Qlik Community

Ask a Question

Support Knowledge Base

Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team

Announcements
Qlik Highlights 2020 Giveaway! Watch, reply and have a chance to win a $200 Amazon Gift Card! Watch Video

Qlik Sense repository service fails to start due to error " 'SeSecurityPrivilege " error

Digital Support
Digital Support

Qlik Sense repository service fails to start due to error " 'SeSecurityPrivilege " error

Qlik Sense and the repository fails to start with the error below and the repository service shuts down causing the Qlik Management Console (QMC) and HUB to not be accessible.

 

When accessing the QMC you will also see this error:

"error message"An error occurred: Initialization of Qlik Management Console failed for the following reasons:"

The following if registered in the logs found under "C:\ProgramData\Qlik\Sense\Log\repository\trace\<servername>_system.log"

or

Fatal exception The process does not possess the 'SeSecurityPrivilege' privilege which is required for this operation. "


Environment:

  • Qlik Sense Enterprise, all versions

 

Resolution

 

Option 1:

  1. Press the Windows logo key + R to open the RUN dialog box.
  2. Type gpedit.msc in the text box, and then click OK or press ENTER.
  3. Go to  Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment
  4. Find Manage auditing and security log
  5. Double-click on it.
  6. Add the "Administrators" group or at least the Qlik's service account. 
  7. Hit "Ok"
  8. You can either Force a GP update or restart the machine. (restarting is preferable)
  9. Force GP update : Open CMD as admin > Type gpupdate / force > press enter > new line will prompt once it is finished. 
  10. Stop/Start the Qlik Services Manually. Manual Start and Stop order of Qlik Sense services



Option 2: 

Available only on Qlik Sense September 2018 release and newer)

  1. Edit the file C:\Program Files\Qlik\Sense\Repository\Repository.exe.config
  2. Set DisableAutomaticBootstrap to true.
  3. Restart the Qlik Sense services.

 
Option 3:

 

Cause:

The "SeSecurityPrivilege" is a user assignment group policy that translates to "Manage auditing and security log" ( read more: https://technet.microsoft.com/en-us/library/dn221963(v=ws.11).aspx

Normally the local administrator group is a part of this group policy, and where the service account is also a part of the local administrator group.

Qlik Sense uses a function in the .NET Framework to setup access control lists (ACL) for the Qlik Sense certificate’s private key (so that it can be read by members of the “Qlik Sense Service Users” group. This function requests “AccessControlSections.All” which includes access to the audit section which in turn requires the 'SeSecurityPrivilege' privilege. However Qlik Sense does not use this function to modify anything besides the ACL, i.e. we do not update any auditing policies. The 'SeSecurityPrivilege' privilege is only required for the user running the bootstrap mode and could even be removed after this step is completed.

Labels (1)
Version history
Revision #:
4 of 4
Last update:
‎2020-12-04 03:41 PM
Updated by: