Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
Background: I'm working on QV10 SR1.
The users of our QV application access the documents via Access Point through a browser, which is accessed via a URL.
Users are authenticated via Active Directory. Since Single Sign On is enabled, once the users log on to their Windows machine and type the URL for Access point, they see all the documents they have been given access to by adding their "domain\userID" to the document through QEMC.
When I connect to Access Point, it tells me I'm logged on as DOMAIN\user_abc
I need to be able to do the following:
There is a document in which I need to restrict data access for the users based on a column Company Segment.
Currently I'm restricting access to specific sheets/tabs in the document using the following expression in the Show Sheet --> Conditional dialog box
=if((OSUser() = 'domain\user_abc'
OR OSUser() = 'domain\user_xyz'),1,0)
This works perfectly fine.
In the sheets\tabs visible to user_abc I further need to restrict data access. I tried using Section access but I'm not sure how to connect the Active Directory ID to the USERID or NTNAME. I tried using the following variants of the Hidden Section Access Script but they did not work.
//Script 1
Section Access;
LOAD * INLINE [
ACCESS, NTNAME
user1, domain\user_abc
user2, domain\user_xyz ];
Section Application;
LOAD * INLINE [
NTNAME, CompanySegment
domain\user_abc, Segment1
domain\user_xyz, Segment2 ];
//Script 2 (tried OSUser() in the script based on a similar suggestion by Miguel Angel Baeyens in another thread)
Section Access;
LOAD * INLINE [
ACCESS, OSuser()
user1, domain\user_abc
user2, domain\user_xyz ];
Section Application;
LOAD * INLINE [
OSUser(), CompanySegment
domain\user_abc, Segment1
domain\user_xyz, Segment2 ];
Neither of the scripts worked. It keeps asking me for USERID and Password repeatedly.
When I connect to Access Point, it tells me I'm logged on as DOMAIN\user_abc.
What am I doing wrong? How can I link the AD ID's to NTNAME.
I do not want to define username and password for each user as we have large number of users.
Any help would be greatly appreciated.
Thanks,
AM
You have the right idea - just include the SEGMENT piece in the section access part.
Then, when you load the SEGMENT piece again the application part, it will filter it based on the section access.
Hi Daniel,
I included COMPANYSEGMENT after NTNAME in the Scetion Access piece with Section Application section kept same as above, but it still asks for username.
I believe the problem that may be occurring is what my initial question was. DOMAIN\username is coming from Active Directory while what we are trying to put it as is NTNAME. There may not be a correlation between the two according to QlikView.
DOMAIN\username does not necessarily exist on the local NT.