Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

Announcements
Coming your way, the Qlik Data Revolution Virtual Summit. October 27-29. REGISTER
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Creator
Creator

Qliksense section access no longer working after upgrade to June 2020

Hi there,

I trust you are well.  I've just completed an upgrade to June 2020 which initially seemed successful, but I've now come across a fairly major issue regarding section access.

We currently binary load Qlikview apps into Sense and many of these Qlikview apps contain section access.  This process has been working for 2+ years, but after the upgrade I am 1) unable to binary load any Qlikview app containing section access and 2) unable to open an app where section access was inherited from the Qlikview app.

I'm at a bit of a loss on how to proceed?  We use a custom UDC and I'm wondering if that might be the issue?  Could there be a mismatch between the AD name from UDC and the name in section access?  We've been running the site for a long time and I've never come across something like this.  Our section access in the Qlikview apps is pretty standard.  I'm not actually sure what else to look at.

star is *;
section access;
// Load Customer users and passwords
Load //NT AUTHENTICATION
IF(LEFT([TYPE],1) = 'A','USER','ADMIN') AS ACCESS,
UPPER([USERID]) AS NTNAME,
'S-1-5-21-1250174617-994515119-2130403006' AS NTDOMAINSID,
'*' AS USERID,
'*' AS PASSWORD,
'*' AS SERIAL,
UPPER([USERID]) AS USRKEY,
if(UPPER(RESTRICT1) = 'ALL',null(),UPPER(RESTRICT1)) AS RESTRICT1,
if(UPPER(RESTRICT2) = 'ALL',null(),UPPER(RESTRICT2)) AS RESTRICT2,
if(UPPER(RESTRICT3) = 'ALL',null(),UPPER(RESTRICT3)) AS RESTRICT3,
if(UPPER(RESTRICT4) = 'ALL',null(),UPPER(RESTRICT4)) AS RESTRICT4,
if(UPPER(RESTRICT5) = 'ALL',null(),UPPER(RESTRICT5)) AS RESTRICT5
FROM [$(vSecurity_Path)] (biff, embedded labels, table is [$(vUserSheet)$]);
Load //QLIKVIEW AUTHENTICATION 4 MOBILE
IF(LEFT([TYPE],1) = 'A','USER','ADMIN') AS ACCESS,
'*' AS NTNAME,
'*' AS NTDOMAINSID,
UPPER([USERID]) AS USERID,
PASSWORD,
'*' AS SERIAL,
UPPER([USERID]) AS USRKEY,
if(UPPER(RESTRICT1) = 'ALL',null(),UPPER(RESTRICT1)) AS RESTRICT1,
if(UPPER(RESTRICT2) = 'ALL',null(),UPPER(RESTRICT2)) AS RESTRICT2,
if(UPPER(RESTRICT3) = 'ALL',null(),UPPER(RESTRICT3)) AS RESTRICT3,
if(UPPER(RESTRICT4) = 'ALL',null(),UPPER(RESTRICT4)) AS RESTRICT4,
if(UPPER(RESTRICT5) = 'ALL',null(),UPPER(RESTRICT5)) AS RESTRICT5
FROM [$(vSecurity_Path)] (biff, embedded labels, table is [$(vUserSheet)$])
WHERE UPPER(PASSWORD) <> 'N/A';

Labels (1)
5 Replies
Highlighted
Partner
Partner

Good morning @nsm1234567 ,

I'm a bit lost here. From which version did you upgrade Qlik Sense? And which QlikView version are you using?

As far as I can recall, NTNAME has not been officially supported on Qlik Sense at least since release 2.0
USERID clause exists on Qlik Sense, but has a different meaning than its counterpart on QlikView.


I can't try right now, but I would have expected that on any release from 2.0 the inherited Section Access from QlikView would not work as expected.

I hope this helps,
Riccardo

Highlighted
Creator
Creator

Hi there,

We upgraded from Qliksense November 2019 and our Qlikview version is April 2019 (so we're really not far behind at all).  I've been administering Sense since 2016 and I've never come across issues with inherited section access.  How else are we supposed to handle binary loads of existing Qlikview apps that contain section access?

I rolled back our installation to November 2019 and have had no issues, so it's something in the later releases that is causing the problem.

Highlighted
Partner
Partner

Hi

I used to test this aspect on each release because it kept changing... some releases it allowed the section access to remain in the QVW - which was very useful with our Retail clients because they have 10GB+ Apps - so copying to make an App without section access in order to lift to QS was expensive.

You need to get to Qlik support on this.

Adam Barrie-Smith
CTO
Pomerol Insight
South Africa
Highlighted
Creator
Creator

Hi Adam,

I'm trying to get in touch with our partner but haven't heard back yet.  Contacted another company running Qliksense Feb 2020 and they mentioned they had a similar issue that required them to add the domain to the NTNAME in their section access, so DOMAIN\USER and not just USER with a NTDOMAINSID.  Apparently that fixed the problem for them, so will test that out.  Changing all the section access in our Qlikview environment is a scary proposition, but seems that it's not possible to advance to Feb 2020 and later without that change. 

Highlighted
Partner
Partner

I did not know that... well I know it from my QV/QS security kit but now I need to see if I can find that test QV and see if I had the DOM\USER there or not.  Thanks for letting me know.

Adam Barrie-Smith
CTO
Pomerol Insight
South Africa