Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us to spark ideas for how to put the latest capabilities into action. Register here!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
MK_QSL
MVP
MVP
‎2016-04-01 05:07 AM

Section Access NTNAME

I am facing a strange request which is difficult for me to fulfil.

I have developed an QV app and allocated to users with NTNAME section access.

Section Access example is shown below.

Section Access;
LOAD

     ACCESS           as ACCESS,

     UPPER(NAME)      as NTNAME,
UPPER(DEPARTMENT)    as DEPARTMENT
INLINE

[

     ACCESS, NAME,          DEPARTMENT

     ADMIN,  DOMAIN\MANISH, *

     USER,   DOMAIN\A,       DEPT1

     USER,   DOMAIN\B,       DEPT2

     USER,   DOMAIN\C,       DEPT3

     USER,   DOMAIN\D,       DEPT4

     USER,   DOMAIN\E,       DEPT5

     ADMIN,  JAMES,          *

];


Section Application;

I am having an admin rights. But JAMES our IT Head also want to have Admin rights but he wants to open this application from his Personal computer without joining to Network so no domain name (Not on Access Point)

Is there any way to handle this in QlikView?


7,515 Views
15 Replies
stevedark
Partner Ambassador/MVP
Partner Ambassador/MVP
‎2016-04-03 03:13 AM

In response to tamilarasu

This approach of using a machine name sounds insecure to me. If someone

knew the username of a user (from QMC, Ops Monitor, log files or looking at

a locked machine etc.), they could rename their machine to match the

machine name of the user and create a user with the same name and then get

access to apps and data they should not be allowed to.

I'm not sure what would happen if a user set up a machine with the same

name as the domain whether that could then be used to gain access to

QlikView documents. It seems to follow that they could.

This is why whenever domain access is used the NTDOMAINSID should also be

used, as this is harder to find for a hacker and much harder (impossible?)

to spoof.

Steve

666 Views
0 Likes
Kushal_Chawda
MVP
MVP
‎2016-04-03 03:38 AM

I think you can implement the SSL VPN setup so that the user who want to access the application over internet can connect through VPN over secure network to gain the access.

666 Views
0 Likes
stevedark
Partner Ambassador/MVP
Partner Ambassador/MVP
‎2016-04-03 08:17 AM

In response to Kushal_Chawda

Indeed, a VPN solution would perhaps be the best way ahead, but the

original question was around having a login without a domain, rather than

different ways of using domains and computer names. That requires the use

of USERID.

Steve

666 Views
0 Likes
Kushal_Chawda
MVP
MVP
‎2016-04-03 10:20 AM

In response to stevedark

Yeah steve, you are correct, if user is going to access the application over internet(using SSL VPN) he will not be actually logged in as domain user, so he need to access it using USERID and PASSWORD.

666 Views
0 Likes
MK_QSL
MVP
MVP
‎2016-04-05 07:04 AM
Author

In response to MK_QSL

Hi Steve,

I have tested and glad to let you know that it is working as per my requirements.

Thanks for your solution.

Regards,

MK

666 Views
stevedark
Partner Ambassador/MVP
Partner Ambassador/MVP
‎2016-04-05 11:58 AM

In response to MK_QSL

No problems Manish - glad it is now working.

Steve

666 Views