Qlik Community

QlikView Security & Governance

Discussion Board for collaboration on QlikView Security and Governance.

Announcements

Breathe easy -- you now have more time to plan your next steps with Qlik!
QlikView 11.2 Extended Support is now valid through December 31, 2020. Click here for more information.

luxlux80
Not applicable

Qlikview Document Folder Security based on Active Directory Group

Hi,


We have

Qlikview Security          NTFS

User Group                FinanceDept,HelpDeskDep

AD User Group          AD_FincanceDept,AD_HelpDeskDept

File Folder                 FincanceFolder,HelpDeskFolder

Application                FinanceApp.qvw,HelpDeskApp.qvw.

Qlikview Category     Fincance,Help Desk


Only Finance should see the FinanceApp.qvw and Help Desk group can view only HelpDeskApp.qvw.

Steps taken to implement the AD Group Security access:

1.

FinanceApp.qvw saved in FinanceFolder, in QMC FinanceFolder is mounted.Category Finance created for FinanceApp.qvw

HelpDeskApp.qvw saved in HelpDeskFolder, in QMC HelpDeskFolder is mounted.Category Help Desk created for HelpDeskApp.qvw

2.AD_FincanceDept added to (Mounted Folder) FincanceFolder,AD_HelpDeskDept added to (Mounted Folder) HelpDeskFolder .


Access point shows both application to both user group where it should not be.Only Finance should see the FinanceApp.qvw and Help Desk group can view only HelpDeskApp.qvw.

How to implement Folder level access based on AD User Group.

4 Replies
herbert88
Not applicable

Re: Qlikview Document Folder Security based on Active Directory Group

Hi  luxlux80

Just take care if there is any "everyone" group with read access(you nedd to remove this kind of access)

Then add the specific groups in the specific security rules of the folders.

Peter_Cammaert
Not applicable

Re: Qlikview Document Folder Security based on Active Directory Group

In addition to what Herbert already stated, remove items like machinename\Users and Domain Users from the security list of both your document folders.

In NTFS, the most permissive rule will always win in the Allow column.

luxlux80
Not applicable

Re: Qlikview Document Folder Security based on Active Directory Group

Thanks Herbert Zangarini,

Please let me know how to set up everyone group. Where to find if one exists.

luxlux80
Not applicable

Re: Qlikview Document Folder Security based on Active Directory Group

Solution by Qlik Support:

  1. Create Finance AD Group in Active Directory,
  2. Move FinanceApp to "Qlikivew Source Folder",
  3. Schedule a task to refresh the FinanceApp , add named users and select Finance AD Group and select "Qlikview User Folder" in Distribution.

Once the Schedule successful and FinanceApp moved to "Qlikview User Folder", the app is embedded with the user group. Now Only Finance Group can access the FinanceApp in Accesspoint. Do the same for other groups.