Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Now I describe my scenario
I chose "Full installation, Single machine with Microsoft IIS " and i have:
qlikview 11
Windows 2012 r2
iis 8.5
At first I used Active Directory authentication, and worked well.
i configure NTLM type on QVWS, NTFS authorization on QVS, with Windows authentication on IIS
On DSC->ActiveDirectory i configure LDAP://mydomain , user and password
Now i used Custom User on QVWS, DSM authorization on QVS with Windows authentication disabled on IIS (and Anonymous authentication enabled on IIS)
i configure all on DSC->CustomDirectory
Also this configuration worked well, but i need to use an other external LDAP to authenticate my user and i have many problem.
Can someone please help me ?
On IIS a have windows authentication disabled and Anonymous authentication enabled on all application
On DSC->Configurable LDAP i put LDAP://myldap , user and password
in DSP Setting i fill all fields except the last three. These are required?
On QVS i chose DMS authorization
On QVWS how do I set it up?
custom user ?
someone has a manual? advice?
help
with LDAP,
On QMC->User-<User Management i can find my account on LDAP
the real question is: Can i use external LDAP to authenticate user on login page ?
ow i read this post: Purpose of Configurable LDAP
"You are correct that LDAP provides a list of users that can be used to configure CAL assignment and document authorization. Custom LDAP does not do authentication, only authorization."
so the alternate way are:
- AUTHENTICATION WITH A QLIKVIEW SERVER USING AN EXISTING SINGLE SIGN-ON SOFTWARE PACKAGE
Custom Ticket Exchange (CTE).
- AUTHENTICATION USING NEITHER IWA NOR SSO SOFTWARE
BI-WP-QlikView-Security-Overview-EN.pdf
I would understand "Custom Ticket Exchange (CTE)"
Can someone please help me ?
Hi,
Qlik does not to authorization only authentication. You will have to write your own SSO for authorization. See the below link.
Authentication and Authorization
Bill
thanks Bill
i read your link so Qlik do only authorization.
A solution can be write my SSO, but CTE can be an other solution ?
can i use Custom Ticket Exchange to use external LDAP and authenticate the user on Qlick ?
You will have to write a SSO that authenticates the uses and either use Headers or WebTicketing to pass the information to QVS.
Bill
Hi Ales,
Could you please share the LDAP settings you have filled? Many thanks in advances. would be great help for me.
BR,
Chinna
chinna
now i use my Qlik with custom authentication or Windows authentication.
How Bill say, i need SSO
Now my LDAP configuration is only for authorization.
which configuration screen you want?
Hi Ales,
Many thanks for your response.
My requirement is , we have to use Lotus Domino as our authentication server. So I assume i should add the Lotus Domino server in Configurable LDAP to bring users to QMC and assign document CALs to those users.
I need details of input parameters( in below image) along with Server IP Adress. Ex: dc = Domain etc..
Also changes of default settings in below screen.
I want to use DMS authorization to control the document access to users in Access Point.
Since I want to use DMS Authorization, Do I need to add our Domino LDAP details in Active Directory?.
Thanks a lotttttttttttttttttttttttttttttttttt for your help.
BR,
Chinna.
you want use Lotus Domino as authentication server, so you have my same proble.
I also want to use an ldap as external authenticator.
In DSC you can configure LDAP only for Authorization.
I fill the Directory Service Path with ldap://myldapserver, username and password of an service account.
To assign different right on documents, go in USER->Section Access Management, and in Documents-> User Documents ... select a file and then Authorization
In System -> Setup -> QVS -> Security, on Authorization i have DMS, but I did nothing on my Active Directory