Discussion Board for collaboration on QlikView Security and Governance.
I have a question regarding ntfs security.
I'm a member of the Administrators group on the server. This group has been given rights for a qlikview file and i am able to see the file on the access point. So this is what i would expect.
When I remove the Administrators (from the list of users and groups that have rights for the file) and instead add another local group, then i suddenly can't see the file on the access point - eventhouh i am a member of this group as well.
Can someoby help with this? Is it not possible to assign rights to a file in this way?
I think better will be to assign access rights on folders and not on files. Are you a member of the another local group or any other group which has access? Further do you mean with removing really a delete of the group or a lock?
Another point will be section access which could be also used to control the visibility of applications within the access point.
Thanks for your reply.
Yes, i'm a member of the local Group which I added to the list of "groups or user names" under 'properties - security' on the file.
I did't delete the Administrators group - i just removed it from the list.
What am i doing wrong, since this is not working out?
Is section access enabled with the control of the list of documents in the access point (document properties in tab server on the bottom right area)?
Just for testing - disable the section access within the script and the document properties and reload+save the application - and try again to access it within the access point. If you could see and access the application - the solution will be that the section access needs an adjustment.
I'm currently not using section access in the script, so i don't think its about that.
Previously we did use section access to control the access to parts of the datamodel for some users.
We don't do that anymore, because we generally found section access to be a bit difficult for us to administrate and Work with.
I have now disabled the section access in the document properties, reloaded and saved. I don't see the application on the access point.
Belonged your local usergroup to the same active directory as your administrator-group (probably not)? If not I think you need to specify your local directory within the qmc:
Both Groups are local and part of the local directory.
I have also tried to add my AD name directly to the list (the exact same username as is part of the Administrator Group). Stil I can't see the application.
I don't get it.
Thanks for your suggestions.
For testing try to create a new usergroup and assign you as a member and than give this group access rights to the folder where the application reside - maybe there is anything wrong with the other usergroup - active directory could be complicated (for non-admins like me) with inheritance of rights and possible locks anywhere.