Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

After installing QV11SR2 and https certificate, alternate login page (web form) only allows server admins. Anyone get this?

As the question says, after installing QV11SR2 and https certificate, alternate login page (web form) only allows server admins. Default login page (browser authentication) works as normal. Anyone get this? The only other manual change made after the upgrade was to tick on https on port 443.

Thanks

31 Replies
Miguel_Angel_Baeyens

Hi,

If the certificate is self signed, you are likely to need to add the server to the trusted sites, or users will get a security error. Try with a different browser than IE, just in case, and make sure the Internet Options are not set to check certification valitidy.

Make sure as well that the certificate is linked to the computer according to Microsoft documentation.

Hope that helps.

Miguel

Not applicable
Author

The certificate is not self signed, its verified by a registered and widely used third party. Users can load the https: login page normally, the url bar is green etc. Once the landing page loads, they try DOMAIN\user, the screen flashes for a second and the login comes back up - no bad password or other errors. When an admin logs in the same way, it goes through and the access point with available dashboards loads normally.

I went through the Micrrosoft Document and I think we did all the steps correctly.

I have tried giving users more rights to the meta and shared qvws documents folder but that didnt help either.

Thanks for the assistance till now, if you can think of anything else I should do please add.

Miguel_Angel_Baeyens

Hi,

Is there any chance that the proxy or firewall has different rules for admins than for users and hence the issue, not because the permissions but because the network settings?

Miguel

Not applicable
Author

The admins are in a different 'zone' to the normal users, but I asked our networks guys and they don't know of any different 'blocks' when it comes to networking through the website. They rechecked the https firewall and port blocking rules, and there is nothing to differentiate a user from an admin.

Please keep in mind that default auth. works for both users and admins, and only webform does not work for user. My first hunch would be that after we set up SR2 and the Certificate, users are trying to access a file or files only during webform login that they do not have rights to, anything I could check?

Miguel_Angel_Baeyens

Hi,

Are users able to see the certificate in the certificates stores within IE or the browser they are using to get to the AccessPoint? I keep thinking on a permissions/network issue...

I would check the server executable files and DLL:s in C:\Program Files\QlikViewServer\Server for the QlikView part and in the IIS console from the Windows part...

Miguel

Not applicable
Author

Hi Miguel,

Thanks for your help and your assistance. We have upgraded to ver 11643, but the problem still exists. It is very baffling as to why the problem is restricted to only webform and non-admins. We have checked and tested several theories like adding users to folder rights etc, but nothing unlocked the issue yet. The users can see the certificate and its accepted and normal. The only variant to the problem so far is that in Chrome, users do not get the 'login error' popup but only a blank screen stuck on the authenticate.aspx page. Any hints?

Not applicable
Author

Hi,

Have you solved the problem? We are facing the same problem as you. And our current setup is quite similar to yours as well (HTTPS) but we are using 3 servers (QVWS, QVS and Publisher).

Not applicable
Author

Hi,

No we are still same, tried again after applying the latest security patch for QV11SR2 (v11643). It is still a mystery why only admins can login through webform, but everyone else can go in through with browser authentication. Just to add, obviously we are using DMS authorization (QlikView controls file access) not NTFS.I am hoping this gets picked up somehow and I will post here if it does.

Bill_Britt
Former Employee
Former Employee

I guess I would ask why are you using the Alternate Login page? Why are you not allowing the OS handle the login?

Bill

Bill - Principal Technical Support Engineer at Qlik
To help users find verified answers, please don't forget to use the "Accept as Solution" button on any posts that helped you resolve your problem or question.