Solved: User Directory Connector - Postgresql DB Set Up He... - Qlik Community

Senor_Dai · ‎2022-03-11

Hi,

We are looking to migrate away from Active Directory and would like to use an AWS Postresql DB..

Ive installed configured a System DSN on our QlikSense server and and its connecting successfully:

From this point Im struggling with any relevant documentation. Has anyone set up a similar connection and step through the process please?

Thanks,

Dai

Vikram_Jayakumar · ‎2022-03-12

Hi Dai

Refer to this

User directory connectors ODBC properties

If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.

View solution in original post

Vikram_Jayakumar · ‎2022-03-12

Hi Dai

Refer to this

User directory connectors ODBC properties

If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.

Senor_Dai · ‎2022-03-14

Hi @Vikram_Jayakumar thanks for the reply - I now have it working.

As mentioned in my opening post, we have been using AD until now. If I add a column called 'Group' to the ODBC Attributes table - will this act in the same way as Active Directory groups? We need to limit stream access via a user 'Group' ... hope you can advise

many thanks,

Dai

Levi_Turner · ‎2022-03-14

It wouldn't be a column named group, but yes. The attributes table should have three columns: userid (to join with the users table), type (type of attribute, e.g. group, email), and value. Example here: https://help.qlik.com/en-US/sense-admin/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdministe...

Senor_Dai · ‎2022-03-14

Hi @Levi_Turner thanks for the reply...

Would you be able to show a simple attributes table for 2 users, where User1 has access to StreamA & StreamB and User1 only has access to StreamC. Any advice on how to configure this would be amazing!

Thanks again

Dai

Levi_Turner · ‎2022-03-14

That's sort of a hard question to answer since you can write your security rule(s) in multiple ways.

With a table like this:

userid,type,value
user1,group,stream1
user1,group,stream2
user2,group,stream3

you would have a number of attributes to use.

You can write individual security rules for each stream
You can create a custom property with the values of your groups and assign those to the streams
Some other mix of things

(1) is simple:

Filter: Stream_{ID}
Actions: Read
Conditions: ((user.group = "myGroup"))

(2) is more powerful and would look like this:

Filter: Stream_*
Actions: Read
Conditions: ((resource.@myCustomPropertyName=user.group))

Senor_Dai · ‎2022-03-14

HI @Levi_Turner - thats perfect thanks so much.

If I may ask one last question. If users are part of an ODBC Directory and are synced - can we automatically allocate an access pass? Or will one be allocated when the user logs in (will there need to be a certain rule in place)?

Thanks again for your time

Dai

Levi_Turner · ‎2022-03-15

Just like with any UDC type, you can either synchronize the users (get them in the user list) and manually assign things or use a license rule to provision access (https://help.qlik.com/en-US/sense-admin/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdministe...). Licenses can be treated just like access to content, so you can use rules to provision access when the user logs in.

User Directory Connector - Postgresql DB Set Up Help

Developers

General Question

User directory connectors ODBC properties

User directory connectors ODBC properties