Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Try to publish a document which has section access restriction within. It did get through by reloading and distributing. However, the file size was increased to 8.25MB once it was put in Access Point compared the source document (5.96MB). Not sure why this happen.
Also through web application, it pops a few times of login/password window, and then it got error like this.
Not sure what extra set up need to be done for publishing section access document.
Did you make sure to add the Publisher service account as a Section Access ADMIN with no restrictions? If so, also make sure you select "Admin Override Security" in Document Properties --> Security.
Regards,
Vlad
Did you make sure to add the Publisher service account as a Section Access ADMIN with no restrictions? If so, also make sure you select "Admin Override Security" in Document Properties --> Security.
Regards,
Vlad
Thanks very much for giving me quick thoughts and help.
We applied the change by checking the 'admin override security' while the service account is created before. But it's still having the same issue without much change. The file size is increasing bigger and login issue is there too.
Do you have any other perspectives for us to try out?
Thanks,
Wan
Please post your entire Section Access here and I'll be happy to take a look.
Regards,
Vlad
Since the script was developed outside of US, there’s lagging to do the communications. However, finally I ensured the service name was correctly added in the security file by your suggestions. Originally it wasn’t entered the server domain name as part of publisher service account. Now, everything works perfect.
Thanks very much Vlad for the great and very targeted points,
Wan
Hi Vlad:
I also have one more question on the security file set up. Although we can publish the document that has section access within it, only people who are in the security file list can see the application. In order to better support and manage, we wonder if we can add an active authenticated group like ‘Support_Group’ as an account rather than individual base. So all the people under that ‘support group’ role can access the document as well as the listed individual account. In that sense, it would allow the account management to go to outside of Qlikview. Is it possible to add a role based account within the security file? Or I saw some example: added a ‘’ under NT name account. Dose this ‘’ means all other people can also access the document as well as the listed individual accounts that existed in the file?
The format is like this:
Access NTName
User domain\Mike
Admin *
Thanks,
Wan
Wan,
Glad to hear it worked!
Adding an AD group to section access is tricky; in fact, I'm not even sure this is possible since I've never tried this myself. However, you might want to try to specify an SID rather than an NTUSER column. Theoretically, SIDs exists for groups just like they do for users, so this might work. I would be very interested to know the results, so please let me know!
This would be a good time for a discussion on the differences between * and null (nothing entered) in a column. In section access, * signifies all existing section access entries. Null, by contrast, means all values, not just the ones already entered in section access. The syntax you posted would cause unpredictable results, therefore, since you are assigning "Mike" to be both a USER and an ADMIN. You might want to try this instead:
ACCESS | NTUSER |
USER | DOMAIN\MIKE |
ADMIN |
Please note that typically you would want to do the reverse: enumerate the Admins and make everyone else a User.
Regards,
Vlad