4 Replies Latest reply on Nov 13, 2018 6:59 AM by Toby Erkson

    Tableau Server with Local Identity Store + SAML + Kerberos Delegation

    shrikant.patil.2

      Hi,

      I have a little bit strange situation here. We have Tableau 10.3.0 Server on a Windows 2012 VM. Current setup is

       

      • AD Authentication with Automatic Login Enabled

       

      Now we have two new requirements

      1. Enable external user access to Tableau Server
      2. Enable Kerberos Delegation for Cloudera Cluster(Impala) access

       

      Till now, all the users were internal, present in the AD. These external users are not part of AD but are available in Oracle Unified Directory(OUD). My thought process is we can achieve this by

       

      1. Re-install the server and change the Authentication from Active Directory to Local
      2. Enable SAML to authenticate against OUD
      3. Enable Kerberos Delegation.

      So basically question is, can we setup the Server this way? If yes, will Kerberos delegation work for external users?

       

      I have logged a case with Tableau support to understand more but would highly appreciate if someone can shed some light on this topic if technically if this can be done.