https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193178#M7457 <HTML><HEAD></HEAD><BODY><P>In Qlik Sense 3.1 I have rules created such that if a user is a member of one Active Directory security group, they are granted a login access token, if they are a member of another group, they are granted a user access token. What happens if they're a member of both groups?</P></BODY></HTML> Tue, 25 Oct 2016 23:41:10 GMT Anonymous 2016-10-25T23:41:10Z https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193178#M7457 <HTML><HEAD></HEAD><BODY><P>In Qlik Sense 3.1 I have rules created such that if a user is a member of one Active Directory security group, they are granted a login access token, if they are a member of another group, they are granted a user access token. What happens if they're a member of both groups?</P></BODY></HTML> Tue, 25 Oct 2016 23:41:10 GMT https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193178#M7457 Anonymous 2016-10-25T23:41:10Z https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193179#M7458 <HTML><HEAD></HEAD><BODY><P>Support responded User access token will try first, if none available, Login access token will be granted.</P></BODY></HTML> Mon, 31 Oct 2016 21:20:58 GMT https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193179#M7458 Anonymous 2016-10-31T21:20:58Z https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193180#M7459 <HTML><HEAD></HEAD><BODY><P>Jordan,</P><P></P><P>Do you have any document/references how to create these rules (allocating tokens, etc) for different group of users?</P><P>I need to create similar rules and I did not find a straightforward information about it.</P><P></P><P>It's not very clear for me if I can wildcards options for user names, create user Roles or Custom User's Properties automatically, apply allocations based on these Roles, use a mix of AD and UDC accounts, etc. </P><P></P><P>Please let me know.</P><P></P><P>Regards,</P><P>Vlad</P></BODY></HTML> Tue, 01 Nov 2016 15:57:52 GMT https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193180#M7459 vlad_komarov 2016-11-01T15:57:52Z https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193181#M7460 <HTML><HEAD></HEAD><BODY><P>I can comment on the first part of your question which is yes, it's probably easier than you think to allocate tokens for different groups. Assuming you want to use Active Directory security groups as I am, first thing you want to ensure is working is your User Directory Connector sync. If it is, then the QMC will be 'aware' of your existing security groups. Then</P><OL><LI>go to your QMC</LI><LI>Click <STRONG>License and tokens</STRONG></LI><LI>Click <STRONG>User access rules</STRONG> on the right side</LI><LI>Click <STRONG>Create new</STRONG> on the bottom</LI><LI>Give it a Name, Description, then in the Basic section, in order select <STRONG>User</STRONG>, <STRONG>Group</STRONG><STRONG>=</STRONG><STRONG>value</STRONG> and paste in the name of your AD Security Group in the last field</LI></OL><P></P><P>If there are enough available tokens, this rule will ensure users in that group are granted a User access token.</P><P>You can follow similar steps for creating a Login access rules. The only real difference is you need to designate a number of tokens from which users can draw down.</P><P></P><P>Hope that helps.</P></BODY></HTML> Tue, 01 Nov 2016 18:07:49 GMT https://community.qlik.com/t5/Management-Governance/Which-wins-user-access-or-login-access-rule/m-p/1193181#M7460 Anonymous 2016-11-01T18:07:49Z