Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2015-05-05 09:44 AM

configuring ldap authentication on qlickview

Now I describe my scenario

I chose "Full installation, Single machine with Microsoft IIS " and i have:

qlikview 11

Windows 2012 r2

iis 8.5

At first I used Active Directory authentication, and worked well.

i configure NTLM type on QVWS, NTFS authorization on QVS, with Windows authentication on IIS

On DSC->ActiveDirectory i configure LDAP://mydomain  , user and password

Now i used Custom User on QVWS, DSM authorization on QVS with Windows authentication disabled on IIS (and Anonymous authentication enabled on IIS)

i configure all on DSC->CustomDirectory

Also this configuration worked well, but i need to use an other external LDAP to authenticate my user and i have many problem.

Can someone please help me ?

On IIS a have windows authentication disabled and Anonymous authentication enabled on all application

On DSC->Configurable LDAP i put LDAP://myldap , user and password

in DSP Setting i fill all fields except the last three. These are required?

On QVS i chose DMS authorization

On QVWS how do I set it up?

custom user ?

someone has a manual? advice?

help

7,014 Views
0 Likes
8 Replies
Not applicable
‎2015-05-05 12:53 PM
Author

with LDAP,

On QMC->User-<User Management i can find my account on LDAP

the real question is: Can i use external LDAP to authenticate user on login page ?

ow i read this post: Purpose of Configurable LDAP

"You are correct that LDAP provides a list of users that can be used to configure CAL assignment and document authorization. Custom LDAP does not do authentication, only authorization."

so the alternate way are:

- AUTHENTICATION WITH A QLIKVIEW SERVER USING AN EXISTING SINGLE SIGN-ON SOFTWARE PACKAGE

Custom Ticket Exchange (CTE).

- AUTHENTICATION USING NEITHER IWA NOR SSO SOFTWARE

BI-WP-QlikView-Security-Overview-EN.pdf  

I would understand "Custom Ticket Exchange (CTE)"

Can someone please help me ?

2,170 Views
0 Likes
Bill_Britt
Former Employee
Former Employee
‎2015-05-05 03:00 PM

Hi,

Qlik does not to authorization only authentication. You will have to write your own SSO for authorization. See the below link.

Authentication and Authorization

Bill

Bill - Principal Technical Support Engineer at Qlik
To help users find verified answers, please don't forget to use the "Accept as Solution" button on any posts that helped you resolve your problem or question.
2,170 Views
0 Likes
Not applicable
‎2015-05-07 04:42 AM
Author

In response to Bill_Britt

thanks Bill

i read your link so Qlik do only authorization.

A solution can be write my SSO, but CTE can be an other solution ?

can i use Custom Ticket Exchange to use external LDAP and authenticate the user on Qlick ?


2,170 Views
0 Likes
Bill_Britt
Former Employee
Former Employee
‎2015-05-07 08:06 AM

In response to

You will have to write a SSO that authenticates the uses and either use Headers or WebTicketing to pass the information to QVS.

Bill

Bill - Principal Technical Support Engineer at Qlik
To help users find verified answers, please don't forget to use the "Accept as Solution" button on any posts that helped you resolve your problem or question.
2,170 Views
0 Likes
Anonymous
Not applicable
‎2015-05-13 05:47 AM
Author

Hi Ales,

Could you please share the LDAP settings you have filled? Many thanks in advances. would be great help for me.

BR,

Chinna

2,170 Views
0 Likes
Not applicable
‎2015-05-14 12:35 PM
Author

In response to Anonymous

chinna

now i use my Qlik with custom authentication or Windows authentication.

How Bill say, i need SSO

Now my LDAP configuration is only for authorization.

which configuration screen you want?

2,170 Views
0 Likes
Anonymous
Not applicable
‎2015-05-14 10:24 PM
Author

In response to

Hi Ales,

Many thanks for your response.

My requirement is , we have to use Lotus Domino as our authentication server. So I assume i should add the Lotus Domino server in Configurable LDAP to bring users to QMC and assign document CALs to those users.

I need details of input parameters( in below image) along with Server IP Adress. Ex: dc = Domain etc..

Configurable LDAP.JPG

Also changes of default settings in below screen.

LDAP Settings.JPG

I want to use DMS authorization to control the document access to users in Access Point.

Since I want to use DMS Authorization, Do I need to add our Domino LDAP details in Active Directory?.

Thanks a lotttttttttttttttttttttttttttttttttt for your help.

BR,

Chinna.

2,170 Views
0 Likes
Not applicable
‎2015-05-15 03:55 AM
Author

In response to Anonymous

you want use Lotus Domino as authentication server, so you have my same proble.

I also want to use an ldap as external authenticator.

In DSC you can configure LDAP only for Authorization.

I fill the Directory Service Path with ldap://myldapserver, username and password of an service account.

dwh_ldap.JPG

To assign different right on documents, go in USER->Section Access Management, and in Documents-> User Documents ... select a file and then Authorization

In System -> Setup -> QVS -> Security, on Authorization i have DMS, but I did nothing on my Active Directory

2,170 Views
0 Likes