Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
See why IDC MarketScape names Qlik a 2025 Leader! Read more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
daveatkins
Partner - Creator III
Partner - Creator III
‎2018-02-01 09:43 AM

a way to grant permission for all access point documents?

We have many Qlikview applications with access configured by AD security groups that were defined specifically for each application. The qvws are loaded from source documents folder and distributed to folders on the access point to named users (the named users is/are the business user AD group(s)). I need to give developer access to view ALL reports on the access point and do not want to individually add people into these AD groups that are functionally defined business users. Is there a way to apply permission across all documents to an AD group or do I have to go into each scheduled publication task and add the new AD group to the distribution list for every application?

2,239 Views
0 Likes
1 Solution

Accepted Solutions
Miguel_Angel_Baeyens
Employee
Employee
‎2018-02-02 01:30 AM

In response to daveatkins

If you are using NTFS authorization, permissions are set at Windows level, and QlikView will not interfere on that: if a user can see the file in the folder, the same file will appear in the AccessPoint (unless strictly excluded by section access reduction).

If you are using DMS instead, then Publisher does create the ACL for the users who can see the document, unless strictly excluded by the section access).

View solution in original post

1,975 Views
0 Likes
8 Replies
ali_hijazi
Partner - Master II
Partner - Master II
‎2018-02-01 09:53 AM

in the QMC got to Documents->User Documents

select your desired qvw file

then select Document CALs on the right

allocate the desired number of CALs to the document and check Allow Dynamic CAL Assignment

document_cals.PNG

here I allocated 3 CALs
and the first 3 users who try to open the document will be assigned document cals to the selected document successively
Now since you want to give these developer access then in QMC you go to System->Licenses->qlikview server then on the right select Client Access Licenses->General and check Allow dynamic CAL assignment

I can walk on water when it freezes
1,975 Views
0 Likes
vishsaggi
Champion III
Champion III
‎2018-02-01 09:56 AM

If you can send a list of users you want to add to the documents you can create a list and ask your IT security or admin to create an ad group for your dashboards. For example you have 20 id's whom you want to add to all documents. I sent this list to IT Security to create an AD group for this 20 users. So they created an AD group with name BusinessIntelligenceTeam. Then i used this AD group name to all the documents. Is this what you are looking for?

1,975 Views
0 Likes
daveatkins
Partner - Creator III
Partner - Creator III
‎2018-02-01 10:02 AM
Author

In response to vishsaggi

That is what I was describing for the AD groups, but that's the hard way that I want to avoid...hundreds of documents to edit the reload and distribute tasks.

What I want is a way to take that AD group, say "QVadmins" and apply it to every document on the server.

1,975 Views
0 Likes
daveatkins
Partner - Creator III
Partner - Creator III
‎2018-02-01 10:04 AM
Author

In response to ali_hijazi

that is licensing, not permissions. I have hundreds of documents with dozens of different AD groups individually configured in the reload+distribute tasks. I want to globally add a single AD group to all those tasks instead of piecemeal having to in and edit every one.

1,975 Views
0 Likes
Miguel_Angel_Baeyens
Employee
Employee
‎2018-02-01 10:13 AM

In response to daveatkins

Not sure if I understand what you want to do, but you might want to give a try at the QMC > System > Setup > QlikView Servers > Folder Access > Supervisors (but you might need to add users individually)

1,975 Views
0 Likes
marcus_sommer
MVP
MVP
‎2018-02-01 10:25 AM

I'm not familiar with the publisher and if your described AD groups really means the accss-control of the windows active directory to the file-system?. If yes it should be enough to create there an appropriate user-group and grant them with access to the root-folder (if all applications reside under it) respectively the highest folder within the hierarchy and enable that all subfolders and files inherit the access-rights.

- Marcus

1,975 Views
0 Likes
daveatkins
Partner - Creator III
Partner - Creator III
‎2018-02-01 11:28 AM
Author

In response to marcus_sommer

I'm not sure how the publisher works...doesn't it set permissions on the files every time it reloads? I could try setting the permissions from the file system

1,975 Views
0 Likes
Miguel_Angel_Baeyens
Employee
Employee
‎2018-02-02 01:30 AM

In response to daveatkins

If you are using NTFS authorization, permissions are set at Windows level, and QlikView will not interfere on that: if a user can see the file in the folder, the same file will appear in the AccessPoint (unless strictly excluded by section access reduction).

If you are using DMS instead, then Publisher does create the ACL for the users who can see the document, unless strictly excluded by the section access).

1,976 Views
0 Likes