Server Upgrade - Review What's Changed

This topic includes a list of important product changes in Tableau Server, beginning with version 2018.3 . The changes described in this topic may impact the upgrade process itself, or they may impact functionality after you have upgraded. Read these changes carefully and make note of the changes and remediation steps that you'll need to take. Include these remediation steps as part of your upgrade process or post-upgrade configuration plan.

This list is cumulative, so if you are upgrading from an early version (for example, 2018.3), read the list of changes for every version between your version and the version you are upgrading to.

This topic does not include all of the new features that have been added in each release. To develop a more robust verification and testing plan, we recommend that you also review new features before you upgrade. To see all of the new features, by release, see What's New and Changed in Tableau Server.

Tableau Server Release Notes(Link opens in a new window) | Known Issues(Link opens in a new window)

Changed in 2021.3

Version 2021.3 includes the following changes you should know about before upgrading.

Python package is installed with Tableau Server

Beginning with Tableau Server 2021.3, The Tableau Server Setup program installs a Python package. Python will be used by future advanced analytics features. If you cannot or choose not to install Python with Tableau Server, you will not have access to any future features that require Python. For more information on how to opt out of installing the Python package, see the /skippythoninstall switch in Install Switches and Properties for Tableau Server.

Backup behavior changed

Beginning with Tableau Server 2021.3, when you run a backup of Tableau, the backup job skips any files that are newer than the start time of the backup job. This change impacts extract refreshes that run after the backup has begun. These will be skipped during the current backup. Other impacts to customers should be minimal except a reduction of the size of some backup files.

Tableau Server no longer supports Windows Server 12 or Windows Server 12 R2

Beginning with version 2021.3, in keeping with Microsoft's Windows Server support policy, Windows Server 12 and Window Server 12 R2 are no longer supported operating systems for Tableau Server. This change was originally scheduled to begin with version 2021.1 but was delayed until version 2021.3. For details of the announcement, see the Tableau Blog(Link opens in a new window).

For more information about supported versions of Windows, see Operating system requirements.

Tableau Server no longer supports Internet Explorer 11

Beginning with version 2021.3, we are ending our support for Internet Explorer (IE) for accessing Tableau Server. Tableau Server is fully compliant with Chrome, Firefox, Safari and Edge. For details of the announcement, see the Tableau Blog(Link opens in a new window).

For more information about supported web browsers supported by Tableau Server, see Tableau Tech Specs(Link opens in a new window).

SP-initiated SLO support for site-specific SAML

In addition to supporting service provider (SP)-initiated single log out (SLO) for server-wide SAML, Tableau Server supports SP-initiated SLO for site-specific SAML beginning with Tableau Server 2021.3. For more information about SAML configuration and requirements, see SAML Requirements.

 

Changed in 2021.1

Version 2021.1 includes the following changes you should know about before upgrading.

Change in default behaviour for snapshot backups

Note: If you have both External File Store and External Repository enabled and use scripts to do backups, this can potentially result in not having a backup of the repository.

Beginning with Tableau Sever 2021.1, if you have both External File Store and External Repository enabled, the Tableau Server backup process no longer includes creating a backup file of the repository by default. If you are upgrading from a version earlier than 2021.1, and you have scripts to run or schedule your backups, and want to continue to include the repository backup, see Option 1: Include Repository in the Backup.

SHA-256 hash algorithm enforced for SAML assertions with IdP

Beginning with Tableau Sever 2021.1, Tableau Server will hash message signatures and digests with SHA-256 in SAML assertions to the IdP. To change this behavior, see wgserver.saml.sha256.

New SAML configuration keys

Beginning with Tableau Sever 2021.1, Tableau Server includes three new SAML configuration keys:

  • wgserver.saml.blocklisted_digest_algorithms:Specifies the digest algorithms that are not allowed as part of certificates used in SAML configuration or for signing SAML assertions. When set, assertions that are signed with a blocklisted algorithm will fail and certificates containing a blocklisted digest algorithm will fail. We recommend blocking the SHA-1(SHA1) algorithm. Before blocking SHA-1, confirm that your SAML certificates digest algorithms are not SHA-1, and that your SAML IdP does not sign messages with SHA-1.

  • wgserver.saml.min.allowed.elliptic_curve_size: Specifies the minimum elliptic curve size required for ECDSA certificates that are uploaded and configured for Tableau Server. If Tableau Server is configured with an ECDSA certificate that does not satisfy this minimum curve size, Tableau Server may go into a degraded state. If you attempt to upload a certificate that does not meet the minimum curve size, Tableau Server will reject the certificate. We recommend a minimum curve size of 256.

  • wgserver.saml.min.allowed.rsa_key_size: Specifies the minimum key size required for RSA certificates that are uploaded and configured for Tableau Server. If Tableau Server is configured with an RSA certificate that does not satisfy this minimum key size, Tableau Server may go into a degraded state. If you attempt to upload a certificate that does not meet the minimum key size, Tableau Server will reject the certificate. . We recommend a minimum key size of 2048.

