-
1. Re: Accessing Server Through Desktop Using SAML
jordan.bunkerMay 5, 2014 9:11 AM (in response to Jeff Bloomfield)
Hi Jeff,
Since Tableau Server configurations can sometimes be a bit tricky, I recommend contacting our Support Team (support@tableausoftware.com) so they may work with you to troubleshoot and determine what is causing the issue.
Cheers!
- Jordan
-
2. Re: Accessing Server Through Desktop Using SAML
Jeff Bloomfield May 8, 2014 11:19 AM (in response to jordan.bunker)Thanks Jordan, I did submit a ticket on Monday but haven't heard back from support yet, and as of right now have no way of logging into Tableau Server from Desktop. In looking in the logs it appears that the authentication to the idP is failing, and I don't know if it is because we are using AD authentication that I am not getting the option to manually enter my credentials.
Here is the log file from Tableau Desktop (asterisks are mine) :
2014-05-08 08:16:17.775 (-,-,-,-) 2c30: Starting AsyncTask for SessionID: -.
2014-05-08 08:16:17.800 (-,-,-,-) 2c50: NetworkReply::sslCtxCallback: failed to add certificate '****-EARTH-CA' from store 'Root'
2014-05-08 08:16:17.800 (-,-,-,-) 2c50: NetworkReply::sslCtxCallback: failed to add certificate '****-HT-CKDCNT02-CA' from store 'Root'
2014-05-08 08:16:18.320 (-,-,-,-) 2c30: WorkItemSetComplete: 0x00000000157dac50
2014-05-08 08:16:18.320 (-,-,-,-) 2608: Action: Getting data from server SubAction: Getting data from server Status: Completing request... Observers: 0
2014-05-08 08:16:18.321 (-,-,-,-) 2608: GetCookieContents failed for an unknown reason.
2014-05-08 08:16:18.452 (-,-,-,-) 2608: Unexpected payload component size: [1]
2014-05-08 08:16:18.454 (-,-,-,-) 2608: WorkgroupConnection::SAMLAuthentication: URL - https://myreporting.mysites.com/auth/login?datetime=2014-05-08T13:16:18.454000Z&format=xml&language=en&authenticity_token=VGG5UWgX5Ti6ekmQ**********JQ9HOmc4SLsqEBQnc=&full_keychain_key=a4a4876074f9a547d68fdf2**********9bfd33177d31ca7429bc5c29cb90fc04d73dd1b2e59233ad3a8d720d95c233**********72bc5d739880453449c0f20
2014-05-08 08:16:18.454 (-,-,-,-) 2608: WebAuthenticationDialog::obtainAuthToken: from (https://myreporting.mysites.com/auth/login)
2014-05-08 08:16:18.581 (-,-,-,-) 2608: SSL Errors:
2014-05-08 08:16:18.581 (-,-,-,-) 2608: [1] The issuer certificate of a locally looked up certificate could not be found
2014-05-08 08:16:18.581 (-,-,-,-) 2608: [2] The root CA certificate is not trusted for this purpose
2014-05-08 08:16:18.581 (-,-,-,-) 2608: [3] No certificates could be verified
2014-05-08 08:16:18.725 (-,-,-,-) 2608: SAMLAuthenticationHelper::determineAuthState : access pending
2014-05-08 08:16:18.853 (-,-,-,-) 2608: NetworkAccessException: type=ContentReSend, request url=[https://login.mysites.com/Samlp/Tableau/Login]
2014-05-08 08:16:20.518 (-,-,-,-) 2608: WebAuthenticationDialog::obtainAuthToken: access declined
2014-05-08 08:16:28.941 (-,-,-,-) 2608: WorkItemCreate: 0x000000001558b460, 0x00000000157da4d0
2014-05-08 08:16:28.941 (-,-,-,-) 2608: AsyncTaskSvcExecute: 0x00000000157da4d0
-
3. Re: Accessing Server Through Desktop Using SAML
Matt LuttonMay 8, 2014 12:04 PM (in response to Jeff Bloomfield)
Jeff Bloomfield wrote:
Thanks Jordan, I did submit a ticket on Monday but haven't heard back from support yet...
Someone recently posted about an excellent response from Tableau Support, and they mentioned they received phone calls from two separate parties at Tableau.... how does that happen (getting someone on the phone)?
-
4. Re: Accessing Server Through Desktop Using SAML
jordan.bunkerMay 9, 2014 11:54 AM (in response to Jeff Bloomfield)
Thanks for the update Jeff!
I checked in on the support case that you created, and you should be receiving a phone call from support soon.
Matt, to answer your question, Tableau Support has been experimenting with a new process where every customer who opens a support case will receive a call, even if just to verify that the issue in the case is understood. This process is still in the trial stage, so some people may receive phone calls first, while other may receive emails.
Hope that answers your questions!
- Jordan
-
5. Re: Accessing Server Through Desktop Using SAML
Shawn Wallwork May 9, 2014 12:07 PM (in response to Matt Lutton)That someone was little ol' me. I think it was a great way to be contacted (and heard) by Tech Support. Looking back the one 'mistake' I made was a little too chatty. If this is going to work we should all make an effort to keep it short, so they can get through their call lists quicker. Then they're more likely to move this from trials to the way they do business, which I personally hope they do.
Cheers,
--Shawn
-
6. Re: Accessing Server Through Desktop Using SAML
Olga Yazovskaya Jan 7, 2016 4:28 PM (in response to Jeff Bloomfield)Hi Jeff,
I am having the same issue with 9.1.2 desktop and same version of the server. Was your issue resolved?
Thanks in advance
-
7. Re: Accessing Server Through Desktop Using SAML
Pierre-Antoine Marc Apr 27, 2016 8:53 AM (in response to Jeff Bloomfield)Hi Jeff,
We're facing a similar issue with Tableau Desktop. How did you solve yours?
Any help would be appreciated on this
Regards,
Pierre-Antoine
-
8. Re: Accessing Server Through Desktop Using SAML
sreeverdhan potavathri May 12, 2016 3:06 PM (in response to Jeff Bloomfield)Have you tried the below steps?
When signing into a SAML-enabled server via Desktop,
ife you apply "tabadmin set wgserver.authentication.desktop_nosaml true", Desktop users will should not be prompted for SAML authentication to the server -- they will sign in as if SAML is not enabled.
- On your primary server, open command prompt
- Go to bin directory
- Run command "tabadmin set wgserver.authentication.desktop_nosaml true"
- Run command "tabadmin config" (to make sure configuration files are applied to all servers in cluster)
- Run command "tabadmin restart" (to restart Tableau Server)
-
9. Re: Accessing Server Through Desktop Using SAML
Pierre-Antoine Marc May 19, 2016 9:49 AM (in response to sreeverdhan potavathri)Hi,
We did those steps to make Desktop work, but this is not a valid solution for us. We need Desktop to be secured through SAML so we don't have to handle user passwords manually.
-
10. Re: Accessing Server Through Desktop Using SAML
Eileen Keck Oct 26, 2017 9:34 AM (in response to Pierre-Antoine Marc)did you come up with a better solution - I believe it is the certs need a common name - I am working on it now but now 100% sure. I realize this post is old but hoping you worked through this solution.