Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2016-06-01 03:27 PM

Security choices

Hi,

I need an advise on what approach to take to apply Level 2 security to a dashboard.

Level 1 who can see the dashboard is based on groups in AD.

Ones you are in data should be filtered based on AD info what schools you have access to.

User types are :

-School principle (should see one school)

-superintendent1(should see several schools A,B,C)

-superintendent2(should see several schools D,E,F)

-superintendant3(should see all schools)

-admin(can see all schools)

Thanks,

L

682 Views
0 Likes
9 Replies
jpapador
Partner - Specialist
Partner - Specialist
‎2016-06-01 03:59 PM

You'll want to use a feature called Section Application.  It essentially allows you to build a two column table and link it to a field to reduce what data a user can see.  Column 1 would be NTNAME, column 2 would be SCHOOL.  You can find help on the syntax by searching section application in the help section of qlikview or here on the community.

You would link that to the school field in your data model.

NTNAME, SCHOOL

[Principal name], A

[superintendent user 1], A

[superintendent user 1], B

[superintendent user 1], C

[superintendent user 2], D

[superintendent user 2], E

[superintendent user 2], F

etc

556 Views
0 Likes
Peter_Cammaert
Partner - Champion III
Partner - Champion III
‎2016-06-01 04:07 PM

In response to jpapador

You mean "Section Access"?

556 Views
0 Likes
Not applicable
‎2016-06-01 04:13 PM
Author

In response to jpapador

username,password,School

Admin,123,*

principle,123,A

[superintendent user 1], 123,A

[superintendent user 1], 123,B

[superintendent user 1],123, C

[superintendent user 2], 123,D

[superintendent user 2],123,E

[superintendent user 2], 123,F

etc

556 Views
0 Likes
Not applicable
‎2016-06-02 08:31 AM
Author

thank you all

to use Section Access do I create user/school QVD based on AD info?

Can I use publisher so I filter data before dashboard loads per user, is it an option?

The dashboard is relatively big already and it will continue to grow every year. Performance could be an issue.

Thanks,

L

556 Views
0 Likes
Colin-Albert
MVP
MVP
‎2016-06-02 08:34 AM

There is a comprehensive list of resources about Section Access here which should answer your question.

The list has been compiled by marcus_sommer

Section Access

556 Views
0 Likes
Colin-Albert
MVP
MVP
‎2016-06-02 08:36 AM

In response to

If you have publisher, you can use Loop & Reduce to split your one large app into several smaller apps each containing data for one school or a group of schools.

You can use file / folder permissions and/or Section Access to control who can access this data.

556 Views
0 Likes
Not applicable
‎2016-06-02 08:55 AM
Author

In response to Colin-Albert

thanks,

I was wondering if splitting into apps per school is a good idea. there are 266 schools

556 Views
0 Likes
Colin-Albert
MVP
MVP
‎2016-06-02 09:00 AM

In response to

If you use Section Access with Data Reduction and Strict Exclusion, data from schools the user does not have permission to view will be removed from the app they open anyhow.

Do your users just need to see data from one school or from a region or group of schools?

Have a look at the links on Section Access I posted earlier, there are several items on data reduction.

556 Views
0 Likes
Not applicable
‎2016-06-02 09:36 AM
Author

In response to Colin-Albert

principles see one school only (266 schools), superintendents see different groups (up to 30 groups)

556 Views
0 Likes