Solved: Re: Access was denied for User: 'NONE\anonymousxxx... - Qlik Community

bela · ‎2024-05-15

Hi All;

We have a QS server with February2020 Patch 1-13.62.7

Looking at Log Monitor app , I found these errors:

Service: Proxy

1- User authenticated. User 'NONE\anonymousac1d6090-d8a3-4224-a6b6-3f4712f7c813' used authentication method 'anonymous' and got session '4e79345c-ff0f-47d9-a055-220311b1fda0'

2- Start session for user: 'NONE\anonymousac1d6090-d8a3-4224-a6b6-3f4712f7c813'

Service: Repository

3- Access was denied for User: 'NONE\anonymousac1d6090-d8a3-4224-a6b6-3f4712f7c813', SessionId: '4e79345c-ff0f-47d9-a055-220311b1fda0', Hostname: '::ffff: x.x.x.x', Requested access types: '', OperationType: 'UsageDenied'.

Hostname is IP address inside the office.

My Question:

Is there a security problem? Is access really denied?

Any suggestion?

Thanks in advance.

K. BELA

mpc · ‎2024-05-16

Hi,

Can you check in the QMC > Virtual Proxy if Anonymous users authentication is allowed ?
If you does'nt want anonymous user to connect and this functionnality is enabled, please disable it.

In your case:

An anonymous user has successfuly connect to Qlik Sense
BUT, since he doesn't have a licence (Repository database message means that), no app was opened

Then, no security breach was exploited, but you really should disable anonymous access if you want to prevent this kind of access.

Kind reagrds

From Next Decision and me with love
This answer help you ? Like it ! Problem solved ? Mark it !

View solution in original post

bela · ‎2024-05-19

Hi;

Thank you for everything.

K. BELA

View solution in original post

mpc · ‎2024-05-16

Hi,

Can you check in the QMC > Virtual Proxy if Anonymous users authentication is allowed ?
If you does'nt want anonymous user to connect and this functionnality is enabled, please disable it.

In your case:

An anonymous user has successfuly connect to Qlik Sense
BUT, since he doesn't have a licence (Repository database message means that), no app was opened

Then, no security breach was exploited, but you really should disable anonymous access if you want to prevent this kind of access.

Kind reagrds

From Next Decision and me with love
This answer help you ? Like it ! Problem solved ? Mark it !

bela · ‎2024-05-16

Hi;

Thanks for your response.
Access to the QMC console level for the anonymous user is disabled, see below.



What about Externam Program Task? How can I check that there has been no external code execution?
I would like also to take advantage of your contribution to ask you where I could find the MAC address corresponding to the IP address of the Hostname ?

Thanks again.

K. BELA

mpc · ‎2024-05-16

Hi,

You can check in the Task section of the QMC if any external task is scheduled. Moreover, in the shceduler log you should see it.

To find the MAC address associated to the IP, I d'on't think it possible with Qlik Sense logs, but your network admin can do it easily.

From Next Decision and me with love
This answer help you ? Like it ! Problem solved ? Mark it !

bela · ‎2024-05-19

Hi;

Thank you for everything.

K. BELA

mpc · ‎2024-05-19

You're welcome !

From Next Decision and me with love
This answer help you ? Like it ! Problem solved ? Mark it !

Access was denied for User: 'NONE\anonymousxxxx'

Administration

Client Managed

Security