https://community.qlik.com/t5/QlikView/Section-access-including-open-access/m-p/84928#M13962 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I have a tricky requirement related to Section access - not sure if this is possible currently within QlikView. With Section Access, I was able to restrict the views/data based on the AD group which a user belongs. However, I need a default bucket which will provide access to everyone without any restriction.</P><P></P><P>For example, </P><P>Group1, Apple</P><P>Group2, Mango</P><P>*, Grape</P><P></P><P>Is it possible to specify something like the third row, where any user who doesn't belong to Group 1 or 2 will be considered as the third group and it should show 'Grape'.</P><P></P><P>Thanks in advance,</P><P>Shamili</P></BODY></HTML> Mon, 26 Mar 2018 10:24:16 GMT shamili_sekar 2018-03-26T10:24:16Z https://community.qlik.com/t5/QlikView/Section-access-including-open-access/m-p/84928#M13962 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I have a tricky requirement related to Section access - not sure if this is possible currently within QlikView. With Section Access, I was able to restrict the views/data based on the AD group which a user belongs. However, I need a default bucket which will provide access to everyone without any restriction.</P><P></P><P>For example, </P><P>Group1, Apple</P><P>Group2, Mango</P><P>*, Grape</P><P></P><P>Is it possible to specify something like the third row, where any user who doesn't belong to Group 1 or 2 will be considered as the third group and it should show 'Grape'.</P><P></P><P>Thanks in advance,</P><P>Shamili</P></BODY></HTML> Mon, 26 Mar 2018 10:24:16 GMT https://community.qlik.com/t5/QlikView/Section-access-including-open-access/m-p/84928#M13962 shamili_sekar 2018-03-26T10:24:16Z https://community.qlik.com/t5/QlikView/Section-access-including-open-access/m-p/84929#M13963 <HTML><HEAD></HEAD><BODY><P>AFAIK no because the wildcard * means an applying to all listed values and not to all existing values. This meant you need to add all users respectively usergroups to your section access table maybe by creating an additionally master-group in which all other groups are a member or by reading your active directory: <A href="https://community.qlik.com/docs/DOC-19661">Active Directory: Extract Users and Groups</A>.</P><P></P><P>- Marcus</P></BODY></HTML> Mon, 26 Mar 2018 13:30:39 GMT https://community.qlik.com/t5/QlikView/Section-access-including-open-access/m-p/84929#M13963 marcus_sommer 2018-03-26T13:30:39Z https://community.qlik.com/t5/QlikView/Section-access-including-open-access/m-p/84930#M13964 <HTML><HEAD></HEAD><BODY><P>Yes, you can if you use NTNAME as an identification field. Section Access using NTNAME will first try to match any explicit account IDs if they are available. If the ID isn't found or doesn't grant access because of other reasons (like data reduction), it will match the wildcard ID.</P><P></P><P>At least, that's how it works if you enable Data Reduction and Strict Exclusion in a new document using this as a load script. Better check it out yourself before you select a mechanism.</P><P></P><P><SPAN style="font-family: 'courier new', courier;">Section Access:</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">LOAD * INLINE [</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">NTNAME, ACCESS, LINK</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">domain\Account1, ADMIN, BANANA</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">domain\Account2, USER, ORANGE</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">*, USER, NUTS</SPAN></P><P></P><P><SPAN style="font-family: 'courier new', courier;">Section Application;</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">ReducedTable:</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">LOAD * INLINE [</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">LINK, User</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">BANANA, Account1</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">NUTS, EveryOneElse</SPAN></P><P><SPAN style="font-family: 'courier new', courier;">];</SPAN></P><P></P><P>Note that when trying this script, ACCESS=ADMIN grants access to everything if other security measures (like data reduction) fail.</P></BODY></HTML> Mon, 26 Mar 2018 14:21:29 GMT https://community.qlik.com/t5/QlikView/Section-access-including-open-access/m-p/84930#M13964 Peter_Cammaert 2018-03-26T14:21:29Z