I’ve been burned by this one so many times it’s not funny.  Although if you like seeing me get frustrated, then I guess it is funny.

Here’s the issue: you have a SQL SELECT statement that you’re using in a Cognos Report Studio report, and you’ve verified that it is syntactically correct. It runs fine in Studio Express, for example.  But then you try to add a filter (also one that is syntactically correct) in Report Studio, and you get an error.  The SQL SELECT statement is correct, the filter is correct, but enable the filter and if fails.  What…?

Short answer: Don’t put “ORDER BY” sort statements in the SQL SELECT command. Your order statements should only occur in Report Studio.

Long answer: 

The reason this errors out is that when you put in a filter in the report (not in the original SQL SELECT), Report Studio adds that filter to the end of the SELECT statement it constructs.  So if the SQL is:  

SELECT ApplicationName from R_Applications

And you add a filter like “[ApplicationName]=’something’”, then Cognos bundles them together and sends this request to the SQL server:

SELECT ApplicationName from R_Applications 
WHERE [ApplicationName]=’something’

If the statement in the original SQL is

SELECT ApplicationName from R_Applications
ORDER BY ApplicationName

Then when Cognos sends the statement with the filter enabled it sends:

SELECT ApplicationName from R_Applications
ORDER BY ApplicationName
WHERE [ApplicationName]=’something’

Which is a syntax error: WHERE cannot come after ORDER BY.

Ta da!


Caveat: running v8 of Report Studio, I hear rumors that this behavior changes slightly in later .x revisions.

When you create burst reports or run any Report Studio report so that it sends the results out as an email, you have a few options on the format in which the file goes out. Some of them don’t work so well in our environment because of restrictions on file types that we have in our email systems, so .htm or .html files will never make it past our filters: that one is obvious. What other types can you send reports out as?

  • CSV: success!
  • XML: success!
  • PDF: success!
  • Excel: FAIL!

That last one is a little confusing, to say the least. I would expect XML to fail before XLS. There’s a reason it does fail, though: no matter how you attempt to send an Excel attached file, Cognos actually sends out an .mht file instead, albeit with a MIME type of application/vnd.ms-excel. In my mind this is astonishingly backwards, especially considering there is no indication of what it’s going to do and why.

In any case, here’s how to fix it: you must add a server parameter to send the mht file using an .xls extension. This means you’re still sending an .mht file, but it at least looks like, and behaves like, an Excel file. To do this you must add a server parameter.


  1. Click the Tools menu in the Cognos portal and select “Server Administration”
  2. Select “Set Properties” for ReportService
  3. Select the “Settings” tab
  4. In “Advanced Settings” (usually the first option), click the ‘Edit…’ link
  5. Select “Override”
  6. In the first empty set of boxes, type in the parameter name RSVP.FILE.EXTENSION.XLS and set the value to TRUE

Repeat the above steps to Set Properties for BatchReportService, and when you send the reports send them as Excel 2002 (NOT as Excel 2000 or Excel single sheet).

Not very smart, misleading, and the cause of the error you get when you try to open an “Excel” file that came from Cognos, where it states that the file is not in the format that the extension indicates. An error that you get every. time. you. open. the. file.

Forgive me, I’m slow. I’ve finally figured out what benefit large executive groups bring to the company: they actually get everything done! They prioritize, they schedule, they raise management awareness, they communicate… they GET THINGS DONE!

We have roughly… oh, I don’t know, a few here, a few there, carry the one… seven squazillion “executive councils” of various forms or another. Boards, Councils, Leadership Committees, etc. I have always understood their value in theory (getting people to communicate, collaborate across disciplines, the ever desirable “synergy”), but the practice always seems to leave much to be desired. The group launches with laudable goals and much showering of PowerPoint visions and 12-, 18- and 24-month delivery charts. Six months later, there hasn’t been a meeting in three months, and the last one was only attended by half of the representatives, half of whom were actually just lower-level employees subbing for their very busy executives.

Bear in mind that I have nothing against lower-level employees. But they will only show up for one meeting, not understand the context of the discussion, and–because they are not executives–anything they say (no matter how insightful) will be ignored by those who are. After all, if you’re so smart, how come you’re not an executive like us?

Not that it’s a whole lot better when the executives do show up. Nothing discussed in the meetings will ever make it back to their respective groups or cascade down the information staircase. That means that everything that’s agreed to in the meetings will always take everyone else in the company by suprise when the (lower-level) employee tasked with implementation calls to ask for the impossible-to-gather information required to complete their impossible-to-complete chore.

[ Sidebar: Well, there’s one exception to this: vision statements. These are so grand and meaningless that no one will be surprised by them, and because they’re so non-controversial execs have no problem communicating them down the chain of command. And the best thing is, you don’t actually have to change anything you’re doing in order comply with the vision.

A vision statement has to be , to some degree, controversial: there has to be something in there with which a reasonale person might disagree, otherwise it’s pointless. Who could disagree with: “We will strive to excel at providing service to our customers in all our interactions, and do so in the most efficient and cost-effective way possible”? If there’s anyone in your company who is surprised or challenged by that “vision”, your HR group is asleep. If your vision statement is so vague and buzzword-laden that it doesn’t cause even the merest of doubletakes in the people reading it, then it’s meaningless and isn’t worth the PowerPoint slide it’s ignored on.

