https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994458#M1256642 <HTML><HEAD></HEAD><BODY><P>Thanks for the input Bill.&nbsp; I will see if we can get that to happen.</P></BODY></HTML> Wed, 26 Aug 2015 22:41:03 GMT Anonymous 2015-08-26T22:41:03Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994456#M1256636 <HTML><HEAD></HEAD><BODY><P>We are setting up a separate server outside the company firewall to house a QVWS to serve QlikView to users that are working remotely.&nbsp; We are doing this so they do not require a VPN to access QlikView.&nbsp; These are employees, therefore we are hopefully avoiding the whole conversation regarding extranet.&nbsp; This client is on SBE without publisher and uses active directory to authenticate their users. Obviously, the AD is behind the company firewall. We are using Digital Certificates to talk between the two machines.</P><P></P><P>The problem we are anticipating is authentication.&nbsp; Still using AD, is there a way for the new QVWS to authenticate the external users?&nbsp; If so, does anybody have some specific documentation on these methods?</P><P></P><P>Also, should we have 2 QVWS instances? I am thinking we might still need one to cover internal users and one for the external users.</P><P></P><P>Any advice on this is much appreciated.</P></BODY></HTML> Mon, 26 Jan 2026 18:19:17 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994456#M1256636 Anonymous 2026-01-26T18:19:17Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994457#M1256639 <HTML><HEAD></HEAD><BODY><P>HI,</P><P></P><P>You could put a read only AD in the DMZ and that would allow the external users to authenticate.</P><P></P><P>Bill</P></BODY></HTML> Tue, 25 Aug 2015 20:50:21 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994457#M1256639 Bill_Britt 2015-08-25T20:50:21Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994458#M1256642 <HTML><HEAD></HEAD><BODY><P>Thanks for the input Bill.&nbsp; I will see if we can get that to happen.</P></BODY></HTML> Wed, 26 Aug 2015 22:41:03 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994458#M1256642 Anonymous 2015-08-26T22:41:03Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994459#M1256644 <HTML><HEAD></HEAD><BODY><P>Hi Bill,</P><P></P><P>Can this be done without the use of QV Digital certificates setup between QVS and QVWS/IIS?</P><P></P><P>Looking forward to your response.</P><P></P><P>Thanks</P></BODY></HTML> Wed, 26 Aug 2015 22:48:28 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994459#M1256644 tonyiantorno 2015-08-26T22:48:28Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994460#M1256647 <HTML><HEAD></HEAD><BODY><P>Yes, but it would be more secure.</P><P></P><P>Bill</P></BODY></HTML> Thu, 27 Aug 2015 13:20:19 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994460#M1256647 Bill_Britt 2015-08-27T13:20:19Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994461#M1256650 <HTML><HEAD></HEAD><BODY><P>Hi Bill,</P><P></P><P>The digital Certs that QlikView (SBE) installs among the QV Services(servers) are only applicable when you are using DMS? Is this why you need the read only AD if you are using NTLM?</P><P></P><P>Trying to make sense of it all.</P><P></P><P>Thanks again,</P><P></P><P>Tony</P></BODY></HTML> Thu, 27 Aug 2015 14:59:47 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994461#M1256650 tonyiantorno 2015-08-27T14:59:47Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994462#M1256653 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>No, with SBE you are not able to use DMS mode. The Certs are used for the services to communicate with each other. You need the AD to ID the users.</P><P></P><P>Bill</P></BODY></HTML> Thu, 27 Aug 2015 17:36:08 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994462#M1256653 Bill_Britt 2015-08-27T17:36:08Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994463#M1256656 <HTML><HEAD></HEAD><BODY><P>Hi Bill,</P><P></P><P>So I need to setup Windows 2012 R2 Server with an RODC with QVWS/IIS running which sits in the DMZ. The RO DC communicates with the AD DC via the appropriate ports and then it will pass thru to the QVS and the QV Access Point page should open.</P><P></P><P>Your response is greatly appreciated,</P><P></P><P>Tony</P></BODY></HTML> Thu, 27 Aug 2015 19:20:14 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994463#M1256656 tonyiantorno 2015-08-27T19:20:14Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994464#M1256658 <HTML><HEAD></HEAD><BODY><P>Hi Tony,</P><P></P><P>Yes that is the way I would do it and you are not exposing the real AD. The certificate setup will secure the communication of the QV services talking to each other.</P><P></P><P>Bill</P></BODY></HTML> Thu, 27 Aug 2015 19:55:31 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994464#M1256658 Bill_Britt 2015-08-27T19:55:31Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994465#M1256660 <HTML><HEAD></HEAD><BODY><P>HI Bill,</P><P></P><P>I will let you know how things go.</P><P></P><P>Thanks again!</P><P></P><P>Tony</P></BODY></HTML> Fri, 28 Aug 2015 12:51:32 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994465#M1256660 tonyiantorno 2015-08-28T12:51:32Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994466#M1256661 <HTML><HEAD></HEAD><BODY><P>HI Bill,</P><P></P><P>Quick question, does Qlik Sense have the same issues that Qlik View has in regards to connecting and authenticating users on QVWS in a DMZ?</P><P></P><P>I see that Qlik Sense offers the ability to set up Nodes (RIM) in a Global environment with&nbsp; Virtual proxies and the ability to have multiple User Directory Connectors. I like what I'm currently reading in regards to setting up Qlik Sense Enterprise server and hopefully it can avoid the RO DC requirement.</P><P></P><P>Looking forward to your response.</P><P></P><P>Thanks,</P><P></P><P>Tony</P></BODY></HTML> Fri, 18 Sep 2015 17:52:50 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994466#M1256661 tonyiantorno 2015-09-18T17:52:50Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994467#M1256663 <HTML><HEAD></HEAD><BODY><P>Hi Tony,</P><P></P><P>I have not tried this, but the in Sense all the communication is done with certificates. I do think it would work.</P><P></P><P>Bill</P></BODY></HTML> Fri, 18 Sep 2015 19:26:22 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994467#M1256663 Bill_Britt 2015-09-18T19:26:22Z https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994468#M1256665 <HTML><HEAD></HEAD><BODY><P>Hi Bill,</P><P></P><P>That's what I get from the QS Documentation as well.</P><P></P><P>Thanks for the quick response.</P><P></P><P>Have a great weekend!</P><P></P><P>Tony</P></BODY></HTML> Fri, 18 Sep 2015 19:28:31 GMT https://community.qlik.com/t5/QlikView/External-Web-Server-Authentication-on-AD/m-p/994468#M1256665 tonyiantorno 2015-09-18T19:28:31Z