Install & Configuration - 40% Flashcards
What are the installation steps?
- Check for: OS, hardware, accounts (Administrative should have permission to install; Run As account?), IIS and port 80, AD domain, drivers
- Download the Server file
- Run the file. Follow on-screen instructions to set-up and install the app.
- Enter in Product Key, activate, and register
- Restart Tableau Server
What is the path to install?
C:\Program Files\Tableau\Tableau Server
What gateway port should be used?
80 (often also used by Internet Information Services/IIS)
What are the authentication options?
Active Directory Trusted Tickets Guest Account Local authentication SAML Kerberos
What’s the difference between AD and local auth?
Local authentication works only for Tableau Server, and the admin will have to create usernames and assign passwords. AD is a company-managed authentication service that integrates with many other corporate applications. You cannot switch between options later.
Describe the impact of the automatic login option.
Enabling automatic login means that Microsoft SSPI will automatically sign users in based on their Windows credentials. Similar experience to SSO.
Not compatible with SAML, trusted authentication, or proxy server.
How do you set up SSL?
- Get an Apache SSL certificate from a trusted authority and import the certificate files into Tableau Server (C:\Program Files\Tableau\Tableau Server\SSL)
- Open the Server Config dialog > SSL tab
- Select “Use SSL for server communication” and provide location for these three files: SSL certificate file, SSL certificate key file, SSL certificate chain file (only required for Mac and Mobile)
- Changes will take effect next time Server is restarted
- -bonus: SSL can only use port 443. can’t work anywhere else.
What are best practices for installing a single machine environment?
idk
What are:
a) the three caching options in the config dialog
b) the differences between them
c) the reasons you might choose one over the others
a) refresh less often, refresh more often, balanced
b) Less often: Data is cached and reused whenever it’s available, regardless of when it was added to the cache
Balanced: data is removed from cache after a specified number of minutes. After removal, a new query will be issued.
More Often: database is queried each time the page is loaded. Dumps cache after user reloads the page.
c) Less Often: use when data isn’t changing frequently, potentially to improve performance
More Often: when users always need to see the most up-to-the-minute data
bonus - these are on the Data Connections tab
How do you apply process distribution?
- Stop Tableau Server
- Open Server Config dialog. Enter password. Go to Servers tab.
- Highlight the machine and click Edit. (Must have at least one instance of: backgrounder, active data engine & file store, and repository.)
- Ok > OK
- Restart Tableau Server.
How do you configure email alerts and subscriptions?
- Server config utility > Alerts and Subscriptions tab
- Select check boxes.
- For alerts: check the SMTP Setup tab. The email address you specify there will be the one that receives alerts.
How do you configure SSL?
Place SSL cert and key files on every computer that’s running a gateway process.
What are the 3 optional customizations, and how do you configure them?
- Change Name or Logo (tabadmin)
- Language and Locale (Server UI, either for the server or for the user)
- Custom fonts (install on computers that run Server, and that connect to Server)
What are the 7.5 Site configuration options?
- Set storage limit
- Who can add and remove users (only server admins, or site and server admins)
- 5 Limit number of site users
- Web authoring
- Subscriptions - also custom ‘from’ address and custom footer
- Allow perf recording
- Save a history of revisions
- Create offline snapshots of favorites (mobile only)
What are the user quota restrictions?
If site admins are allowed to add users, you can specify how many users they can add to the site.
Who can add users?
Either Server admins only, or both site and server admins (you can edit per site)
Explain storage quota restrictions.
Workbooks, extracts, and data sources all consume storage space on the server. If you set a server limit and the site exceeds it, publishers will be prevented from uploading new content until the site is under the limit again.
How do you enable site subscriptions? How do you edit them?
Site tab > Settings. You have to make sure Subscriptions are enabled in Server config first.
Describe the 3 Project configurations options
- Set permissions for project
- Set default permissions for content
- Lock content permissions
Describe the Group and User config options
Group: Local or AD
User: Local or AD; site roles; site membership
What are your options to add users at the license level?
Unlicensed, Viewer, Interactor
What are your options to add users at the Admin level?
System Admin, Site Admin, None
What are your options to add users at the Publisher level?
Allow or Deny
How do you import users? Describe for both AD and local.
AD: in a site, import group from Active Directory
Local: CSV file (username, password, full name, license level, admin level, publisher permissions, email address)
Describe the security configurations for the Site level?
- Only users added to the Site can see it
2. Can determine permissions for site users
Describe the security configurations for the Project level?
Edit permissions per user or group on projects. Can lock permissions to project so that publishers can’t override them.
Describe the security configurations for the Group level?
You can set content permissions for a group within a project.
Describe the security configurations for the User level?
You can allow Users to inherit default permissions from their group, or you can allow/deny individual users. Check permissions for a user by navigating to content, clicking permissions, and typing in a username in the check permissions box
Describe the security configurations for the enable/disable guest user level?
Can only be enabled/disabled by Server Admin, from Server tab > Settings > General
Describe the security configurations for the Data Source level?
Admin can set permissions at the data source level
Describe the security configurations for the workbook level?
Do not show tabbed views if your workbook uses sheet-level security, because publishing a workbook with tabbed views overrides sheet-level security.
Describe the security configurations for the SAML level?
- Put cert files in C:\Program Files\Tableau\Tableau Server\SAML
- Open Server Config dialog > SAML tab
- Provide location for: TS return URL, SAML entity ID, SAML cert file, SAML cert key file
- Click button to Export Metadata File
- Save it (TS’s SAML settings) as an XML file
- Go to your external identity provider’s (IdP’s) website and Add Tableau Server as a Service Provider. IdP should use username as the attribute element to verify
- Within your IdP, export your IdP’s metadata XML file
- Copy this file to the folder path in Step 1
- Put the file path in the Server Config dialog > SAML tab > SAML IdP metadata file
Describe the system permission composition?
I know what all the different permission types mean.
Permissions are determined in the following order: Server > Site > Project > Workbook/Data Source > Sheet
Name 3 ramifications of permission design.
- User permissions (when explicitly defined) trump group permissions.
- Can’t set permissions at the site level - assigned to resources only.
- For each content item, every site user is automatically included in All Users group. If Server is in a sharing-oriented environment, set permission rule for All Users in Default project to Publisher, so users can publish and consume content from new projects. If Server is in a control-oriented enviro, set permission rule for All Users in Default Proj to role of None. Then add explicit permissions for groups/users to specific projects.
Describe the differences between Allow v Deny v Inherit
Inherit: Permission is inherited from the group, not explicitly defined
Allow: grants access
Deny: user/group NOT authorized
What is the Tableau Security Model?
decision tree flowchart:
User Denied? > User Allowed? > Group Denied? > Group Allowed?
What 4 types of events will trigger an alert email?
- data engine, repository, gateway server processes stop or restart
- Primary Server stops or restarts (note: for single-server installations, no “down” alerts are sent)
- Failover events (only for distributed installations)
- MUST CONFIGURE FIRST - When unused drive space drops below a specified threshold (warning and critical)