At this late date, I'm figuring that you have either found the answer or given up. ;-)
I am in the middle of trying to make this work, i.e. adding users or groups from another domain with a two-way trust with Tableau's domain, but I'm not able to make it work. I'm going to start a new thread on this topic to see if I can get any advice from other admins out there, because Tableau support is very, very slow right now.
Thom, please include a link here pointing to your new thread.
I'm a neophyte server admin but regarding the first paragraph by John, yet that does work as I have successfully done it twice.
"If I am understanding it correctly, then Tableau Server provides the ability to authenticate users from different domains while it is configured to active directory authentication on a single domain. So even though the configuration points to one domain, I can still add users from different domains?"
Answer is Yes. It is possible and we have done that. After adding first user, Tableau will be pointing to first domain A. Now if you want to add user from domain B, you need to provide fully qualitfied name of the user. e.g. user1@B
It worked for us. Hope it helps!
I know this is an ancient thread - but I'm having trouble finding clear information in the Tableau Documentation, or on the forums for exactly how to implement this, so I'm hoping you can point me in the right direction since you mentioned that you have successfully done this.
I have set up a Tableau Server with Active Directory authentication, configured on the same domain as the Windows host server. I need to add users from a second domain - my question is: How do I actually add the second domain?
- On the 'General' tab of the Tableau Server Configuration Utility there is only a single box each for 'Domain' and then 'Nickname'. I have the primary domain information entered here, and I have been able to successfully add users from this domain.
- In tabcmd, when I run 'listdomains' it shows the 'localhost' and then the primary domain.
- The 'edit domain' command only seems to be for editing existing domains. I don't see any spot to add another domain.
I've read through the articles linked below, but none of them seem to spell out where you actually enter or add an additional domain. The KB articles briefly mention using the FQDN for the addtional domain the first time you add a user from there, but I have not had any success with that either. It seems like I'm missing some piece of the puzzle here. Any help would be appreciated.
Tamas Foldi - maybe this is a question you could help with?
I was doing some research online to see if it is still not possible to mix authentication using a blend of AD accounts and native-Tableau user accounts. Looks like not.
But I came across your inquiry and it doesn't appear to be answered. This is certainly outside my area of expertise--I'm predominantly a Tableau Developer and I only dabble in Tableau Server Administration.
Hopefully you aren't still in the dark on this, but I figured I'd comment for posterity.
That said, your network/IT team would first need to establish two-way trust with a new domain and the domain hosting Tableau Server. Only then will Tableau Server be able to "see" the other domain. We frequently acquire other companies and live through this all the time. We have about 6 domains that are "friendly" and others that aren't yet--which means we can't add AD users from those domains to Tableau Server yet.
Are you sure two-way trust has been established between the domains? If it has been, you should be able to just add the Fully Qualified Domain Name\username via tabcmd, the console on Tableau Server, or via the Tableau Server web interface.
Hope that helps.