Re: Does anyone have a naming convention they use ... - Qlik Community

paputzback · ‎2015-01-28

I was wondering if anyone had a naming convention they used for AD roles for maintaining both security to the Application folders and also for section access and loop and reduce.

e.g

Department access

All access role QV Professional Billing Executive RESOURCES

Limited section access role QV Professional Billing Manager RESOURCES

or access by area

QV Professional Billing Manager North Campus RESOURCES

QV Professional Billing Manager South Campus RESOURCES..

Does anyone maintain a separate OU for their QV Application Roles?

Who manages access? I am afraid since we used role based access I will have AD Roles blow up when security decided to give access to a ROLE instead of by users directly.

Thanks,

Phil

rwunderlich · ‎2015-01-28

I've seen customers set up different ways, but the one I like the best is:

Separate OU for Qlikview.

Group for every Document named: Qv Users - document name (eg Sales).

Group for developers that covers write access to the common development directories: QV Developers.

Group for restricted developer directories: QV Developers - Payroll

Group owner approves membership in group. AD security team does the update. The OU can be delegated to QV Admin if desired.

-Rob

paputzback · ‎2015-01-29

That looks like a good plan. I will have to try to sell it up the chain.

Thank you.

Does anyone have a naming convention they use for AD Access