Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi all,
The idea is to have two different User-Level Access values (ACCESS_A and FULL ACCESS). People with ACCESS_A will have access to one ore more ACCOUNTS while those with FULL ACCESS will be able to see all accounts.
As an admin, I'm trying with qlikview desktop in my local pc and it works perfectly. If I have full access, I can see all data but If I change to ACCESS_A I only see some specific accounts.
The problem comes when I publish the document to INTEGRATION where it works with ACCESS_A but for full access raises the following error: "Access denied. You're not able to open the document 19"
My config and code below:
settings > document properties > opening > initial data reduction based on section access and strict exclusion (both checked)
SECURITY:
LOAD * INLINE [
ACCCESS,NTNAME,User-Level Access,Account_Key
USER,AUTH\USER_1,ACCESS_A,ACCOUNT_A
USER,AUTH\USER_2,*,*
USER,AUTH\USER_3,ACCESS_A,ACCOUNT_B
];
Concatenate
LOAD * INLINE [
ACCCESS,NTNAME,User-Level Access,Account_Key
ADMIN,AUTH\SERVICE_ACCOUNT_INTEGRATION,*,*
ADMIN,AUTH\SERVICE_ACCOUNT_PRODUCTION,*,*
ADMIN,AUTH\ADMIN,*,*
];
//Section Access
section access;
LOAD *
RESIDENT SECURITY;
section Application;
Any idea?
Thanks for your support!
Ummm ... you have to be carefull with the order of reloads when uses seccion access.
You allways have to do it within an ADMIN user without reductions.
Did you run the sample I attached?
Albert
After doing some changes it works in local as expected.
However, once I move to the Content development environment and the server runs the .qvw I can't open it from the access point (failed to open, again).
The point is that if I download the reloaded .qvw to my desktop, I'm able to open it and the security is applied as expected.
I only add one line in the security.qvd with my AUTH NTNAME and USER = "ADMIN". I have also added the service accounts for both servers.
What's the problem in the server then?