A vision statement or motto has to be something that you can compare your everyday tasks to, to see if you’re meeting its challenge. “Is this evil?” is a great daily question to ask when your company‘s vision statement is “don’t be evil”. End Sidebar.]

But here’s how these executive groups are so remarkably effective: they prioritize all work, make sure that everything has a deliverable date, they are the only bodies that ensure that all of your management is aware of the projects you’re working on, and they communicate everything to everyone.

How do they accomplish this amazing amount of work? By scheduling meetings, and putting your boss (or your boss’ boss) on the agenda. Here’s how it works:

Executives read a magazine where some new technology is lauded. Executives demand to see a presentation on how company is implementing this technology (i.e. the “strategy”). Your boss is identified as the person in the company who kinda sorta has responsibility for that technology area, especially if you squint at the org chart and look at it sideways. Your boss remembers that you mentioned this technology in passing at some point in the past. And so the work is:

  • Prioritized. Since the presentation will be next week, your work on this technology has the highest priority (at least until five minutes after the presentation ends).
  • Has a deliverable date: the next deliverable will *always* (and I can’t stress this enough), *ALWAYS* be two weeks after the date of the executive meeting. This is close enough that it feels that the company is truly making progress in this area, yet far enough away that the execs will (a) believe that there is substantial work involved (otherwise it would only take a day or two), and (b) forget about it and not follow up. Note: that doesn’t mean that the entire project has to be completed by then, just the next deliverable. The project completion date should always be 12 or 18 months away. This is called “setting a workable timeframe”
  • Has management awareness: since everyone is in a panic to get the presentation done, it’s everyone’s highest priority, from the exec all the way down to you. Now everyone knows what you’re working on, since they’re up at night sweating that you complete the presentation before the executive board meets. This is called the “status report”.
  • Communicated: this is accomplished by sticking your PowerPoint presentation up on the Portal in the home page for the executive group. Which no one ever reads… not even the execs who attended (why would they? There were there! They know what was discussed! No need to read the minutes!). This is called “collaboration”.

And that’s how things get done.

Details here and here, in case you haven’t already seen it.

According to F-Secure, they were the ones who found this and informed Symantec about it last year… and they claim it’s “not nearly as bad” as the Sony issue.

Interesting comment, coming from a competitor.

I disagree with this excerpt, though. They claim it’s not as bad because:

“The main difference between the Symantec rootkit and Sony rootkit is not technical. It’s ideological. Symantec’s rootkit is part of a documented, useful feature; it could be turned on or off and it could easily be uninstalled by the user. Unlike Sony’s rootkit.”

Regardless of whether Symantec had better “intentions” than Sony, was there ever an expectation that the average user would truly understand how this “documented, useful feature” worked, or how it exposed them to potential exploits? Do you think the average Symantec user truly understands what the risks are of leaving the feature enabled? Both companies implemented a technology that they thought would be useful, and they did it in a way that exposed the user. In fact, you could make the claim that the Symantec rootkit is even worse, since users were given a false sense of security about their systems because they software installed that was supposed to protect them from exactly this kind of exposure. And as a security company, they should have known better than implement it the way they did.
From a security perspective, the Symantec issue is just as bad as the Sony issue, since both expose the user in the same way, regardless of what the ultimate intention was. Whether you believe that Sony’s rootkit is ideologically worse probably depends on your opinion on DRM: personally, I don’t like it, and I fall on Cory Doctorow’s side of that debate. But if you’re in favor of DRM, then both companies did the exact same thing: they tried to implement functionality, and they unfortunately did so in a way that was profoundly broken.

…and a warm welcome to 2006! Not for any particular reason, 2005 was a perfectly good year. But new starts are always appreciated.

Speaking of new starts, I’ll join everyone else in the world in recommending Merlin Mann’s 43 Folders blog. His “email DMZ” post is brilliant, and a variation on what I do every so often: grab all of the emails in the Inbox that are older than X (I use 2-3 weeks) and DO SOMETHING ABOUT THEM. Delete them as a last resort, but follow up on them, create a task, create a calendar item to set aside some time to work on them, but do something. Get them out of the bottom of the pile and deal with them… I always surprised about how many emails are sitting down there at the bottom, that I couldn’t answer at the time but I can now, or that have become irrelevant in the meantime.

It takes care of a lot of emails in one fell swoop, which makes you feel better about yourself (as long as you were honest and didn’t just delete the whole lot), and gives you some extra incentive to get other work done once you’re in the groove and feeling like you’ve accomplished something today.

I had mentioned del.icio.us in some meetings last week at work, because I am a strong believer in their “ad hoc taxonomy” approach (which allows end users to think about classification after the data has already been entered, not before where it will raise the bar for data entry). As it turns out, Yahoo! seems to agree: they just bought ’em. Genius move for them, as del.icio.us willl integrate nicely (philosophically as well as technically, one hopes) with their previous purchases Flickr and My Web.

