Re: Object level security with NTNAME in script? - Qlik Community

qlikuser222 · ‎2016-09-30

HI All,

Can we achieve object level security by having NTNAME in the section access script?

Users will be given access to document based on there NTNAME. But when they are on the server, dashboard takes servers NTNAME and we are unable to achieve object level security for users.

(for example :

test:

load * inline [

USER, FLAG

XXX, Y

YYY,N

ZZZ,Y];

section access;

load * inline [

ACCESS, USER as NTNAME, FLAG

ADMIN, SERVERS NTNAME,

ADMIN, XXX, Y

ADMIN,YYY, N

USER, ZZZ, Y];

in the above script if we want to hide any object on dashboard by giving condition, if(FLAG='N','***',SHOW-FIELD-VALUE), and when

USER with NTNAME YYY lo gin ,he is supposed to see *** for the object where we gave condition, but he still see SHOW-FIELD-VALUE instead of ****, because on server its taking servers NTNAME.

Any way we can achieve it?

Please help

Thanks

Gysbert_Wassenaar · ‎2016-09-30

section access;

load * inline [

ACCESS, USER as NTNAME, FLAG

ADMIN, SERVERS NTNAME,

ADMIN, XXX, Y

ADMIN,YYY, N

USER, ZZZ, Y];

The above does not create a field NTNAME, but a field [USER as NTNAME]

Try this instead:

section access;

load * inline [

ACCESS, NTNAME, FLAG

ADMIN, SERVERS NTNAME,

ADMIN, XXX, Y

ADMIN,YYY, N

USER, ZZZ, Y];

talk is cheap, supply exceeds demand

qlikuser222 · ‎2016-09-30

Hi Gysbert,

Thanks for the reply.

i can able to create NTNAME

My question is can we achieve object level security using NTNAME?

i will have condition on objects based on the flag 'Y' or 'N' and flag is mapped to NTNAME. i was able to achieve the results on local machine. But not on the accesspoint

Because the flag will be mapped to NTNAME and when user in on the server , it always takes Servers NTNAME and there object level security is not possible?

Please help.

Thanks

rajpreeths · ‎2016-09-30

Could you please clarify me what is ntname and server ntname..

As per my understanding both are not different..

If its different then use servers ntname id in the section access part.

And make flag as YES for those ntnames who should see ur object and NO for those who should not have access to particular object.

And in the section application part add the following inline script.

INLINE LOAD

FLAG OBJETACCESS

YES ,1

NO,0

Please ensure the FLAG FIELD AND VALUES DEFINED IN THE section access and section application part are in upper case.

Finally add the following condition in the CONDITIONAL HIDE of the object.

Sum(OBJETACCESS)=1

This way we can achive object level security.

rajpreeths · ‎2016-09-30

You can add the condition in the sheet object as follows.

Right clikc sheet object then properties -》Layout tab -》 Conditional

Add your condition in the expression box

aapurva09 · ‎2016-11-02

I have the same issue as Nicholas.

On the local machine the qvw shows my NTNAME and select the correct flag. But when it is opened from Access point, it shows system user's NTNAME from which the qvw was reloaded in QMC and it always uses that same flag value related to system user's NTNAME for all the users.

Can you help?