Qlik Community

Security & Governance

Discussion board where members can learn more about Qlik Sense deployments which are governed and self-service.

Announcements
Now Live: Qlik Sense SaaS Simplified Authoring – Analytics Creation for Everyone: READ DETAILS
cancel
Showing results for 
Search instead for 
Did you mean: 
e_petrasevicius21
Partner - Contributor III
Partner - Contributor III

Security evaluation performance with large Active Directory

Hi, All,

We noticed that running large scale environment with 2000+ users and about 50-60 streams, Repository service starting to be bottle neck in the the system - long response time on HUB noticed first. (Stream cache bust takes about 40s to load)

Secondly we noticed that users brings in up to 900 attributes and only 5-20 of them are related to Qlik. It means that rest (880) attributes are not related to Qlik but still synced to DB.

As we have security rules based on User attributes this cause performance issues (long evaluation time). Is there any way to import only Qlik related groups - example with starting prefix QLIK_* -> then security evaluation will take less time due to check will not be performed on all 900 groups.
 
As it is noticed in Qlik Help - User attributes are sync during log in to HUB - so even if we remove unused groups directly from Repository DB Qlik will sync attributes again and we cant do nothing about it. This limitation does not seems to be related to UDC or Ldap filters, but it is Global Qlik pattern - as RnD says "Works as Design".
 
Could you please share your experience about such case - maybe anyone found out workarounds?



Labels (2)
0 Replies