Note that I don’t believe that this means formal taxonomies are useless or pointless or in any way inadvisable: quite the opposite. They are necessary on one end of the spectrum (e.g. the Enterprise Portals of the world) where structured information is a must. However, they are generally too complicated for the average user who just wants to send an email or post a document, which means that a rigorous, structured taxonomy is actually a significant barrier for data classification. Users will prefer to use a collaboration mechanism that doesn’t require a taxonomy, and also unfortunately doesn’t have any public way to perform searches on the data across users: Outlook.

I believe that there is a standard bell curve on this: along one extreme, rigorous taxonomies with strict data classification that requires its adherents to fully grok both the data they’re putting in and the *whole* taxonomy (not just the little bit they are using, otherwise how would they know it’s in the right place?). Along the other extreme, completely unclassified data with no taxonomy, no useful metadata, and no search/indexing capabilities. The problem? Unfortunately, because we don’t currently implement any tools that hit the middle of that bell curve, almost *all* of our data is ending up on this extreme: un-indexed, un-searchable, un-reachable by anyone save the original data creator, in an Inbox, a home folder or a SharePoint site only a handful have access to.

In the middle, there are less rigorous taxonomies that are user-defined in an ad hoc fashion, similar to the way del.icio.us does it. The user defines the tags that are useful and significant to them, selecting not only from their own classifications but from the classifications that the masses have associated with the same or similar data. This “mob-developed” tagging definition (call it “mogging” or “mobtagging” to give it a nice trendy neologism) does two things: (a) it reduces the amount of work required to tag/classify data, which makes it more palatable to the user, and (b) it actually demonstrates to the user the benefits of a taxonomy or tagging system because they are using it directly on their own data. They participate in the taxonomy and the data classification without thinking about it, because (and here’s the important part) the tags are public knowledge.

However, even with del.icio.us I believe there’s something missing: a human eye above the morass, gently nudging the tags in one direction or another. I’m not talking about just fixing typos: it’s about noticing that particular links and particular content and particular tags are associated, so it would behoove the company to tag other, related links with the same tags, suddenly making them available via the search and tagging terms that the users are already using. This is something that is not feasible at the internet level, but is definitely achievable at the enterprise level.

Of course, there’s no one tool to get there immediately, and I don’t really believe that this “human eye” concept is automatable using today’s technology anyway: maybe Google has something in the works (and in fact, one could argue that Google Base is a step in this direction). However, the key to all of this is collaboration, indexing and search, and integrating these things across all the tools that end-users use to publish their information. It’s why you’ll constantly find me ranting and raving about collaboration and publishing information much further than we do today, in ways that the users (not the I.T. people) find easy to manage.

Indexing: X1 Enterprise Edition (indexes and searches across file stores, SharePoint, email)
Collaboration: SharePoint Portal, del.icio.us, Groove, Outlook, blogs, Flickr

Rant over. For now.

Just some thoughts from a conversation on parenting, that I had over the weekend. Nothing in here is a final statement of belief.

Over thousands/millions of years of evolution, humans (and in fact, one could argue, most animals) have acquired a sense of need to fulfill basic requirements for survival. This need was relatively constant, since these basic requirements weren’t always in full supply. Specifically:

– Physical nourishment (food, water, as much fat as could be acquired in order to sustain through lean times or when the gazelle had too much caffeine that morning)
– Shelter (a roof over one’s head, whether that roof be shingled or the inside of a cave)

So we are programmed to always be in pursuit of those basic requirements. All the time… we don’t really have an “off” switch for it. We have an “I’m full” switch, which really only goes off way past the point when we’re full, and that is why people recommend eating your food slowly: the triggers that say “I’m full” only reach your brain about ten-fifteen minutes after the fact. However, that switch is a very short-lived on, and turns itself off after about an hour.

This serves as a possible (at least partial) explanation about obesity and consumerism in societies in which basic requirements (food, shelter) have been fulfilled. Even though you have enough nourishment and a roof over your head, that doesn’t stop the programmed “need to pursue”. Even though you do not want for anything right now, your body/mind is constantly pushing you to prepare for the time when you will, which as far as it knows (from thousands of years of evolutionary training) will most probably be very soon.

A pat little explanation for ennui as a whole. And as with most broadly oversimplified arguments, there’s some truth in it as well as some analogies that have been stretched too thin. But we have been trained for millenia to always be in pursuit, and only feel basic, temporary satisfaction when we achieve the goal. What we have now is the spilling out of that “need to pursue” beyond the realm of basic requirements, since these have been met (at least in the society in which I live). Since we have no other defined triggers and requirements to meet, it gets messy: we pursue those things that give us a quick shot of that feeling of contentment that arises when you’re sitting at home around a crackling fire, surrounded by family and the remains of a really good meal: the Rockwell Thanksgiving feeling. The easiest route for that pursuit leads to more food, an obvious choice: it’s just more of what you already acquired. Otherwise, we end up with consumerism, monomania, addiction, etc.

Makes sense to me.