Enabling Kerberos Delegation for Denodo on Linux

Version 1

    Starting with Tableau Server 2019.1, Tableau Server supports Kerberos delegation with a Denodo data source.

     

    To use Kerberos authentication with a PostgreSQL data source, you need to do the following:

    • Configure Tableau Server for Kerberos Delegation. For more information see Configure Kerberos in the Tableau Help.
    • Enable Kerberos delegation in Active Directory (AD). For more information contact your domain administrator.
    • Configure environment variable PGKRBSRVNAME for Kerberos Delegation to Denodo. This is only required on Linux.

     

    Run the following commands on all nodes in the cluster.

     

    # Start a session as the unprivileged user. tableau is the default unprivileged user created by Tableau Server during installation.
    # You can specify your own unprivileged user as well.
    sudo su -l tableau
    
    
    sudo touch /var/opt/tableau/tableau_server/.config/systemd/tableau_server.conf.d/denodo.conf
    echo "PGKRBSRVNAME=HTTP" | sudo tee -a /var/opt/tableau/tableau_server/.config/systemd/tableau_server.conf.d/denodo.conf
    sudo chmod 744  /var/opt/tableau/tableau_server/.config/systemd/tableau_server.conf.d/denodo.conf
    
    # Restart all the control plane services
    systemctl --user restart tabadmincontroller_0
    systemctl --user restart tabsvc_0
    systemctl --user restart appzookeeper_0
    systemctl --user restart clientfileservice_0
    systemctl --user restart fnplicenseservice_0
    systemctl --user restart licenseservice_0
    systemctl --user restart tabadminagent_0