I have no experience with this. Sounds like a local authentication scenario is necessary on the Tableau Server. However, I don't understand what is needed and what is not working.
1 of 1 people found this helpful
Your core issue is that you need to support two types of authentication: SSO *AND* Local Authentication.
There is no setting that lets "some" users (but not others) log-in locally but "other" users only login via SSO. This setting is "all or nothing".
Why can't you just create VERY, VERY complex passwords for the user accounts which will be used by SSO people? You could make the passwords so long and complex that no person in their right minds would even attempt to use them in the Tableau Login page. In fact, if you make them long, complex, and then don't GIVE the passwords out TO the SSO users, Wouldn't that solve your problem?
The only thing you'd need to check to see is if an SSO user who logs in can go into the Preferences screen and modify their password back to something "easy".