7 Replies Latest reply: May 30, 2009 1:35 AM by Rob Wunderlich RSS

    Users / Publisher

    Thom Mumaw

      Hello all. I am new to QlikView/Publisher. I am having problems when distributing documents. If a user lets say "Joe" signs onto look at his documents he should see only "Joe's" documents. The problem is he is seeing everyone's documents and can access everyone's documents. I am using AD, and we have created a test group with only a few users in it. How can do I use Publisher Enterprise to accomplish this.

      Thanks
      Thom

        • Users / Publisher

           

          Thom try

          Open the application in the qlikview Developer and click settings then Document Properties and then goto Opening tab then select

          Initial data reduction based on Section access and save and run it should work for you

          Talha

          • Users / Publisher
            Rob Wunderlich

            Thom,

            It sounds like you are missing something in the setup or concepts. When you say "Joe signs on", do you mean Joe is accessing the AccessPoint screen? Or the the "Open in Server" function?

            Are you using Publisher to distribute documents to the QVS or the AccessPoint directory?

            -Rob

              • Users / Publisher
                Thom Mumaw

                Thanks guys. What has happened was I set (initial data reduction based on selection access), then checked strict exclusion. When users were accessing the application from AccessPoint they were being prompted for their userid/password. I remove the data reduction and strict exclusion and all is well. Thanks for your help. I am new to this Qlikview application, I have only been using it for about 3 months.

                • Users / Publisher
                  Thom Mumaw

                  Rob,

                  Have you used Publisher Enterprise and Active Directory together to control what people see? If so, did you have to extract the data from active diretory into a csv file and then take it into the model? if not, how? Im lost.

                  Thanks

                    • Users / Publisher
                      Rob Wunderlich

                      Yes, I am using Publisher Enterprise and AD to control content. It's easy, and no extract of AD data required.

                      There are multiple ways to control document access. By "document access" I mean:
                      1. What documents the user can see in a document list like "Open in Server" folder listing or Access Point screen.
                      2. What documents a user may actually successfully open.
                      3. What data the user can see once they get the document open, ie, all data or reduced data.

                      There are a number of ways to control the above.

                      1. Section Access. Has no impact on document list. Can control who can open document. Can reduce data. Security data must be defined in the document. Correct doument options set for reduction.

                      2. Windows File permissions. May limit document list . Will limit who can open document. No data reduction. No security data defined in the document.

                      3. DMS. No comment because I have not used it.

                      4. Publisher Distribution. Will limit document list . Will limit who can open document (by applying WIndows Persmissions). Data reduction possible. No security data defined in the document.

                      At my site, we user Publisher Distribution for everything. We do no Section Access at all. Most of our documents are distributed un-reduced. That is, everyone that can open the document sees the same data. We specify the AD userids and/or Groups in the DIstribution Task and those are the only users who will see and be able to open the document.

                      A few documents are reduced, and for that we use Publisher Reduction.

                      Back to your original problem -- You are using Publisher, and "Joe" can access everyone's documents. Joe should be able to open any document for which he has Windows Read permission. The permissions associated with any given document are set to whatever users and groups are selected in the Recipient section of the Publisher Distribution Task for that document. So if the recipient lsit is set to your test AD group, only members of that group should be able to see and open that file. Is that what you are seeing or something different?

                      If it's not working as you expect, check the WIndows permissions on the distributed file and see if they are what you would expect.

                      I'm off for a week. If you have more questions maybe someone else can pick up the thread.

                      -Rob