Hi Steve,

As I understood you already have a kind of stream admin role in place. I'm also trying to create a proper roles but can't get rid of the error about insufficient privileges. I have App* in resource filter and Update option checked and still nothing. Users also aren't able to duplicate apps from the stream (even once they are owning)

I used this example https://help.qlik.com/en-US/sense/3.0/Subsystems/ManagementConsole/Content/create-QMC-content-admin-...

May be you can share you knowledge how you did the whole setup for creating a stream admin role?

With best regards,
AT

great, thanks!

we are running 3.2.4. and have only one server with synchronized persistence. so this is the simplest environment. and my test app has only 1 object created by the same user who is trying to republish or duplicate published app

hope, you will find a solution

We will move to shared persistence. Just were waiting for a new release, because persistence change is possible only during new release install.

Your hint about app audit was very useful! Thanks! I did only stream audit before and didn't noticed any differences, but now there are some.

I want to share them with you.

Setup #1. The role has only one condition for a role name

Audit results

Associated rules

Setup #2. I added a stream name to limit an admin access to only one specific stream

Audit results

Associated rules

As you can see, after I added stream name in rule condition the rule wasn't associated with the app anymore. But in QMC and HUB the user still can see "test Stream" stream and app within it.

Please guide me, where is my mistake?

Thanks in advance

Thanks for your support, Steve! I appreciate it.

Unfortunately the result is the same - only Read and Publish options are active