Qlik Community

QlikView Documents

Documents for QlikView related information.

Leveraging Section Access (via NTNAME) to deploy On-Demand NPrinting reports with seamless , user based security


Leveraging Section Access (via NTNAME) to deploy On-Demand NPrinting reports with seamless , user based security

Leveraging Section Access (via NTNAME) to deploy On-Demand NPrinting reports

This article uses NPrinting v16 and QlikView 11.2 to show a sample methodology to deploy on-demand NPrinting reports, when the user dashboard is secured via QlikView Section Access with NTNAME (not userid/password). 

Because NPrinting v16 cannot attach to a QlikView dashboard that is secured when the same dashboard contain section access via NTName , extra steps are required to synchronize QlikView security and NPrinting security to ensure users only ever get reports containing the information they are able to see.

This sample does not cover the scenario where Active Directory groups are used in the NTName field, just users.  It also does not cover the scenario when column based filters are in use via the Section Access 'omit' field.

Step-by-step guide

Part 1:   Tweaking the User dashboard to include secure on-demand report capability

1. This step is optional but i opted to create my authorization table in a SQL Server database.  The authorization table i created stores role, a user ID field , the user's ID as NTNAME would recognize it (NTNAME) ,  a filter (Region), and the user's email.

2. The user dashboard (which the user's consumes) contains the following section access table

Section Access;

Role as ACCESS,
FROM Test.dbo.SecurityTableWithNTNAME;

Section Application;


This section access table filters the dashboard for each user using a filter on REGION

3. When QTSEL\JPE  auto signs on to the dashboard, they see the following view (filtered on Region=Canada,United States).  On the left side, note that osuser() function returns the Section Access NTNAME value:  QTSEL\JPE


4. Note that the Nprinting on demand task button in the lower  left side of the dashboard has been configured to pass the OSUSER()  to Nprinting. The value of OSUser() will correspond to the Nprinting recipient ID in Nprinting.

This is done by tweaking the 'Additional Recipients' property of the button to dynamically determine who is currently logged in , based on the section access security, and call for an filtered, emailed version of the report for that same Nprinting recipient ID.


Part 2:   Setup Nprinting to dynamically load the right recipients, filters, and email addresses for secure on demand report.

     1. Author a 2nd 'staging dashboard' to be used by NPrinting. Remove unnecessary features not required by Nprinting

      NPrinting cannot attach to a QVW that is secured via section access when the section access table contains the field      NTNAME. NTNAME is used to provide seamless access and is a recommended way of setting up QlikView security. As      a workaround, it is necessary to create a 2nd QlikView staging dashboard that will contain the QlikVIew data solely for      the purpose of executing Nprinting reports.  The 2nd dashboard can be a diminshed form of the user dashboard. For      example:

          a. The section access table is optional. If you do leave it in there (more secure) , you just need one user in the tabe: the Nprinting                service account. Only the nprinting service account will access this dashboard. No users will access the dashboard. A sample                section access table that Nprinting can connect to is as follows:

               Section Access;

               LOAD * INLINE [

               Section Application;


          b. Remove UI that isn't needed for the development of the Nprinting report(s)


          c. Remove data fields, tables etc... that aren't needed for the development of the Nprinting report(s)


          d. Aggregate data in the load to reduce the row count to the degree that is necessary for the development of the NPrinting report(s)

     2. Load a new data island table in the load script that will include all the recipients, their filters and their emails

      In this sample multiple value filters are grouped  into a delimited list. Do this using concat(distinct ) and group by. Here is a sample      leveraging the same SQL table that the user dashboard leverages for section access security.

           NTNAME as Recipient,
           'REGION={' & concat( distinct REGION,',') & '}' as RecipientFilter,    
           FilterID as RecipientFilterID,
           EMAIL as RecipientEmail
      group by FilterID,EMAIL,NTNAME;
       FROM Test.dbo.SecurityTableWithNTNAME;

     3. Expose the Recpient Import table to Nprinting by creating a table box with all four field. You can optionally hide the table in the UI


     4. Launch NPrinting and create a connection to the staging dashboard. Ensure any section access credetials are supplied



     5. Using the connection from step #4, create a brand new 'Recipient Import Task' . Use 'From 'QlikView Entity' and the table box from      step #3 above as the source

           With this import, the 'fullname' of the recipient is the same as the NTNAME from section access. This ensures, that NPrinting will           be able to map the OSUSER() from the on-demand execution to an actual recpient.
           The REGION filter appears as 'Filter1' and the FilterRef1 is the ID of the filter.


          6. Import the recipients and note how the recipients are created with email addresses AND filters already assigned



     7. Using the connection from step #4, create an Nprinting report . This shows a powerpoint report with 2 objects leveraged from the UI      of the staging dashboard


     8. Create a report distribution task that will email the report from step #7

          Select the report from step #7 ,  no need to add any recipients, author an email address template





Part III   Completing the on-demand section access setup

With this setup, the Nprinting 'run report' button cannot be used securely as the 'report queue' button will not honor the security of the tasks. Different users would be able to access the outputs of different users.

For this reason, use the 'run task' button to kick off the task from step #8 above that will automatically email the report to the current recipient with both section access filters and current selections appliedReopen the User Dashboard in QlikView, and ensure the Nprinting on demand task button is set up correctly.

     1. Open the User dashboard in QlikView and ensure the NPrinting project setup in Part II is referenced accurately.  Ensure  Nprinting      Project Path ,  Task ID , and Connection ID are all accurate


     2. Check 'use current selections' if you would like the user's current selections to be passed to the on-demand dashboard

           The exception to current selections is the field that filters the section access security.  Currently Nprinting will execute with all           regions, if a user filters the regions they can see to just one region, the additional filter will be discarded. A filter on any other field           will NOT be discarded.  The ability to configure the dashboard to pass current selections on the field that is secured is out of scope           but possible with additional dsahboard configuration


     3. Now when ‘QTSEL\JPE’ logs onto the dashboard and clicks run report, a few seconds later they get an email with the report filtered securely:


Summarized view of how a user request for an on-demand report flows:


Summarized view of how the QlikView User dashboard, the staging dashboard and the NPrinting recipients and filters are synchronized:


Version history
Revision #:
1 of 1
Last update:
‎07-27-2015 02:01 PM
Updated by: