Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Talend Cloud AWS EU Scheduled Outage: Starting Tues 26 May 21:00 CEST with expected completion Wed 27 May 01:00 CEST
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
shrikantdhole
Partner - Contributor II
Partner - Contributor II
Wednesday

AD Group Not Visible in Qlik Sense for License/Stream Assignment

We have successfully configured AD user synchronization in Qlik Sense Enterprise, and individual users are being synced correctly. We are able to assign licenses and provide stream access without any issues at the user level.

Recently, we created an Active Directory (AD) group to manage access more efficiently, especially due to the limitation of assigning more than 100 users individually to a stream.

However, the issue is that the newly created AD group is not appearing in Qlik Sense (QMC). Because of this, we are unable to:

  • Provide stream access using the group

We have already performed AD sync, but the group is still not visible.

Could you please suggest:

  • How to ensure AD groups are properly synced in Qlik Sense?
  • Any additional configuration required to make AD groups available for license and stream access?
94 Views
0 Likes
1 Reply
avinashelite
MVP
MVP
Wednesday

To sync Active Directory (AD) groups in Qlik Sense Enterprise on Windows, create an Advanced LDAP User Directory Connector (UDC), as it supports custom attributes and optimizes group resolution.

1. Configure the AD SyncOpen the Qlik Management Console (QMC), go to User Directory Connectors, and create a new Advanced LDAP connector.

Directory Entry Attributes: Under the attributes section, map your user identifier from the default inetOrgPerson to person (this is specific to Active Directory).
Group Membership: Ensure the Group membership field is set to memberOf.
User Sync Settings: Uncheck Sync user data for existing users during the initial sync to import new users.

Note: Once the initial import is done, re-enable this setting to prevent performance bottlenecks.
Sync Task: Click Apply, and then select Sync Now to trigger the task.

2. Granting License and Stream AccessAD groups cannot be directly assigned licenses out-of-the-box.
You must create Login Access Rules to consume license tokens dynamically upon user login.
Configure License Rules:In the QMC, navigate to License Management -> Login Access Rules.Click Create New.
Under the rule conditions, define the mapping by selecting your User Directory and tying it to the AD Group.Example condition: user.group == 'Your_AD_GroupName'Assign the appropriate License Access Type (e.g., Professional or Analyzer) to this rule.
Configure Stream Access Rules:Streams are governed by Qlik Sense Security Rules rather than direct assignments.In the QMC, go to Streams and select the stream to edit.Under the Associated Items menu, select Security Rules.Click Create associated rule to build a rule tied to the AD group.Set the condition to match your group.Example condition: user.group == 'Your_AD_GroupName'

75 Views
0 Likes