Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
MuizNaseem
Contributor II
Contributor II

majority of users are not able to log into Access point

Hi There, 

I would like to know if QlikView requires any specific right or permission  on Windows 2016 operating system. We are facing any issue where the user is NOT able to access the application through Access Point. 

 

Regards 

Muiz 

12 Replies
Albert_Candelario

Hi Muiz,
Are the users able to open the access point? or is the issue that the access point is empty for them?
Are you using DMS or NTFS ?
Cheers!
Please, remember to mark the thread as solved once getting the correct answer
abdul_qadir
Contributor
Contributor

Hi Albert,

The users are able to access from the open server but NOT from the access point and we are using NTFS ...

Looking for help because this is production level issue

Albert_Candelario

Hi,

 

Has this ever worked? Did you provide Windows access to the mounted folder to the users? 

 

See:

Authorization (What are you allowed to see?
What are you allowed to do?)
Once a user has been authenticated (i.e. the system knows who they are), the first step in
assigning their security privileges has been completed. The second step is to understand
what authority or rights they have to applications, data or both. This step is called
Authorization. At a fundamental level, an administrator will populate an Access Control
List (ACL) with a list of users and/or groups and what they should have access to. When
the time comes for a user to request access, the system looks up the user’s authenticated
identity in the ACL and verifies if the administrator has granted the user enough privileges
to do that.
Direct access to the QlikView Document using QlikView Desktop is always governed by
Windows NTFS File Security. Access to the web-based QlikView Enterprise Management
Console is restricted to Windows Users who are a member of a particular local Windows
Group.
DOCUMENT-LEVEL AUTHORIZATION
Once a user has been authenticated, the QVS typically handles authorization on its own. The
QVS offers the choice between storing the ACL information as Windows NTFS privileges
(applicable only when the user authenticated using a Windows user identity) or by storing
the ACL information in QlikView’s own internal repository (called DMS or Document
Metadata Service). The choice of NTFS or DMS affects access to all documents on the
QVS.
NTFS VS DMS
The QVS can use the Windows file system’s own NTFS privileges to store authorization
information. When in NTFS authorization mode, the QVS controls access to a given QlikView
document by determining if the authenticated user has NTFS privileges to the underlying
QlikView Document file (.QVW file). This is based on the operating system privileges and
Windows NTFS is used for the ACL. The privileges of the authenticated user are configured
by a server admin using standard Windows Explorer functionality via directory properties
options.
 
As an alternative to Windows NTFS, QlikView can use its own ACL called the Document
Metadata Service (DMS). Unlike NTFS, this allows non-windows users and groups to be
authorized to access applications and data. DMS integrates fully with the existing Directory
Service Provider (e.g. Active Directory, other LDAP) where Group Membership has been
recorded, this is a mechanism by which the QVS can re-use existing enterprise account and
group structures. The permitted Users or Groups are recorded in a meta file that resides
beside the QlikView Document, and is managed using the QlikView Enterprise Management
Console.
NTFS is the default document authorisation model, and suitable when all users and groups
are identified in Active Directory or locally on the QVS host. The NTFS permissions may be
inherited from the directory that the QlikView documents are in, or may be assigned using
QlikView Publisher distribution tasks.
DMS is required if the authenticated user identity is not a Windows User Account. The DMS
permissions are explicitly assigned using the QlikView Enterprise Management Console, or
may be assigned using QlikView Publisher distribution tasks.
 
 
Cheers!
Please, remember to mark the thread as solved once getting the correct answer
MuizNaseem
Contributor II
Contributor II
Author

Hi Albert, 

 

Thanks for the reply but the issue is that users who are initialized in the Licenses tab cannot log in to the Access point, they can access the page. However they are able to lease licenses. I have looked into the Qlik Logs and they seem to return this error for every user which is initialized in the License tab. In addition the active directory is also working fine because it's searching the user which are available. 

warning system : meta service - has access : Empty user has found

 

I hope you understand that we haven't reached the document level authentication yet for the access point. 

 

Regards 

Muiz 

 

 

Albert_Candelario

Hi,

 

could you attach a screenshot of what the users are seeing in the access point? Is there shown any No Server message?

As I asked before, has this ever worked?

Thanks!

 

Please, remember to mark the thread as solved once getting the correct answer
MuizNaseem
Contributor II
Contributor II
Author

Albert this is a fresh Installation so this issue is appearing for the first time, I have attached a screenshot of what is appearing on my access point screen, it doesn't gives me an error it just gives a blank screen after inputting the username & password Regards
Albert_Candelario

Hi,

Thanks for the pictures, so I understand the users add the user and password and it becomes blank again. In this case, it could be an issue with the authentication. What kind of authentication are you using?

Did you also check the Windows logs, applications, security and system?

I hope we, the Community, can help to solve your issue  💪

Please, remember to mark the thread as solved once getting the correct answer
MuizNaseem
Contributor II
Contributor II
Author

I also though of that but when i am leasing licenses to QlikView Desktop with this user its leasing it. Authentication type is NTFS. After checking the windows logs i found the error for the users stating. I have searched the internet for this particular issue but nothing that i could find. I hope so. Thanks for the continuous help 

warning system : meta service - has access : Empty user has found

Albert_Candelario

Hi,

I guess you mean you use for the authorization the NTFS and for the authentication the NTLM, right?

Are you using IIS or QVWS?

Are you seeing in the windows security logs any failure on the login?

Is the error just - warning system : meta service - has access : Empty user has found or is there something else at the end.

Thanks to you for sharing this with us!

Please, remember to mark the thread as solved once getting the correct answer