CCC Data Warehouse Report Server User Guide
This guide is for the Data Warehouse Report Server (CCC Data 2.5.0) released to production on August 16, 2023.
In This User Guide
Note: All hyperlinks in this document open in the same window.
Part 1: Overview
The information provided in this document serves as a Quick Start guide for users of the CCC Data Warehouse Report Server (“DW Report Server”, “Report Server”, “DWRS”), including:
Getting started with the DW Report Server; requesting authorized access and implementation support
User account set up and authentication processes
Running preconfigured reports that pull data from the CCC Data Warehouse (currently limited to the LGBTQ report template)
Querying available data sources, running ad hoc reports, scheduling and exporting results
Creating custom Ad Hoc Views from which multiple reports can be run based on the following data sources:
California Colleges Promise Grant Application
CCCApply International Application
CCCApply LGBTQ Data (AB 620)
CCCApply Standard & Noncredit Applications
C-ID - Course Identification System
COCI - Chancellor’s Office Curriculum Inventory
MIS (post-processed files) - Chancellor’s Office Management Information Systems
Multiple Measures Placement Service (MMPS)
Note: If you are interested in direct (ODBC/JDBC) access to the CCC Data Warehouse via a site-to-site VPN, please contact your Enabling Services College Relationship Manager (CRM) to initiate the request for this access.
Access to Canvas Data is currently available only by direct access connection. For information regarding the Canvas DW Direct Connect service, please contact your Enabling Services College Relationship Manager (CRM) to initiate the request for this access.
MIS (post-processed files)
About the DW Report Server
The DW Report Server is a secure, user-friendly reporting tool that creates reports, charts and dashboards using secure CCC Data Warehouse data.
The CCC Data Warehouse is a structured source of primary data that can be used to generate the reports and analytics that end-users need.
The DW Report Server is powered by JasperReports, a Java-based open-source reporting tool. JasperReports, connected to the CCC Data Warehouse, allows for advanced reporting usage and provides help that you can access from the Help link.
About TIBCO JasperReports Server
TIBCO JasperReports Server is a comprehensive Business Intelligence (BI) tool that provides bust static and interactive reporting, report server, and data analysis capabilities. A comprehensive help system is available and can be accessed from any screen in the upper right toolbar. The help system provides high-level descriptions of feature functionality, and step-by-step instructions for how to extract the data the insights you need from your data.
User Authorization and Authentication
Access to the DW Report Server is restricted to authorized users to ensure the privacy and security of the data within the CCC Data Warehouse. Users must request access via one of the appropriate processes below and upon approval will be granted an account based on their user type.
Requesting Access
College and District Institutional Researchers: upon confirmation from their college or district Vice President, an identified lead IRPE Researcher at each college or district will be established as the authorized user and “gatekeeper” for their institution (organized by MIS Code). These “gatekeepers” can then request access for additional researchers at their institution by submitting an email request to ES Support Services or by contacting their College Experience Manager (CRM) with this information:
User’s Name
User’s email address (.edu)
Chancellor's Office & Other External Stakeholders: All requests for access to the Data Warehouse Report Server from the CCC Chancellor's Office or other external stakeholder organization are to be directed to the CCC Data Warehouse Product Manager (Mark Cohen mcohen@ccctechcenter.org) who must obtain approval from the Vice Chancellor for Digital Innovation & Infrastructure at the CCC Chancellor’s Office.
Support and FAQs
Support is available to authorized Report Server users in our 24/7 online support community CCCTechnology.info, where college and district staff can share ideas, ask questions, and report bugs and issues for all the CCC Technology Center online applications.
Our experienced support engineers monitor all incoming posts and comments, Monday - Friday, 7:00am - 4:00pm PT. Depending on the nature of the issue or comment, support engineers will respond within 24 hours to critical issues regarding production applications.
Part 2: User Accounts and Access
This section includes:
Getting Started
Establishing an authorized DWRS user account is a two-part workflow between a CCCTC Administrator and the approved user. An Enabling Services Implementation Configuration Engineer (ICE) will create and configure the account in our internal system and then work with the user to complete the final steps and log in, depending on the user type. This section of the document outlines the roles and responsibilities - and setup tasks - for the CCCTC Administrator and the approved DWRS user.
The first steps in getting started are:
Contact the CCCTC Enabling Services team to Request Access and initiate the implementation process.
Schedule a call with a CCCTC Administrator to facilitate implementation & configuration services.
Contact your College Relationship Manager (CRM) from the CCCTC Enabling Services team to request authorized access or set up an approved account.
User Accounts
There are two types of authorized user accounts:
SSO Users: Colleges and Districts using their institution’s IDP for single sign-on. CCCTC does not manage your institution’s two-factor authentication (2FA) mechanism, if implemented.
Non-SSO Users: CCCCO, CVCOEI, and other authorized external users will authenticate directly to the DWRS using 2FA to secure and protect our systemwide student data.
