We have a QV9 SR3 server (no Publisher) using NTFS security. Two mounted folders for QVWs. One folder is for users and the other is meant for internal apps for the QlikView Admins. Problem is that everyone sees ALL apps across both folders in the AccessPoint, regardless of how much we remove rights to the folders and QVWs.
We are using the AD groups/users for access and have tested this against just about every configuration of file/folder rights for users and nothing seems to impact which QVWs are seen by users. Oh, and BTW, everyone can open all of the QVWs too, so it's not just an inconvenience.
The problem is that if your users have access to your root folder, they will see all documents in all subfolders of the root folder. So I would recommend your change your root folder to an empty folder, and then use only mounts, with specific permissions on the folder level. Also check to make sure that your GPO does not prevent you from removing inheritable permissions from files and folders. The users clearly have read permissions on the admin files, or else it would be impossible for them to open the documents. Finally, try restarting your QVWebServer and QvServer services since it might just be that your server is caching an old version of the file permissions (although this would be really weird).
We removed all rights from the root folder and still have the same problem. We are following the process you outlined and it's still not working.
Great suggestion though - I thought that was the problem too, but it's something else.
So you're saying that the users do not have read permission on those files (inherited or specific) and they are still seeing them in the AP?? Or is it rather that the permissions keep getting reset so you can't remove their read access? If it's the former, you should contact Qliktech support (firstname.lastname@example.org) because this has to be a bug!
Thanks, unfortunately, we have the Small Business edition which doesn't seem to include DMS. I did achieve what I wanted by using deny rights rather than allow although I'm not completely happy about it.
Unfortunately, the Small Business version that we have doesn't seem to support DMS.
I did manage to achieve what I want by using deny rights. i.e. I set up groups to explicitly deny rights to particular files. This is not too bad as I only have a small number of files that I want to control like this.
I have just installed the Qlikview Server and i have the same problem.
In the AP section all documents will be listed, though i have set the specific NTFS permissions for folders which contains different sort of documents.
Have anyone some news about this 'bug' ?
Thanks in advance!