Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
I am trying to set up and test Section Access. They main route we will use is NTName. My question/problem comes, what if I want to log on as a specific user instead of my own NTName? Is there some key-stroke that will short circuit it and skip the NT/SID checks and go straight to a manual Name/Password?
For example, I have the below section access table:
LOAD * INLINE [
ACCESS, USERID, PASSWORD, NTNAME, %SECSOURCE
ADMIN, , ,DBG\CAMARK,*
ADMIN,ADMIN,ADMIN123,,*
];
Since I am dbg\camark, it will always log me on as that user. How can i force myself to log in as the ADMIN,ADMIN123 user?
NT authentication will only fail if the current account cannot be found in the SA table.
As long as you're just testing security mechanisms (and correct reduction, I imagine) why don't you just disable the NTNAMES in your SA table for the time being? It's not that you are running any big risks if you switch them back on afterwards...
Peter
Hi
For qlikview desktop, I think (never tried, just an idea) you can go to Qlikview desktop application folder, hold CTRL SHIFT, right click on qv.exe and Run as a different user
For server you may setup internet explorer browser to always ask for username and password when you connect to access point
Was what you asked for?
Regards
unfortunately, the CTRL SHIFT or even sHIFT wasn't working for me. BUt that's likely due to access restrictions at work. ALas, I guess it isn't really possible.
For the AccessPoint, there is a very simple trick to test Section Access and alternate IDs:
Best,
Peter
thanks, I'll try that once we get our servers set up. We are still in the early adoption phases and I'm doing all of the proof of concept stuff on the personal desktop version.
For your desktop, you can try the Windows RUNAS.EXE command line tool. Let's you start any Windows executable as another user. May need some configuring though.
Peter
Yeah, I was going that route, but ran into corporate restrictions on the machine, I was so hopeful it would work for me. I can work around it, was just hoping it was kinder. In truth, I wish I could run it as no user, so the NTUSER would fail and it would ask me for a user/pass. that's really what I want to do, force the NT authentication to fail so i can input a user id
NT authentication will only fail if the current account cannot be found in the SA table.
As long as you're just testing security mechanisms (and correct reduction, I imagine) why don't you just disable the NTNAMES in your SA table for the time being? It's not that you are running any big risks if you switch them back on afterwards...
Peter
That's exactly how i planned to work around the issue. Thanks for the ideas and help.
If you mean PE by personal desktop version, it may be close to impossible to test any other NTNAMES, as your PE version and your documents are tied into your account. And handling PE recoveries will quickly become a mess...
Peter