1 of 1 people found this helpful
I'm not sure I totally understand the question but here is what I know:
Tableau Server does not store any passwords for users synced through Active Directory. Instead, Tableau Server reaches out to the Active Directory domain for authentication whenever a user needs to log in. Active Directory will confirm or reject a user's credentials which then tells Tableau Server if it's okay to proceed.
I hope this answers your question,
Thanks for your response. I've also found the following:
Enable automatic logon, which uses Microsoft SSPI to automatically sign in your users based on their Windows username and password.Enable automatic logon, which uses Microsoft SSPI to automatically sign in your users based on their Windows username and password.
Has anyone had the "Enable automatic logon" work? I have a environment where I must install Tableau Server in another domain from where the AD users are; but there is a trust relationship defined between the two AD domains.
The auto logon doesn't seem to work.
Haven't had too many issues with Automatic Logon turned on.
In situations where you have the user logging in from multiple (trusted) domains, only the domain\account logon which has been defined for the user within Tableau Server will work.
For access from the other domain to work, the user can login manually with their (1st domain) credentials or you'll need to add the 2nd domain\account on Tableau Server as well. Note that this will create another separate user profile for that person, which probably isn't what you want.
Let me make sure I understand. I'm not sure you got the complete scenario:
In DomainA I have Tableau Server installed because I must have it as a separate island. My users are all defined in DomainB that will log in. DomainA and DomainB have a trust relationship. I have set up Tableau Server (in DomainA) set up to get user/groups from DomainB. Even with "Enable Automatic Logon" checked a user in DomainB attempting to access the Tableau Server URL is eventually presented with a login page (it seems like it times out). If the DomainB user enters the credentials they log in fine. I was expecting that the DomainB user would not have to log in to Tableau Server-that the SSPI would work fine because of the trust relationship.
Interesting, you may want to run that one via Tableau Support.
I would actually expect that to work with automatic logon.
I put in a ticket with Tableau Support. Tableau Server has not been tested in the domain configuration I have to work in where our server is in a separate trusted domain from the users. Domain A has the users. Domain B has my servers and the Tableau Server. Domain A trusts Domain B.
They added this as a feature request and closed the ticket.