I'm trying to establish document authentication using credentials from the Active Directory (AD) in the access point. I already have AD authentication for the access point but I want to know who is who inside each document, so I tried to connect and extract the data from the AD users inside the QV documents.
I can extract the data I need for authentication, which is the sAMAccountName (username) and title (which I would like to use later for authorization). I can list these information on a QV document. My problem is when I try to feed this information to a access table (ACCESS | NTNAME).
The following code shows what I tried to do on the reload script (the AD connection is not shown, but that is not the problem since I can extract the data from there)
OLEDB CONNECT TO [A PROVIDER]
Section Access;
activedirectory:
load
sAMAccountName,
title;
sql select sAMAccountName, title from 'LDAP CONNECTION';
users:
LOAD
'ADMIN' AS ACCESS,
'DOMAIN\' & sAMAccountName AS NTNAME
RESIDENT activedirectory;
When I try to access this document through the access point I'm asked for further authentication (Username, Password).
I have a workaround where I extract the data from the AD with another application and create a csv file with this data, then feed it to QV and then it works. But I can't understand why I can't connect directly with the QV document to the AD for authentication.
Can someone shed a light in this matter? Thank you.
You also need to get the NTDomainSID string. The only way I know of creating this is from within QlikView developer on the server machine (Edit Script > Insert > Domain SID). I think you should be able to hard code it though as it doesn't get changed in normal operations.
Using the NTDomainSID still doesn't work. And in my workaround, where I feed the AD data from a csv file I don't use the NTDomainSID, so I don't really understand what is it there for.
