I take only the session table from those dashboard,

then i wrote a small little script to get ACL data for each QVW,

and then, load all users data from LDAP db

and create my own dashboard.

in that dashboard, the major function is "who has access to which QVW" &

"who has access to which QVW but never connected".

Very ugly loading sequence, but very useful

Hi nicksatch,

Any chance you'd be willing to share that ACL-grabbing script? 

I'm tasked with documenting file-level permissions for a large migration, and would much prefer to automate.

Thanks,

DJ

Hi David,

Here is the script.

But do take note, it's only useful if you are using the distribution of publisher together with NTFS file security.

If your QVW is designed to use section access, all you will see in your result is "authenticatedUser".

To over come this, you will need to concatenate() your user access list (assuming you are maintainig in excel) to get the right data.

Just some ideas... feel free to share if you have other ideas.

Happy qliking ...

' Read a File DACL Const ForWriting = 2 Set objFSO = CreateObject("Scripting.FileSystemObject") Set objTextFile = objFSO.OpenTextFile("C:\....result.txt", ForWriting, True)   ' saving the result to txt               strFolder = "C:\...."                                                                              ' Point to the distributed qvw folder     Set FSO = CreateObject("Scripting.FileSystemObject")     set FLD = FSO.GetFolder(strFolder)     Set objWMIService = GetObject("winmgmts:")         For Each Fil In FLD.Files               'MsgBox Fil.Name               extFile = FSO.GetExtensionName(Fil.Name)               If FSO.GetExtensionName(Fil.Name) = "qvw" Then                   strFileName = strFolder&Fil.Name                   strFileName2 = Fil.Name                 SE_DACL_PRESENT = &h4                     ACCESS_ALLOWED_ACE_TYPE = &h0                     ACCESS_DENIED_ACE_TYPE  = &h1                         Set objFileSecuritySettings = objWMIService.Get("Win32_LogicalFileSecuritySetting='" & strFileName & "'")                     intRetVal = objFileSecuritySettings.GetSecurityDescriptor(objSD)                       intControlFlags = objSD.ControlFlags                       If intControlFlags AND SE_DACL_PRESENT Then                        arrACEs = objSD.DACL                        For Each objACE in arrACEs                           WScript.Echo objACE.Trustee.Domain & "\" & objACE.Trustee.Name  & "  " & strFileName2                             objTextFile.WriteLine(strFileName2 & vbTab & objACE.Trustee.Domain & "\" & objACE.Trustee.Name)                        Next                     Else                        WScript.Echo "No DACL present in security descriptor"                     End If           Else           End If           strFileName = ""           objFileSecuritySettings = ""           Next

hi David,

Seems like the code i posted is not approved.

here is another alternative. http://community.qlik.com/message/153882#153882

But do take note, this script is only useful if you are not using section access, because for section access, you will only have one line in return for "autheticateduser"

Hope it helps...