Find Answers
Qlik Community
Collaborate with over 60,000 Qlik technologists and members around the world to get answers to your questions, and maximize success.
Join Us
Contact
Find Answers
Join Qlik Community
Collaborate with over 60,000 Qlik technologists and members around the world to get answers to your questions, and maximize success.
Join Us
Get Support
Have a Question?
Search Qlik's Support knowledge database or request assisted support for your highly complex issues.
Submit a Case
Talk with a Representative
Critical Issues
Experiencing a serious product issue? Please Contact us by phone. Click here to view phone numbers and hours by region.
Contact UsWelcome Guest
Installed Qlik Products
My Environments
Log your environments to ensure faster and more targeted troubleshooting.
View Available Licenses
My Licenses
Understand your licenses to help you maximize your experience.
Knowledge
X509N Bad User Name - Login Falures
Article Number: 000052410 | Last Modified: 2019/03/01Description
X509N(Bad or Unknown user) is trying to access the Server and getting failure message being reported to DNS server.
Environment:
Qlik Sense November 2017
Server
Other products using Domain Controller
Note: Image above was taken from a domain controller.
The domain controller will record two failure events with event ID 4768, Task Category "Kerberos Authentication Service". Account name for these entries will be "X509N:<S>CN=QlikClient".
Environment:
Qlik Sense November 2017
Server
Other products using Domain Controller
Note: Image above was taken from a domain controller.
Cause
Windows Event logs are detecting "Kerberos" when the Qlik Sense is running. When secure communication is set up between Qlik Sense services (for instance the Repository and the Engine), the connecting service will provide a certificate titled QlikClient to identify it self as a Qlik service. When the server accepts this certificate it will ask Windows to authenticate it. As the certificate is not by default tied to any real Windows entity (user or computer), this authentication will trigger logon failure log entries in the Windows security event log.
Resolution
Workaround
- Set "EnableDotNetWebSockets" in the app.config file (C:\Program Files\Qlik\Sense\Repository\Repository.exe.config) to true.
- If the Qlik Services are running using a non local administrator account then bootstrapping needs to be run after the changed configuration. The fix is not supported by Windows 7.
Fix Version
Fixed in Qlik Sense September 2018! This was investigated as a defect, and a fix was included in Qlik Sense September 2018. For up to date information, please review the most recent Release Notes, or contact support with the ID QLIK-87774 for reference.
Get Answers
Find Answers
Get Support
Have a Question?
Search Qlik's Support Knowledge database or request assisted support for highly complex issues.
Submit a case
Talk with a Representative
Critical Issues
Experiencing a serious issue, please contact us by phone. View phone numbers and hours by region.