Qlik Community

New to Qlik Sense

If you’re new to Qlik Sense, start with this Discussion Board and get up-to-speed quickly.

Announcements
WE ARE LISTENING! New Navigation for Qlik Community, Sept. 26: TELL ME MORE
cancel
Showing results for 
Search instead for 
Did you mean: 
Xuser112
Contributor II
Contributor II

Qliksense user management in qmc

I have user directory 'A' from which users will come and access qlik streams, apps, and reports. Now I have a requirement that I should allow only a few users into my project stream and nothing else. 

I know we can create a security rule that matches only that active directory domain and allow users to the destination.

But there is an issue if we do like that:

Active directory users:

Total: 100

My project users: 50

others: 50

I want only that 50 users into my project stream and don't want other 50 users from the same Active directory.

Roles have been assigned for my project users in the active directory itself like "qliksense project A user" and I want this information to map in qlik qmc so that I can achieve my solution. I know we can assign roles/groups in qmc but I want that process to be automatic because we cannot do that manual thing for 10000 users.

is there any way that fulfills my requirement?

 

 

 

Labels (1)
6 Replies
Aaryan
Support
Support

Hi @Xuser112  ,

I think you can ask your Active directory administrator to create a new group in AD and you can add those users which you want in Qliksense to be part of that group, then you can just use that group as filter in Qliksense LDAP to filter those users.

There are some articles which you can use as reference for creating LDAP filters ,but you can ask your AD admin to provide you exact filter to import these users, by this way you just need to update that group to import users in Qliksense.

--https://community.qlik.com/t5/Knowledge/Qlik-Sense-on-Windows-Configuring-and-testing-LDAP-filters-f...

--https://help.qlik.com/en-US/sense-admin/August2021/Subsystems/DeployAdministerQSE/Content/Sense_Depl...

Hope this helps !!

Thanks

Xuser112
Contributor II
Contributor II
Author

Hi @Aaryan , Thanks for your response
as I said earlier in the main post, we already have groups created and filtering that group only. And we are using AD security rule(Domain value)  to filter out that AD group.
The problem is :

Lets say, in future a different group from the same AD domain want to access to  new Project  stream and they should not access old project stream, we have to setup the security rule again (with same domain), then they automatically get access to old project as well because of the same domain.

Maria_Halley
Support
Support

@Xuser112

 

Using windows group should work, but then you reliant on your Sysadmin to add new users and groups. But this might not be an issues for you.

 

You could also use custom properties. You do have to tag the users with the right properties, but you can multi select.

 

You can then write your security rules ,using the properties, so when you add users you tag them with the right  permissions.

 

There is a good example in this tread 

https://community.qlik.com/t5/New-to-Qlik-Sense/Assign-Custom-properties-to-multiply-users/td-p/9469...

 

And a link to the help

https://help.qlik.com/en-US/sense-admin/August2021/Subsystems/DeployAdministerQSE/Content/Sense_Depl...

 

 

Xuser112
Contributor II
Contributor II
Author

Hi @Maria_Halley  Thanks for your response

I know that we can manually go and select users and can assign roles/groups &properties.

Could you help me  to do the same task in automated way(by mapping third party files or db connections to assign roles/groups)  because I will be having over 30000 users in future?

 

Maria_Halley
Support
Support

@Xuser112 

 

If you use AD groups the users will be assigned a license automatically if you set up a rule that grants license to that group.

 

I don't know a way to automate adding custom properties automatically, as a far as I know you can't do it. At least not from the QMC interface. 

 

Maria_Halley
Support
Support

@Xuser112

 

Did you find a solution for the issue?