Skip to main content
Woohoo! Qlik Community has won “Best in Class Community” in the 2024 Khoros Kudos awards!
Announcements
Nov. 20th, Qlik Insider - Lakehouses: Driving the Future of Data & AI - PICK A SESSION
cancel
Showing results for 
Search instead for 
Did you mean: 
bela
Contributor III
Contributor III

Access was denied for User: 'NONE\anonymousxxxx'

Hi All;

We have a QS server with February2020 Patch 1-13.62.7

Looking at Log Monitor app , I found these errors:

Service: Proxy

1- User authenticated. User 'NONE\anonymousac1d6090-d8a3-4224-a6b6-3f4712f7c813' used authentication method 'anonymous' and got session '4e79345c-ff0f-47d9-a055-220311b1fda0'

2- Start session for user: 'NONE\anonymousac1d6090-d8a3-4224-a6b6-3f4712f7c813'

Service: Repository

3- Access was denied for User: 'NONE\anonymousac1d6090-d8a3-4224-a6b6-3f4712f7c813', SessionId: '4e79345c-ff0f-47d9-a055-220311b1fda0', Hostname: '::ffff: x.x.x.x', Requested access types: '', OperationType: 'UsageDenied'.

Hostname is IP address inside the office.

My Question:

Is there a security problem? Is access really denied?

Any suggestion?

Thanks in advance.

 

K. BELA

 

 

Labels (3)
2 Solutions

Accepted Solutions
mpc
Partner - Specialist II
Partner - Specialist II

Hi, 

Can you check in the QMC > Virtual Proxy if Anonymous users authentication is allowed ? 
If you does'nt want anonymous user to connect and this functionnality is enabled, please disable it. 

In your case: 

  • An anonymous user has successfuly connect to Qlik Sense
  • BUT, since he doesn't have a licence (Repository database message means that), no app was opened

Then, no security breach was exploited, but you really should disable anonymous access if you want to prevent this kind of access. 

Kind reagrds

From Next Decision and mpc with love
It helps, like it, It solves, mark it

View solution in original post

bela
Contributor III
Contributor III
Author

Hi;

Thank you for everything.

K. BELA

View solution in original post

5 Replies
mpc
Partner - Specialist II
Partner - Specialist II

Hi, 

Can you check in the QMC > Virtual Proxy if Anonymous users authentication is allowed ? 
If you does'nt want anonymous user to connect and this functionnality is enabled, please disable it. 

In your case: 

  • An anonymous user has successfuly connect to Qlik Sense
  • BUT, since he doesn't have a licence (Repository database message means that), no app was opened

Then, no security breach was exploited, but you really should disable anonymous access if you want to prevent this kind of access. 

Kind reagrds

From Next Decision and mpc with love
It helps, like it, It solves, mark it
bela
Contributor III
Contributor III
Author

Hi;

Thanks for your response.
Access to the QMC console level for the anonymous user is disabled, see below.

bela_0-1715862740714.png

What about Externam Program Task?
How can I check that there has been no external code execution? I would like also to take advantage of your contribution to ask you where I could find the MAC address corresponding to the IP address of the Hostname ?
Thanks again.

K. BELA


 

 



 

mpc
Partner - Specialist II
Partner - Specialist II

Hi, 

You can check in the Task section of the QMC if any external task is scheduled. Moreover, in the shceduler log you should see it. 

To find the MAC address associated to the IP, I d'on't think it possible with Qlik Sense logs, but your network admin can do it easily. 

From Next Decision and mpc with love
It helps, like it, It solves, mark it
bela
Contributor III
Contributor III
Author

Hi;

Thank you for everything.

K. BELA
mpc
Partner - Specialist II
Partner - Specialist II

You're welcome !

From Next Decision and mpc with love
It helps, like it, It solves, mark it