Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hey everyone,
I spent some time searching on the forum, but couldn't get to an answer on what I'm looking for.
Basically, we're being asked by auditors how does QlikView knows that the administration is only supposed to be done by those in the 'QlikView Administrators' group on the local server user & group area of the management console. I went over the QlikView Reference Manual and couldn't find any mention of this there either...
We have already answered questions about the AD config and the way applications access is done, but we couldn't show them (auditors) any evidence of the above question.
Has any of you heard or know how this works or can be proven?
Here's a reference to a post with a related question, but this one is only on the surface and about the difference between the group in question here and local server admins: QlikView Admins vs Local Admins
Thanks in advanced!
Alex
May be this from ref manual is what you are looking for.
Hello Alex,
you can also try this post, it's also related to your question. Group Names in User Management?
Another question is about security audit.
If you have QV-Admin rights for the server, worst case, you can obtain access to all apps in the qmc, exepting those one with section access.
Regards
may get some evidence from Qliktech Support?
May be this from ref manual is what you are looking for.
Well, this is basic Windows Access Control. The QMC is a proprietary web site that restricts access to its pages to members of the local QlikView Administrators group only (or in a limited fashion to Document Administrators). Is your Windows account not a member of this group, then you won't get in. Every Windows AD account that is a member of this group will be able to open the QMC and do whatever they feel like.
The QlikView Management Service (that is managing the web site and displaying the pages) doesn't do this by relying on NTFS file permissions, but instead contains code that actively monitors & manages authorizations and restricts access to whatever accounts are either member of this QlikView Administrators group (full QMC access), or have been assigned the role of Document administrators (limited QMC access. See QMC->System->Setup->Distribution Serices->Your QDS->General->Source Folders)
Peter
Thank you tresesco! this should be perfect.