KNOWLEDGE BASE

Tableau Server on Linux fails to Communicate with Active Directory After Upgrading to Tableau 2021.2


Published: 19 Feb 2021
Last Modified Date: 25 Mar 2021

Issue

After upgrading to Tableau Server 2021.2, Active Directory group sync and user provisioning fail, and if Tableau Server is configured to use Active Directory for username/password authentication, user authentication also fails.

Environment

  • Tableau Server on Linux 2021.2 and later
  • Active Directory configured with simple bind 

Resolution

Option 1 (recommended):

Install the SSL certificate for Active Directory server into Tableau trust store, following the process shown at LDAP over SSL.


Option 2 (if unable to install the certificate):

Disable the setting via
tsm configuration set -k wgserver.domain.ldap.starttls.enabled -v false

Note: In order to avoid any degraded functionality by Tableau Server, you can apply the tsm configuration prior to upgrade to 2021.2 with the “force keys” command:

tsm configuration set -k wgserver.domain.ldap.starttls.enabled -v false –force-keys
 

Cause

Tableau Server on Linux 2021.2 and never versions have a new default way to communicate with Active Directory where StartTLS will be attempted for any LDAP connections from a Linux client to AD regardless of whether an ssl port has been set.

Additional Information

Note: This new key will be available in 2021.1, but will only be enabled by default starting in 2021.2.
 
Did this article resolve the issue?