I have not set um site SAML for Tableau with the IdP CA Stieminder, but I do have some experience troubleshooting various SAML issues. Would you be able to provide some more detailed information on what is being experienced. The Tableau Community or myself may be able to offer some suggestions for resolving the unexpected behavior.
When and where in the login process does this occur? Signing in from a browser?(what browser was used) Signing in from Tableau Desktop?
What was the unexpected behavior, did a sign in screen appear? was it blank? any detailed information you can provide would be helpful.
Do any error messages appear when configuring or when attempting to login? (Screen shot of the error message, including the 'Show Details' information (if available) )
Hopefully I will be able to point you in the right direction!
Thanks, Patrick! Trying to set up site SAML on 10.3 has been a perplexing adventure.
Clients are signing in from a browser, via their company's corporate SSO system. Different configuration tweaks on the Tableau site cause different results, but at this point the person trying to log in is getting "invalid user id or password", and we suspect that we need a SAML attribute with the attribute name of "username" and content would be the login id (username) on Tableau Server. We have a support case open with Tableau (03480131).
We have requested this new attribute, and are waiting for new metadata from the client. Then it will either work... or we'll restart troubleshooting, and at that point I will gladly take your offer.
Sorry for the delay in my reply. I am happy to hear our awesome Technical Support team is on the case. I hope that the new attribute resolves the issue.
Another common issue that occurs with a SAML configuration on Tableau Server is having mismatched authentication or session ages between the Tableau Server and the SAML IDP.
Hope this helps!
1 of 1 people found this helpful
Sometimes SSO and Tableau mapping are not in sync so you can configure your SSO to pass the username as Tableau expects it.
Mapper Type: User Property
Friendly Name: glid
SAML Attribute Name: oid:user
SAML Attribute NameFormat: Basic
tabadmin set wgserver.saml.idpattribute.username: Subject
Just an update. We're still trying. After many iterations, it seems that the current problem is that Tableau Server is not able to populate the target site id.
At this point, failure seems to be within reach.