Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
I have a need to publish a document with reduced data for some users and full data for other users. When i have 'Strict Exclusion' unchecked, all users can see everything in Access Point, but when i check 'Strict Exclusion' the users that should see reduced data are denied access to the document altogether.
Do anyone know what I should be looking at?
Hi Ashley,
"If this check box is marked in combination with Initial Data Reduction Based on Section Access, strict exclusion will be used when reducing the data. This means that access to the document will be denied whenever the field values in the section access reduction fields lack matches in their corresponding section application field. This, however, does not apply for users with Admin status, who instead will see the unreduced data set if there are no matches. This setting is enabled by default in documents created with QlikView 7.02 and later and is recommended for maximum access security."
So I would start checking the values of the reduction field (also make sure that you use the reduction FIELD names in upper case, as far as I remember), comparing between the section access and the FIELD values in section application.
If possible, you can also upload a small sample application that demonstrates this issue (with sample data, and please add the login credentials 😉 ), which may make it easier for us to spot the issue.
Regards,
Stefan
Yes, I have checked that the field names are capitalized, and the values in the field are numeric so that's not the issue. Also I have verified that that values I'm reducing on are contained in the data. I'll work on a sample to upload.
So I was trying to create a sample of this that I can attach but I'm not sure how to replicate it since I'm using NT authentication for the data reduction. The sample I created used generic user ID's created Inline in the script, and they work as they should in Access Point, so it seems the issue only happens when I'm using NT authentication. Is there any use in uploading a sample knowing that?
When using NT authentication, are the NT Names your using in your Section Access file in the Domain\Username format?
I have tried both with and without the domain name with the same result
To start create a simple QVW with a text box using OSuser(). This will tell you what QV is seeing the user ID as.
See attached
Bill
still not clear with your requirement
we are using NT name
where we have define access to users using NTname using Excel file like below
Access, NTName,Field name( say Region)
Admin,domain\username1,*
User,domain\username2,Asia
Note here field name is used for Reductionand load using'
Section access
load Upper(Access) as Access,
upper(NTName) as NTName,
upper(Region) as Region
from Xlspath
section application;
now in document setting -> Initial Data Reduction Based on Section Access and strict exclusion(check Both)
reload and check access
It shows the domain/username, but either way, the restricted user is still denied access to the document when I have 'Strict Exclusion' enabled.
What you describe is the way i have my document set up. And your user with access to only Asia data can get into the document via AccessPoint?