Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

Login Access Pass problems

Hi Guys! I am using Qlik Sense server 1.1 The Issue is that yesterday I created a mashup which I wanted to allow anonymous users within our AD to be able to access. It worked fine when I used the login pass rule: user name like value * (for all users). The problem was that when I created this rule the user access users were also recognized as login pass users and since many people were logging in and out it used up all the passes (1 token). This must be because of the anonymous setting. Today I tried adding, AND/OR rules and also adding a new rule to exclude my name but I still get the message that I don’t have an access pass. So the question is how to combine anonymous access for all users in the AD with a couple of user access users without running out of tokens. It only works for me to access the hub after I login at qmc. Is this the only solution for the user access users? I would really appreciate some guidance on this. Thanks!

Thanks!

Sahir Ahmed

1 Solution

Accepted Solutions
Not applicable
Author

Sahir,

Check out this short video based on what we discussed.  Video Link : 3334

If this video is helpful, please mark this discussion as helpful or answered to help others with similar questions.

Thanks,

Jeff G

View solution in original post

20 Replies
Not applicable
Author

Sahir,

I don't recommend user name like * as a rule for anything.  It's going to get you in more trouble down the road.

To solve the problem you can allocate user access passes manually, or if you have set up an Active Directory UDC and unchecked sync on first login you will get the whole directory.

If you have the directory loaded into Sense you can create user access rules and login access rules based on attributes like AD groups.

In addition, you could create a custom property for specific users you want to have use user access passes.  Create the custom property and make it valid for user resources.  Then go to the specific users and add the custom property to those users.  After that create a user access rule based on the custom property.  If the user logging in has the custom property they will get a user access pass, otherwise they will get a login access pass.

The other thing you can do is set up a virtual proxy that does not allow anonymous connections and route your named users through there and create another virtual proxy that allows anonymous and send your login access users through that vp.

jg

Not applicable
Author

Hi Jeffrey,

Thanks for the reply the problem is that we have around 1500 persons in the AD so grouping them or giving them passes manually will be very time consuming. The purpose is to be able to post some charts on the internal web portal. Is there not a way to come around the problem by not giving the user access users the same rights or something like that?

Thanks!

Sahir

korsikov
Partner - Specialist III
Partner - Specialist III

I have server with over 1000 anonymous user connect per day,

just buy more tokens. This solution to the problem. No tokens - will not operate. The server is free and licensing unit, if you can call it that, is a token

Not applicable
Author

Thats like saying you let the water run forever if your bathtub is leaking instead of fixing the hole. Not the solution I'm looking for.

Not applicable
Author

Jeffrey,

I will forward your message to someone who is admin for the AD and server maybe they can figure it out thanks!

korsikov
Partner - Specialist III
Partner - Specialist III

I apologize.I not carefully read the issue. Try to rewrite your mashup that would work in the user's Session.

Not applicable
Author

No problem thanks I'll look into it.

Sahir

Not applicable
Author

Sahir, I imagine there is a way through security rules to do exactly what you want, but I'm not understanding the use case completely.  If you want you can personal message me and we can chat about what you want to do and see how we may accomplish this with security rules.

jg

Not applicable
Author

Thanks Jeffrey,

Would love to, I just started following you. Apparently you must follow me to let me send you PMs.

Thanks!

Sahir