1 Reply Latest reply on May 27, 2017 12:53 AM by SANDIP SHARMA

    Restrict Schema Access When Connecting to Oracle

    Mark Planas

      Hello,

      I'm trying out Tableau for the first time to evaluate before rolling out further, and not sure whether this is an issue or not, but when I connect to our Oracle server, I seem to be able to access all schemas on the server through Tableau. I shouldn't have access to all the schemas, as I do not have rights to all of them, but I'm able to view and extract such data anyway when connected. My concern is that if someone were to install Tableau Desktop and connect to our Oracle server, they would have access to data that they shouldn't have. We do plan on deploying Tableau Server which would address these restrictions, but we have some users who do have local admin rights and our concern is that they could install a rogue copy and view confidential data. My question is - when connecting to an Oracle database would someone who is able to login view every schema by design, or is there something I'm missing here (whether it be on the Oracle side or Tableau side) that I should be doing so I wouldn't be able to access all these schemas?

        • 1. Re: Restrict Schema Access When Connecting to Oracle
          SANDIP SHARMA

          HI Mark,

           

          Nothing to do with Tableau side. What ever user / password you are passing have all the rights on all the schema. Better way to keep data sensitivity, create an user which should have rights to the relevant data sources or schema with read only permission.

           

          Best Practices: Since Tableau Desktop and Server are designed in same way so better is to have control on one hand or one team who should have rights to created extract and publish rights of extract on server with embed password.

           

          And let other users to connect with published extract rather giving privilege on oracle.

          Rest you are the best judge of your data and approach.