This video is part of the Qlik Fix Video series. If you found this video useful, check out the other Qlik Fix Videos.

This video demonstrates changes needed when moving Section Access from QlikView Documents to Qlik Sense Apps in both On-premises and SaaS editions of Qlik Sense.

Here is a link to more information in the Support Knowledge Base:

How to move Section Access from QlikView to Qlik Sense.

Video Transcript:

Hi and Welcome to Qlik Fix!
This video demonstrates how to move the Section Access authorization setup from a QlikView document to a Qlik Sense app in both on-premises and SaaS environments.

One key change needed is related to the system field NTNAME. This field is used for authorizing both Windows Users and Security Groups in the QlikView environment.
However, NTNAME is not supported in Qlik Sense. Instead, in order to authorize users and security groups the system fields USERID and GROUP need to be used respectively.
Notice that wildcards need to be added with this change. In Qlik Sense, the asterisk when used in the USERID and GROUP fields will match all possible users or groups.
For other system fields such as OMIT or fields used for Reduction, the rule is the same as in QlikView. Meaning the wildcard indicates all listed values in the Section Access table only.
The system field USERID behaves similarly in both environments when the QlikView system field PASSWORD is not included in the Section Access table.
Note that besides PASSWORD, the QlikView legacy system fields SERIAL, NTDOMAINSID, and NTSID are not supported in any Qlik Sense edition.
It is important to note as well that you cannot disable Strict Exclusion in Qlik Sense. The behavior defined by Strict Exclusion is always enabled by default in Qlik Sense.
Also, in order for scheduled reload tasks to work in QlikView with Section Access, the Distribution Service service account or a manually specified account in the task Reload configuration needs to be added in the Section Access table with ADMIN level access.
When moving these scheduled reload tasks to a Qlik Sense environment, the INTERNAL\SA_SCHEDULER account needs to be added with ADMIN level access instead.
In Qlik Sense SaaS however, this account is not needed in Section Access tables. Only the USERID for the account that has access to the app, data sources, and that is scheduling the reload.
The USERID value in Qlik Sense Enterprise SaaS corresponds to the IDP Subject field value seen here under the Management Console's User list.
Note that the system field GROUP is not supported in Qlik Sense SaaS. Only USERID is supported even when User Groups is enabled.
If performing binary loads, note that the access restriction inheritance is not supported in Qlik Sense SaaS. The Section Access data needs to be added manually in the App visualized by the end user.

Thanks for Watching!

Attached is a downloadable .mp4 video file for those who cannot view YouTube videos.

#QlikSupport

This video is part of the Qlik Fix Video series. If you found this video useful, check out the other Qlik Fix Videos.

This video demonstrates how to show the authorization table within a QlikView document containing section access. This can be very helpful when troubleshooting section access related issues.

Here is a link to more information in the Support Knowledge Base:

https://support.qlik.com/articles/000005589

Attached is a downloadable .mp4 video file for those who cannot view YouTube videos.

#QlikSupport

This video is part of the Qlik Fix Video series. If you found this video useful, check out the other Qlik Fix Videos.

This video explains what to be aware of when reloading QlikView documents that contain section access on a QlikView Server/Publisher.

Here is a link to more information in the Support Knowledge Base:

https://support.qlik.com/articles/000068677

Attached is a downloadable .mp4 video file for those who cannot view YouTube videos.