Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
.png "Former Employee"){kind=icon}
QlikView provides two Authorization methods: NTFS and DMS.
For detailed information about the authorization methods, see the Qlik Online Help > Deploying QlikView > Security > Authorization
Summary:
- NTFS mode makes use of Windows file system security and all authorization information is stored on Windows file level. This means only Windows users can access the QlikView documents.
- DMS mode, on the other hand, allows for QlikView itself to store authorization information. Unlike NTFS, this allows non-Windows users and groups to be authorized.
- All authorization information for DMS mode is stored in the .META file, located next to the .qvw in the User Document file share/mount.
Example
In the below example, we use a Windows Active Directory Domain called domain.local with user User1.
The document we are providing access to is called Test.qvw. The file is stored in \\dc1\share\Front-end\UserDocuments and Everyone has been granted access in Windows file level access.
Enable DMS mode
! DMS mode can be restricted by the applied license. If the QlikView server is licensed with a Small Business edition LEF, a tag in the LEF will disable this authorization method. Contact your account manager for details on how to convert the license.
To enable DMS mode:
- Open the QlikView Management Console
- Navigate to System
- Setup
- Chose the applicable QlikView Server (QVS@hostname)
- Click on the Security tab
- Switch from NTFS to DMS mode
Set up the Directory Service Connector
Generally, QlikView does not synchronize users or store them in its own repository. QlikView will need access to a User Directory from which user information can be queried.
! The only exception is the Custom Directory, which stores user information and password (encrypted) on disk. See Implementing Custom Directory In QlikView Server.
In our example we use an Active Directory named domain.local. This can be a custom directory (Implementing Custom Directory In QlikView Server) or a Configurable ODBC/LDAP connection as well. Note that for Configurable ODBC/LDAP, a custom authentication module/method is required. This article does not cover the extra steps required for further customization.
Add Users and Groups to the QlikView document
Unlike with NTFS mode, authorization to documents is now being configured in the QlikView Management console.
- Open the QlikView Management Console
- Navigate to Documents (or Source Documents if the document is being distributed)
- Open the applicable QlikView Server folder (QVS@hostname)
- Select the QlikView document (.qvw)
- Select the Authorization tab
- Click the green plus on the right side of the screen.
- Select a User type. For our example we need Named Users
! All Users means Everyone. This is necessary for anonymous access.
! All Authenticated Users means everyone who is considered an authenticated user.
- Click the icon on the right.
- A new pop up will appear.
- Either Search for Users using the search interface and adding them by clicking Add > after selecting the user or group,
- OR manually define the user or group in the free text field at the bottom.
- Click OK
- Apply all changes.
- The users defined will now have access to the document in the AccessPoint, or when using the QlikView Desktop client and Open in Server...
