Hi all,

Maybe a little complicated question, hope you understand the problem...

Client's QlikView server is in two domains. Server is pulling data from Domain#1 (because all of the db’s are in that domain), and all of the users have accounts in Domain#2 and login authentication should be provided using that domain.

I'm wondering if there is a way to set up Qlikview Server(IIS) to use Windows credentials from client's machine (not the server), where client and server are in different domains and there is no trust defined between those domains? I want clients to be able to open QlikView documents(through a browser) without having to authenticate themself in the domain QlikView server belongs to.

Qlikview Security spec states:

"In a multi-domain environment: The internal company network IWA should be avoided in architectures where a multi-domain environment exists with no trust relationship between the domain of the workstation and the domain of the server, or when used across a reverse proxy. In such an environment the QlikView deployment should be configured to use either an existing external SSO service or a QlikView custom ticket exchange to expose an authenticated identity to QlikView."

Do I understand it right and it's not possible to have all users use QlikiView AccessPoint in multi-domain environment (with no trust)? How can this be solved? Different type of Authentication?

Do you have any experience with such environments?

Best Regards,

LC