Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi Community
I have a customer who is running QVS EE (version 10) which is installed on domain A. They have users on multiple domains - most on domain A (where QV is also installed), but also on domain B and domain C.
They have trust between the domains, so to grant users access across the domains, I have added the LDAP's in QEMC (under Directory Service Connector settings). They are using NTLM and the default login page.
Users on domain A are working perfectly - they are automatically granted access without problems. But users from domain B and C are prompted for username and password before they get access.This is not desireable for my customer, so I'm trying to change that.
Is it possible for users from all domains to get 'automatic' access - so not prompted for username/password? Or does QV only support 1 domain?
My customer is currently in the process of moving all users from domain A to domain B, so over time the problem will increase (untill I move QV to domain B as well).
The documentation on this is pretty sketchy and I haven't been able to find the answers elsewhere.
Hope you can help.
Br,
Hasse Bæk Nielsen
Hi Richard
Yes - I got this working. But it turned out that the problem was most likely caused by some changes to the network configuration, so I am not sure my ‘solution’ will work for you.
I discovered that the users from domain B was using a different url when accessing the QV AP; something like ‘http://QVServer.DomainA.internal/qlikview/index.htm’. And it was only when using this, the users were prompted for user name/password.
The regular users were using ‘http://QVServer/qlikview/index.htm’. When I had the users from domain B use the regular url, they were not prompted.
I suspect that there is a good explanation for this, but unfortunately I never got to the bottom of why the access point url was constructed like this in the first place and if some later network change caused the problems.
Thanks for all your help everybody – most appreciated.
Br,
Hasse
I would think if that is happening there is an issue with the trusts.
Bill
Hi Bill
Thank you - really appreciate your help.
Any ideas how I test if the trust is indeed the cause of this? The domains including the trust are managed by internal IT of the customer, so hard for me to debug.
Br,
Hasse
Hi,
I may have read you issue wrong. After they input their user name and password do they get in? If so try adding the site to their trusted site in IE?
Bill
Hi Bill
Thanks again.
Yes, after typing username and password, they get in just fine.
I will try to fiddle with the IE security settings. Hope that will solve it.
Br,
Hasse
Try to add it to trusted sites in IE security
Hi Hasse,
Did you ever get this working? I've tried adding the site to the trusted ones and it still doesn't seem to work?
Hi Richard
Yes - I got this working. But it turned out that the problem was most likely caused by some changes to the network configuration, so I am not sure my ‘solution’ will work for you.
I discovered that the users from domain B was using a different url when accessing the QV AP; something like ‘http://QVServer.DomainA.internal/qlikview/index.htm’. And it was only when using this, the users were prompted for user name/password.
The regular users were using ‘http://QVServer/qlikview/index.htm’. When I had the users from domain B use the regular url, they were not prompted.
I suspect that there is a good explanation for this, but unfortunately I never got to the bottom of why the access point url was constructed like this in the first place and if some later network change caused the problems.
Thanks for all your help everybody – most appreciated.
Br,
Hasse