User management

hug_qlikview — Mon, 26 Jan 2026 18:19:17 GMT

Hi,

I would like to be able to export all the users and their access to a file. I am interested in knowing what each user has assess to. I can only get one user at the time in the tab User Management the user documents (I am not interested in session statistics which gives me what the users access).

Thanks in advance,

Maria

Re: User management

jwjackso — Mon, 29 Mar 2021 15:54:40 GMT

This may not be what you are looking for, but we use NTFS authorization. I found that checking the actual security on the QVWs on the AccessPortal server was more accurate than checking in the QMC. In our development environment, a task could be disabled and if the security was changed after the last reload, the security on the QVW did not match what was in the QMC.

I used a Python script to check the security on the QVWs and email any changes to our Qlik Admins. The Python script maintains 2 files, the current changes and all the security on the QVWs.

from os import walk
from os.path import basename
import os
import win32security
import sys

import smtplib
from email.mime.application import MIMEApplication
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from email.utils import COMMASPACE, formatdate
import datetime
import time

#
# define email function
#

def send_mail(send_from, send_to, subject, text, files=None,server="127.0.0.1"):

assert isinstance(send_to, list)

msg = MIMEMultipart()
msg['From'] = send_from
msg['To'] = COMMASPACE.join(send_to)
msg['Date'] = formatdate(localtime=True)
msg['Subject'] = subject

msg.attach(MIMEText(text))

for f in files or []:
if len(f) > 0:
current_file = f
with open(current_file, "rb") as fil:
part = MIMEApplication(
fil.read(),
Name=basename(current_file)
)
# After the file is closed
part['Content-Disposition'] = 'attachment; filename="%s"' % basename(current_file)
msg.attach(part)

smtp = smtplib.SMTP(server)
smtp.sendmail(send_from, send_to, msg.as_string())
smtp.close()

#
# get parameters
#
# 1 = server
# 2 = environment (Production, Development, Test)
# 3 = default_path
#

if len(sys.argv) < 4:
sys.exit(1)
else:
server = sys.argv[1]
env = sys.argv[2]
default_path = sys.argv[3]

#
# read EmailList.txt into list
#

with open("EmailList.txt") as temp_email_list:
send_to_list = [line.rstrip('\n') for line in temp_email_list]

outputFileName = server+'fileSecurity.txt'
currentSecurityFileName = './CurrentSecurity/'+outputFileName

#
# load curent security file
#

previousSecurity=[]
if os.path.isfile(currentSecurityFileName):
cs = open(currentSecurityFileName,'r')
for l in cs:
previousSecurity.append(l.rstrip())
cs.close()

#
# loop through path and locate QVWs
#

email_flag = False

currentSecurity = []
newSecurity = []
for root, dirs, files in os.walk(default_path):
for name in files:
if name[-4:] == '.qvw':
l = ""
p = os.path.join(root,name)
try:
si = win32security.GetFileSecurity (p, win32security.DACL_SECURITY_INFORMATION)
try:
dacl = si.GetSecurityDescriptorDacl()
acl_item = []
for item in range(dacl.GetAceCount()):
try:
acl_item = dacl.GetAce(item)
try:
user_name,domain,type = win32security.LookupAccountSid (None, acl_item[2])
l = name+'\t'+p+'\t'+user_name+'('+domain+')'

currentSecurity.append(l)
if l not in previousSecurity:
email_flag = True
newSecurity.append(l)

except:
l = name+'\t'+p+'\t'+'***ERROR*** Unable to look up Account SID'+acl_item[2]
currentSecurity.append(l)
if l not in previousSecurity:
email_flag = True
newSecurity.append(l)

except:
l = name+'\t'+p+'\t'+'***ERROR*** Unable to get individual ACL items'
currentSecurity.append(l)
if l not in previousSecurity:
email_flag = True
newSecurity.append(l)

except:
l = name+'\t'+p+'\t'+'***ERROR*** Unable to get ACL information'
currentSecurity.append(l)
if l not in previousSecurity:
email_flag = True
newSecurity.append(l)

except:
l = name+'\t'+p+'\t'+'****ERROR**** Unable to get file security'
currentSecurity.append(l)
if l not in previousSecurity:
email_flag = True
newSecurity.append(l)

#
# if new security found, update currentSecurity and newSecurity files
#

if email_flag:
cs = open(currentSecurityFileName,'w')
cs.write('QVW\tPath\tGroup or User Name\n')
for l in currentSecurity:
cs.write(l+'\n')
cs.close()

f_out = open(outputFileName,'w')
f_out.write('QVW\tPath\tGroup or User Name\n')
for l in newSecurity:
f_out.write(l+'\n')
f_out.close()

#
# email security file
#

if email_flag:
send_mail('##########@#####.###',send_to_list,env+':Qlikview Application Security',env+':Qlikview Application Security',[outputFileName],'smtp.#####.###')

email_flag = False

Re: User management

hug_qlikview — Mon, 29 Mar 2021 16:10:28 GMT

Hi and thanks for you suggestion. We are using DMS authorization so I guess your script does not function for us?

Re: User management

hug_qlikview — Mon, 29 Mar 2021 16:22:12 GMT

Hi Lucas and thanks for the link,

I am looking for a way to find all access all my users have, not just the user rights to one qlikview application. We are running in DMS authorization and have mainly session cals.

Thanks,

maria

Re: User management

Chip_Matejowsky — Tue, 30 Mar 2021 18:53:10 GMT

Hi @hug_qlikview,

If you are using DMS for authorization, then QV uses information in the <name>.qvw's corresponding <name>.meta file. The following is from the thread @Lucas_Gatling previously provided, "What you would really need to do is use the Power Tools and the Shared File Viewer, which can read .meta files too, in order to open the .meta file and get to the assigned users/groups that way."

Best Regards

Re: User management

hug_qlikview — Wed, 31 Mar 2021 09:36:23 GMT

Hi Lucas,

We are running QV 12.2, is the ShareFileViewer available to view user access?

Thanks for your help,

Maria

Re: User management

Chip_Matejowsky — Wed, 31 Mar 2021 12:59:22 GMT

Hi @hug_qlikview,

You can find the ShareFileViewer as part of the PowerTools for QV here: https://community.qlik.com/t5/QlikView-Documents/Power-Tools-1-3-2-for-QlikView/ta-p/1484770.

Best Regards

topic Re: User management in QlikView

User management

Re: User management

Re: User management

Re: User management

Re: User management

Re: User management

Re: User management

Re: User management