Two-Factor Authentication (2FA) is a security process that authenticates a user’s identity by requiring two or more pieces of evidence (credentials + verification code) before granting access to a service or system.
User Types and Access Levels
User Type | Authentication | Authorized Access Level | |
College User | SSO User | SSO access via college/district IdP | Single college access to available data sets based on College MIS Code |
District User | SSO User | SSO access via college/district IdP | Multi-college access to available data sets based on District MIS Code |
Chancellor's Office User | Non-SSO User | Direct access (non-IdP) via two-factor authentication (2FA) | Access to all data sets across all colleges |
CVCOEI User | Non-SSO User | Direct access (non-IdP) via two-factor authentication (2FA) | Access to CVCOEI report but no actual data (can see tables and columns in AdHoc view, but no data populates) |
CCCTC Administrator | Non-SSO User | Direct access (non-IdP) via two-factor authentication (2FA) | Access to the internal system administration console to facilitate account creation & configuration. |
College & District SSO Users: See Appendix A: Data Warehouse Report Server URLs for your custom IdP URL.
Set Up and Login Processes
The process for account setup and login will be different depending on user type, access level, and the mechanism used to authenticate. Working with the CCCTC Enabling Services team to set up and configure your account, college & district users (SSO Users) are provided a custom URL configured to your institution MIS code and internal IdP link. Non-SSO Users will be directed to the DWRS URL to complete additional setup & verification steps to facilitate authentication.
Prerequisites for All Users
Before a user can log in to the DWRS the following conditions must be met:
The authorized user has followed the Getting Started tips above and has coordinated with CCCTC Enabling Services to begin the account setup and configuration process based on user type and access level.
Non-SSO Users Only: CCCTC Enabling Services has added and configured your account with the appropriate roles and attributes, and has sent your account credentials via secure method.
SSO Users Only: you have bookmarked your unique college or district DWRS URL and know your institution’s IdP single sign-on credentials (managed locally by your college or district IT department).
Non-SSO Users Only: You have received your temporary password from a CCCTC Enabling Services Administrator, installed the authentication software, and have completed the “First-Time User Log In” process required to initiate two-factor authentication.
SSO Users: Account Setup and Log In Process
College & District Users
The User coordinates with the CCCTC Enabling Services team to ensure their account is configured with the required roles, attributes, and an IdP link.
The User is provided the appropriate DWRS URL for their IdP and logs in.
The User is authenticated locally through their institution’s IdP (SSO) and logs in to the DWRS.
College & district users should contact their institution’s IT team for information on their local SSO credentials. These credentials are not managed by the CCCTC.
Non-SSO Users: Account Setup & Log In Process
All Other Users
The User coordinates with the CCCTC Enabling Services team to get their temporary password and first-time login information via secure method (i.e., Privnote).
The User downloads and installs compatible authentication software on their desktop or mobile device.
The User completes the “First-time User Login” process, which enables entry of account credentials, one-time QR code verification, and authentication to the DWRS.
Optional: after logging in, the User may update their temporary password using the Forgot Password? link to reset their password.
Receiving Your Secure Account Credentials
For security purposes, non-SSO users will receive account credentials and a temporary password in one or two separate emails from an CCCTC Enabling Services Administrator. The email(s) will include a link to a secure Privnote message sent to the user’s institution email address (.edu).
Note: The password will not be passed to the authorized user until they have initiated the implementation process with the CCCTC Enabling Services team for added security.
Implementing the Authentication Software
All Non-SSO users are required to use a compatible authentication app to log in to the Data Warehouse Report Server. Prior to the first log in, logging in to the DWRS for the first time, users must have a compatible authentication app installed on their desktop or mobile device that facilitates Time-based One-Time Password TOTP functionality such as Google Authenticator, Chrome Authenticator, or Authy (which can be insrtalled on a phone or computer).
Chrome Authenticator for Desktop
Authenticator for Mac and Windows Chrome browsers is available free from the Chrome Web Store. This app installs quickly to your desktop (recommended) as well as your phone, and includes a lot of great features that promote security and usability. NOTE: The entire download and install process takes less than one minute. You may need local IT authorization and assistance to install it if the local campus’s policy requires this.
To Install the Chrome Authenticator:
Navigate to the Chrome Web Store and search for Authenticator by authenicator.cc
Click the “Add to Chrome” button to initiate the download and follow the instructions.
When the Authenticator app has been installed, a shortcut will appear in your Extensions toolbar in your browser:
WARNING: If you have already installed Chrome Authenticator (Authenticator.cc) don’t re-install this application as it will overwrite your previous download of this same application.
NEXT: Start the “First-Time User Log In” process below to initiate the authentication process and log in.
Google Authenticator App for Mobile Device
Another user-friendly option, especially for users who want to use their mobile device for authentication, is the Google Authenticator.
Google Authenticator is free and compatible with multiple different mobile devices, operating systems, and browsers. The process for downloading and installing can be found here.
