Impersonate with a Run As Service Account
Impersonating via a Run As service account is the recommended way to perform impersonation. The Run As service account is an Active Directory user account the Tableau Server service can run under on the machine hosting Tableau Server
To set up impersonation with a Run As User account:
When you configure Tableau Server during installation, select Active Directory as the identity store and specify the user account with IMPERSONATE permission as the Run As service account. See Configure Initial Node Settings.
If you installed Tableau Server with the identity store configured to use Active Directory, then you can set the Run As service account after you have installed. See Change the Run As Service Account.
Create a workbook in Tableau Desktop. When you create the data connection, select Use Windows NT Integrated security for the workbook's live connection to a SQL Server database:
In Tableau Desktop, publish the workbook to Tableau Server (Server > Publish Workbook).
In the Publish dialog box, click Authentication, then in the Authentication dialog box, select Impersonate via server Run As account from the drop-down list:
Click OK.
Test the connection by signing into Tableau Server as a user. When you click a view, you should not be prompted for database credentials and you should only see the data the user is authorised to see.