When you publish something to the server, you can edit firstly the permissions, but also add user filters to the file.
I've attached a few links that you might find useful.
Let me know how you get on!
About user filters; User Filtering
An idea of how they operate: User Filters and Row Level Security | Tableau Software
How to create one: How to Create a User Filter
About web editing and your data server: Securing User Filters for Web Editing and Data Server | Tableau Software
I want the new users to be blind as to everything else on the server. If I tried to handle this via publishing and user filters, I would need to republish the other 199 reports on server to exclude the handful of people in the new group. That'd take a long time to do, even with tabcmd.
What I'm looking to do is to identify the simplest way to restrict this new group from seeing the 199 reports and allow them to see the 1.
If I'm understanding you correctly, Joe then you're looking for a solution to only allow a certain group of users to see one area of your server? Then I think it could be a permissions solution - I think this article by the Information Lab might help, http://www.theinformationlab.co.uk/2014/06/11/understanding-tableau-server-permissions/ as it has a really habody flowchart.
I hope this helps and that I've understood you better this time!
Are you having projects or publishing all the reports in defaults project? Assuming you are doing that, the simplest way would be to create a new project, publish the required report that the new user have to access to that project and remove the access for the default project for the new user and grant him access for the new project you created.
This would not be the right solution as you will have to setup Role based access and make use of projects and worksheets to assign to groups.
You would have to create "Projects" in Tableau and limit the users by applying project level permission. Only users who are assigned to the projects will be visible and accessible to them. You can create Tableau Local Groups or you can even use AD Groups if your server is AD authenticated.
Please refer http://onlinehelp.tableau.com/current/server/en-us/help.htm#permissions_projectbased.htm for more detailed information.
When you apply project level permossion, you can actually delete "all users" or select "None" from the dropdown to limit access and allow only users belonging to the AD Group or individual users who need to access the report. Please see the screenshot.