Skip to main content
Woohoo! Qlik Community has won “Best in Class Community” in the 2024 Khoros Kudos awards!
Announcements
Save $600 on Qlik Connect registration! Sign up by Dec. 6 to get an extra $100 off with code CYBERSAVE: REGISTER
cancel
Showing results for 
Search instead for 
Did you mean: 
purpleliar
Partner - Contributor II
Partner - Contributor II

Functions of internal users in Qlik Sense

Hi everyone,

I've tried to search info about internal users of Qlik Sense (sa_repository, sa_scheduler, sa_qlikview, etc.) and their functions  but I couldn't find them.

Could you help me please?

Thanks in advance!

Best Regards

Labels (2)
1 Solution

Accepted Solutions
PadmaPriya
Support
Support

Hello @purpleliar 

QlikView SA Account:

It is a feature used to control the security of QlikView applications. Section access is defined as part of the load script, where we define an authorization table, i.e. a table where you define who gets to see what information and from where. Section access can be of various types, depending on the sensitivity of the information and business comfort:-

  1. A simple username and password might be sufficient to access some documents
  2. In some scenarios, you would want specific users in your domain to be logged in specific machines and use certain keys to unlock the information.
  3. You may also want to restrict access to specific objects and sheets of a document.
  4. Remove fields from the data model for the specified user (by omitting them).
  5. Row level data reduction based on authorization mentioned.

 

Thanks,

Padma Priya

Help users find answers! Don't forget to mark a solution that worked for you! If already marked, give it a thumbs up!

View solution in original post

8 Replies
Jay_Brown
Support
Support

Hello @purpleliar , INTERNAL\sa_XXX accounts are our internal service accounts and are used for internal system processes. 

If you keep in mind the above, these are somewhat self-explanatory;  sa_repository is the internal repository service account, sa_proxy is the internal proxy service account, sa_converter is the internal converter service account, and so on.

As you noted there is no documentation around this because in general, they should not be used except where documented, for example here.



Hope that helps!

To help users find verified answers, please don't forget to mark a correct resolution or answer to your problem or question as correct.
PadmaPriya
Support
Support

Hello @purpleliar 

 

  • INTERNAL/sa_repository: This makes the section access script available with the repository service for controlling user access.

  • INTERNAL/sa_scheduler: This allows the app to reload using QMC tasks. (Internal\sa_scheduler mandatory to reload apps with section access from Qlik Sense QMC)

 

Please have a look at the below article:

https://community.qlik.com/t5/Official-Support-Articles/Internal-sa-scheduler-mandatory-to-reload-ap...


Thanks,

Padma Priya

Qlik Support

Help users find answers! Don't forget to mark a solution that worked for you! If already marked, give it a thumbs up!
purpleliar
Partner - Contributor II
Partner - Contributor II
Author

Thanks @Jay_Brown and thanks @PadmaPriya 

Is possible to know the function of the user sa_qlikview?

Thanks

Best Regards

PadmaPriya
Support
Support

Hello @purpleliar 

QlikView SA Account:

It is a feature used to control the security of QlikView applications. Section access is defined as part of the load script, where we define an authorization table, i.e. a table where you define who gets to see what information and from where. Section access can be of various types, depending on the sensitivity of the information and business comfort:-

  1. A simple username and password might be sufficient to access some documents
  2. In some scenarios, you would want specific users in your domain to be logged in specific machines and use certain keys to unlock the information.
  3. You may also want to restrict access to specific objects and sheets of a document.
  4. Remove fields from the data model for the specified user (by omitting them).
  5. Row level data reduction based on authorization mentioned.

 

Thanks,

Padma Priya

Help users find answers! Don't forget to mark a solution that worked for you! If already marked, give it a thumbs up!
purpleliar
Partner - Contributor II
Partner - Contributor II
Author

Thanks @PadmaPriya 

Very clear and complete.

Best Regards

PadmaPriya
Support
Support

Thanks for your response @purpleliar 

Have a great day ahead!

 

Help users find answers! Don't forget to mark a solution that worked for you! If already marked, give it a thumbs up!

Help users find answers! Don't forget to mark a solution that worked for you! If already marked, give it a thumbs up!
Amy-M-Collins
Partner - Contributor III
Partner - Contributor III

Hi @Jay_Brown ,

Thank you for this, very helpful! 

In my environment, these accounts are allocated 10 of my license tokens. I have limited tokens and much demand for them. Furthermore, if they are necessary for the service to function, why do they to be allocated a license?

Is is safe to de-allocate a license from some of them? Or, am I missing something important?

Thanks in advance!

Jay_Brown
Support
Support

Hello @Amy-M-Collins , should not be necessary to have a license allocated to these INTERNAL\sa acounts.

Check your license allocation rules and make sure one does not exist for INTERNAL\ as well.

To help users find verified answers, please don't forget to mark a correct resolution or answer to your problem or question as correct.