Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Troy1
Contributor III
Contributor III
‎2015-05-13 05:01 PM

Security in Cluster Deployment

how is security handled in typical cluster environment.

Currently we provide file level permission to local server groups and handle security. However with cluster environment this method will not work (that's what we have been told) because cluster SAN does not recognize local groups.

Only way to implement security in cluster is:

1) create groups in AD and assign users. (requires AD access, harder to get in enterprise environment)

2) switch from NTFS mode to DMS and assign individual users to each dashboard. (painful)

Just wanted to ask everyone. how is it typically done and what is the best method.

716 Views
4 Replies
Bill_Britt
Former Employee
Former Employee
‎2015-05-14 08:56 AM

Hi,

To make this simple, the SAN should be attached to a Windows Server. Then it is shared and at that point users and groups will work. I am betting it is a NAS that you are using and being it isn't a Windows base NAS (not able to do groups) it is not supported.

Bill

Bill - Principal Technical Support Engineer at Qlik
To help users find verified answers, please don't forget to use the "Accept as Solution" button on any posts that helped you resolve your problem or question.
293 Views
Troy1
Contributor III
Contributor III
‎2015-05-14 09:09 AM
Author

In response to Bill_Britt

Thanks Bill

We have not deployed this yet, however as per Qlik local groups will not work. They are proposing to use SAN.

Even if SAN is served as windows share drive. Where do you create security groups in cluster envionment. Only solution is to crete groups in AD, assign users to those groups and then create permission via publisher.

Currently: We have 1 server with all qlikview services running. We create local security groups and assign users to these groups via AD (integrated). These groups are then assigned to dashboards residing on same local server.

293 Views
0 Likes
Bill_Britt
Former Employee
Former Employee
‎2015-05-14 09:52 AM

In response to Troy1

Hi,

Yes, local groups will be an issue and will not work in a cluster environment. However you are correct when talking about using AD groups. This is what most people use when they are assigning users to dashboards. That way both servers will be using the AD groups.

Bill


Bill - Principal Technical Support Engineer at Qlik
To help users find verified answers, please don't forget to use the "Accept as Solution" button on any posts that helped you resolve your problem or question.
293 Views
0 Likes
Troy1
Contributor III
Contributor III
‎2015-05-14 10:03 AM
Author

In response to Bill_Britt

Yes i agree.

the only caviat is that now you need to be able to have access rights to create, delete, modify AD groups.

293 Views
0 Likes