Hi everyone,
I'm currently faced with an issue regarding section access. More specifically, for some reason users are getting an "Failed to open document. You don't have access to this document".
I'm currently suspecting a possible AD issue, so my question is: When a user clicks on a dashboard in the access portal, how does QlikView determine that user's identity?
Does it validate the user against AD and the check if the name is included in the section access the moment a user tries to open a document?
Or is the username "stored" somehow when the user initially connects to the portal?
The reason I'm suspecting an AD issue is because
- users still need to log in to the access portal with their AD credentials, and are not automatically recognized. But trying to log in with wrong credentials is not possible (It is however possible to log in with someone else's credentials)
- AD is experiencing performance issues
- Even when publishing documents to "All authenticated users'" or "all users", users often don't see all the dashboards for some strange reason. Refreshing then all of a sudden shows other dashboards...
- I've tried adding usernames manually in the security settings of a published dashboard on the server. Didn't help either.
- Publishing the same dahsboard with seciton access removed, but to Named users also doesn't work. For some reason, that user can't see the dashboard
- Publishing that same dashboard without section access, but to "all authenticatedusers" works (ie. user can see the dashboard), but when opening he gets a "Failed to open document. You don't have access to this document".
PS: the service account used for publishing is included in the section access; and then that still wouldn't explain #3, 5 and 6)
All of the above looks like very strange behaviour, and I can't find a way to explain it currently.
All input and thoughts on this matter would be highly appreciated.
