-
1. Re: User addition automation to the site from the Active Directory
Donna Coles
Feb 27, 2018 5:33 AM
Hi Yashu
When you say the permission is being overwritten, what it is being overwritten from? If the existing permission is viewer and the default is now interactor, then overwrite is expected according to this article: Import Users
If this isn't the reason, then to help you further, it might be worthwhile you indicating
- what version of Tableau server you're using
- what the actual command line you're trying to run/have tried to run
Donna
-
2. Re: User addition automation to the site from the Active Directory
Hello Donna,
When I say the permission is overwritten I mean Site Role "Publisher" is over written with "Instructor" role. As I mentioned I would like to automate the process so instead of adding users manually any new user who is added to the Active Directory will automatically be added to the Tableau.
I am using Tableau 10.5 version.
tabcmd createusers "E:\Scripts\User_List\Active_Employee_Usernames.csv" --role "Interactor" --no-complete
tabcmd addusers "All Users" --users "E:\Scripts\User_List\Active_Employee_Usernames.csv" --no-complete
I am using this command in the script.
Regards,
Yash
-
3. Re: User addition automation to the site from the Active Directory
Donna Coles
Feb 27, 2018 7:19 AM
Hi Yash
So since Publisher is a higher role than Interactor, this sounds like there may be a bug in the process. It isn't something I do, so I can't test for you - we have users fully sync'd to the AD via security groups, so use the inbuilt sync job on the server to manage users. We've had no issues with this, though are stil using v10.1.1 so can't comment on v10.5 behaviour. I've had a look on the known issues page ( Known Issues | Tableau Software ) and there isn't anything obvious there either.
I suggest your next step is to open a support case with Tableau directly who can investigate further.
If you do this, please report back with an update.
Regards
Donna
-
4. Re: User addition automation to the site from the Active Directory
Hello Donna,
Yesterday I opened the support case with Tableau but haven't heard anything back from them. I tested with 10.3 and same behavior is noticed there as well. Do you have any suggestion how to automate the process to load the Active Directory users every day? My ultimate goal is to add user automatically when they got created in Active Directory.
Regards,
Yashu
-
5. Re: User addition automation to the site from the Active Directory
Donna Coles
Feb 27, 2018 7:39 AM
Hi Yash
A long time ago I wrote this article Automatically sync Tableau groups with the AD about automating the sync process when using AD groups (rather than csv). At the time of authoring the sync was somethign you had to initiate manually. Since v10, the schedule can be managed via the server UI, so this document was reducndant for me.
However, it does contain info on the process we set up to manage it and the powershell script that contains the commands. I imagine you could do something similar to automate the csv import automatically too, tho note the comment from Keith who looks like he may have used this info to do something with a csv file.
Hope that helps a bit.
Donna
-
6. Re: User addition automation to the site from the Active Directory
Hello Donna,
That is what I am doing but Instead of syncing Group I am creating users inside the Tableau, but the problem is when I pass the parameter (doesn't matter create user or syncgroup) I have to assign the role and the minimum role is -interactor. Here is what I am using in batch file.
@echo off
set mypath="C:\Scripts\Misc\Get_EncryptedPassword.ps1"
set encrypted="C:\Scripts\Misc\encrypted_password.txt"
for /f "delims=" %%a in ('powershell . %mypath% %encrypted% ') do set pass_word=%%a
tabcmd login -s https://server.name.edu -u username -p %pass_word%
tabcmd createusers "c:\Scripts\User_List\Active_Employee_Usernames.csv" --role "Interactor" --no-complete
tabcmd addusers "All Users" --users "F:\Scripts\User_List\Active_Employee_Usernames.csv" --no-complete
tabcmd logout
Regards,
Yashu
-
7. Re: User addition automation to the site from the Active Directory
Donna Coles
Feb 28, 2018 12:17 AM
Hi Yashu
Your original post raised an issue with users' roles being overwritten (ie a publisher being reset to interactor). I've suggested you raise that with Tableau Support as that doesn't appear to be expected behaviour based on the current help documentation.
Note - I've just found this thread tabcmd createusers in 10.2 which suggests there have been changes in behaviour to the csv import since v 10.2 due to a security issue. This may or may not be of relevance.
You then, as a second question, asked about how to automate the job, and I've provided you with a suggestion. Your tabcmd createusers line doesn't appear to be wrong based on other examples of this I have seen.
I think I've done as much as I can to help you progress this.
Regards
Donna
-
8. Re: User addition automation to the site from the Active Directory
Hello Donna,
Thanks for all your responses. I hope Tableau can resolve this important issue as quickly as possible and in the meantime provide the alternate to resolve this issue.
Regards,
Yashu
