Hi everyone,

Since a few weeks we're experiencing some difficulties with our Qlikview Server configuration.

We have created a local account on our server machine and the Qlikview Server service runs under its identity.

The machine is in a domain, but the account is local to the machine.

We're experiencing frequent login attempts from the Qlikview Server service on the active directory. Since the service runs under a local user account, the credentials is unknown in the directory, resulting in lots of authentication failures. We have asked our domain administrator to provide us with a domain account for the service to run under, so the authentication succeeds and so we can start monitoring for genuine intrusion attempts again.

Although this may only solve the problem in a superficial manner, we're still puzzled as to why the QVS service tries to authenticate on the domain in the first place. We had a mis-configured AD DSC service, but this was removed with no change in the situation. I have set the service logs verbosity to its highest settings to be able to see any relevant information and I'll check them tomorrow.

We believe this is not caused by an application since the authentication failures occur throughout days and nights and is not bound to any application usage. Moreover, failures do not match with any task scheduling so we also think that task configuration is not relevant. Now we're a bit short on ideas, so any help on that subject would be appreciated

Kind regards