm.com/support/pages/node/6621349