My previous post TABLEAU SERVER AND CLOUD SECURITY (7/10): ALL USERS GROUP talks about detection and deletion watch dog scripts that will remove any permissions using All Users group. The scripts runs hourly and will remove the permissions and then send email alert to content owners. It is an enforced Tableau server policy although it does have a few exceptions (like some server admin owned dashboards are excepted).

The scripts helped a lot permission mistakes/cleanup. However from time to time, server admin team still got emails from user community :

User feedback : Why I see this dashboard, I have nothing to do with it….

It is not about All Users group anymore but due to workbook permissions granted to a very large group….

Now the issue is more about user education and department access management policy. However I wanted to do something about it as server admin. What we came up with is Large Group Permission Management alert – Another watch dog program that will send auto email alert to content owners if they used group with members more than 1,000 users (or whatever users make sense for your org):

The logic used is very similar as All Users group detection. The key difference is that All Users group permission will be removed once detected, while this large group is a reminder only and will not remove large group from the permission at all.


Source link

Be the first to comment

Leave a Reply

Your email address will not be published.