Our team is currently facing an issue where we need to allow LDAP users to sign in to our Qlik Sense Enterprise for Windows environment. Is there a way to set up this authentication process all within the QMC or with just Qlik tools, or is there no way of avoiding having to create a custom module to achieve this?
Version: Qlik Sense April 2019 Patch 3 - 13.21.10
System: Windows Server 2016 Datacenter 64x
System: IBM Tivoli Directory Server 8.0.1
Access: Accessible via port 389
We just deployed Qlik Sense a month or so ago and the installation went well, no errors. We easily set up a User Directory Connection to our Active Directory and those users have been able to sign in with the default virtual proxy settings (Windows authentication pattern and Ticket authentication method). We also have a group of users that are based in a separate LDAP directory that we need to be able to sign in to and use Qlik Sense. We were able to establish a User Directory Connection to the LDAP server and pull in the list of users, but we now find ourselves at the authentication step of the process with few ideas for how to proceed.
We need to be able to set up the authentication process for these LDAP users with as little coding as possible. Put another way, we'd like to avoid, if at all possible, having to do any custom, outside-of-the-QMC configuration in order to allow these LDAP users to sign in to Qlik Sense.
What we've tried:
We've tried setting up a separate virtual proxy to handle the authentication process for the LDAP users using the Ticket method and Forms pattern, but there doesn't seem to be any way to really architect the actual "transaction" of credentials and ticket requests without spinning up a web server and writing a custom module to handle this.
We've also looked through the Qlik Community, Qlik Help, and Qlik Support sites for further information on how to achieve this; the consensus seems to be that there is no way of avoiding a custom solution but the majority of the articles and posts with that conclusion are from well over a year ago, so we want to be sure that there isn't a more "Qlik-centric," or at least "Qlik-endorsed," way of accomplishing this that's been created/discovered more recently.
The LDAP server we are using does not support SAML 2.0.
Thanks in advance for any guidance you can provide!