NEXT: Start the “First-Time User Log In” process below to initiate the authentication process and log in.
Suggestion: Although any six-digit TOTP compatible authentication software should work for the Report Server User Account, the tools that we’ve found to be most user friendly are: Chrome Authenticator for desktop use and Google Authenticator for mobile devices. Both are free downloads and both can also be used together.
NEXT: Start the “First-Time User Log In” process below to initiate the authentication process and log in.
The First-Time User Login Process
Non-SSO Users Only: The first time a new non-SSO user attempts to log in to the DWRS they must establish the connection between their user account credentials, a shared secret key (QR Code), and the authentication software to enable the two-factor (2FA) login authentication.
Prerequisites:
The User has the DWRS direct access URL. See Appendix A for college-specific URLs.
The User has received their account credentials from a CCCTC Enabling Services Administrator.
The User has installed and configured compatible authentication software on their desktop and/or mobile device.
Non-SSO Users Only: Complete this one-time process using the steps below.
Step 1: Enter Your Account Credentials on the Login Pages
| DWRS Sign In Email Screen 1
DWRS Sign In Password Screen 2
|
The temporary password is generated by a CCCTC Enabling Services Administrator during the account creation process. You can change this password at any time by using the “Forgot Password?” link.
Step 2: Scan the QR Code Page
The Scan the QR Code page is displayed once during the “first-time user log in” process. The user must have the authentication software installed on their desktop or mobile device in order to scan the QR code that appears on the page. The code is captured by the authenticator app which establishes the connection between the account (shared secret key hidden in the barcode) and the authenticator app to complete the initial two-factor authentication process.
NOTE: This step requires the user to use their authentication app previously installed on their desktop or mobile device to scan the onscreen barcode. The “secret” key identified by the barcode will add the required attribute to the User’s account. | |
Using Chrome Authenticator to Scan the QR Code
| |
Using Google Authenticator to Scan the QR Code
|
|
Tip: After scanning the QR code and confirming the verification code is captured by the authentication software, snap a screen shot of the code and store in a secure place. For security purposes, don’t store the verification code with the URL or other credentials to the DWRS.
Verified User Login Process
For Non-SSO Users Only: After the user completes the one-time “First-Time User Login” process, the user is “verified” and will not have to repeat the Scan the QR Code Page step again UNLESS they need to re-install their authentication software and/or generate a new QR code. For all subsequent logins, the verified user needs only to enter their account credentials and the verification code retrieved from their authenticator app.
Step 1: Enter Username or Email
Navigate to the Data Warehouse Report Server URL. See Appendix A for a list of college-specific URLs.
Enter your username or institution’s email address in the input field.
Click Sign in.
Tip: Your Username is your institution or organization email address used during the initial account setup with the CCCTC Enabling Services team.
Step 2: Enter Password
Enter your password in the Password field.
Click Sign in.
Reminder: Click the Forgot Password? link on the Login page to recover or change your password.
Step 3: Enter Verification Code
From the “One-time code” screen, copy the verification code from your Authenticator app within 30 seconds of making the request (after entering password).
Enter the verification code into the “One-time code” field.
Click the “Sign in” button to complete the process and access the DWRS.
Best Practice: to save time retrieving your verification code, consider labelling the DWRS entry in your Authenticator tool, especially if you are using the tool for more than one application.
Password Reset Process
To change or update your account password:
Navigate to the Data Warehouse Report Server. See Appendix A for a college-specific list of URLs.
Click the “Forgot Password?” link.
Enter your email address that was used to create your account.
Click Submit.
A confirmation message appears on the screen directing you to retrieve an email.
4. Open the Reset Password email, click the embedded link to go to the Update Password page.
Enter your new password in the New Password field. Confirm your new password, then click Submit to return to the Sign In page.
Email Address Update Process
DWRS user accounts require a unique email address that identifies the user in the CCCTC secure identity management system. To change or update the email address associated with your account, please contact the CCCTC Support team to update the email address manually in the system. With verbal confirmation that the change has been made, the user should return to the Data Warehouse Report Server Sign In page to repeat the sign in process.
User Type | Authentication | Update Email Address | Update Password | |
College User | SSO User | SSO access via college/district IdP | Contact your college/district IT Dept | |
District User | SSO User | SSO access via college/district IdP | Contact your college/district IT Dept | |
Chancellor's Office User | Non-SSO User | Direct access (non-IdP) via two-factor authentication (2FA) | Use the self-serve Forgot Password? process | |
CVCOEI User | Non-SSO User | Direct access (non-IdP) via two-factor authentication (2FA) | Use the self-serve Forgot Password? process | |
CCCTC Administrator | Non-SSO User | Direct access (non-IdP) via two-factor authentication (2FA) | Use the self-serve Forgot Password? process | |
Part 3: Using the Report Server
The CCC Data Warehouse Report Server is a branded version of TIBCO JasperReports, with role-based access to integrated CCC data for authorized CCC researchers using multi-factor authentication.