In future releases of Tableau Server, these keys will be configured with secure minimum defaults, as specified in the recommendations above. In future releases, if your SAML configuration is not configured with the minimum requirements, SAML functionality or upgrade may fail. In the meantime, we recommend that you update your SAML configuration to be in compliance with the recommendations above.

Client and CA certificates used for mutual SSL must meet minimum security requirements

Beginning with Tableau Server 2021.1, Tableau Server configured for mutual SSL authentication will enforce secure certificate requirements.

Client and certificate authority (CA) certificates used for mutual SSL must either have an RSA key strength of 2048, or ECDSA curve size of 256.

Tableau Server will fail mutual authentication requests from client certificates that do not meet these requirements.

Additionally, upgrade of Tableau Server will fail if the certificate authority (CA) certificate that is configured for mutual SSL does not meet these requirements.

Improvements to JVM maximum heap size scaling for Tableau Catalogue ingestion and elastic server

Beginning with Tableau Sever 2021.1, JVM maximum heap size scales automatically for Catalogue ingestion and elastic server. For more information, see noninteractivecontainer.vmopts and elasticserver.vmopts.

Old notifications do not appear in new notifications centre

When you upgrade to Tableau Server 2021.1, old notifications will not appear in the new notifications centre. All existing email notifications will continue. To continue tracking older notifications, make sure the server setting for Notifications for Extract Jobs and Flow Runs is enabled before upgrading. For more information, see What's New and Changed in Tableau Server.

 

Changed in 2020.4

Version 2020.4 includes the following changes you should know about before upgrading.

SHA1 certificates disabled for SSL mutual authentication

Beginning with Tableau Server 2020.4, Tableau Server configured for mutual SSL authentication will block authentication of users with client certificates that use the SHA-1 signing algorithm.

Users who attempt to log in with SHA-1 client certificates encounter an "Unable to sign in" error, and the following error will be visible in the VizPortal logs:

Unsupported client certificate signature detected: [certificate Signature Algorithm name]

If the clients in your organisation are connecting to Tableau Server using SSL mutual authentication and the clients are using certificates with the SHA-1 signing algorithm, then you must perform one of the following actions before upgrading:

  • Update the certificates used by your clients. The certificates must use the SHA-256 (or stronger) signing algorithm, or
  • Disable the SHA-1 blocklist before upgrading to Tableau Server 2020.4. To disable the blocking functionality, run the following TSM commands before you upgrade:
    tsm configuration set -k "ssl.client_certificate_login.blocklisted_signature_algorithms" -v ""

    Note that the value (-v) includes an empty set of quotes to specify a null value.

    For more information about how to reset this value after you have updated client certificates, see the Knowledge Base article, Mutual SSL Fails After Upgrading if Certificates Signed with SHA-1(Link opens in a new window).

For more information about why this change has been implemented, see the Tableau Community post, Retiring Default Support for SHA-1 Signed Certificates Used During Mutual SSL Authentication in Customer-Managed Tableau Server 2020.4(Link opens in a new window), and the National Institute of Standards and Technology policy statement, NIST Policy on Hash Functions(Link opens in a new window).

wgserver.domain.whitelist config key has been deprecated

Beginning with version 2020.4, the wgserver.domain.whitelist configuration key has been deprecated. Use the new key, wgserver.domain.accept_list to specify allowed domains.

All functionality of the older key has been transferred to the new key. As of 2020.4.0, existing installations configured with the old key will not be impacted, and the key can still be used, but you must include the --force-keys option when setting the key, and the key will be permanently removed in a future release. For all new configurations, use wgserver.domain.accept_list instead. For more information about the new configuration key, see wgserver.domain.accept_list.

CPU requirement update

Beginning with version 2020.4, Tableau Server requires all nodes to have CPUs that support SSE4.2 and POPCNT instruction sets. These CPUs have been common for more than 10 years and are installed on most newer computers. If you attempt to install or upgrade Tableau on a computer that does not support these instruction sets, the installer will not allow you to continue.

Checkpoint Upgrade for Tableau Server

Version 2020.4 of Tableau Server includes updates to the upgrade-tsm script that give you the ability to rerun the script when an upgrade fails. The script keeps track of successful progress, and when you rerun the script after an upgrade failure, restarts at the latest successful "checkpoint". This saves time because successful steps do not need to be repeated on rerunning the script. As a first troubleshooting step, rerun the upgrade-tsm script. Doing this can result in a successful upgrade if a momentary environmental problem or timing issue caused the initial failure.

Checkpoint upgrades also give experienced IT professionals the option to further troubleshoot the failure, and make corrections (for example, if there is a problem with disk space, or a permissions issue on a particular file or directory) before rerunning the upgrade script. For troubleshooting details, see Upgrade fails on 2020.4.0 or later.

PostgreSQL upgrade

Version 2020.4 of Tableau Server includes a major-version update of the PostgreSQL database used for the Tableau repository. During the upgrade a temporary pgsql-only backup is created and this increases the length of time the upgrade takes as well as the amount of temporary disk space used.

If you have External Repository configured, before upgrading your Tableau Server to 2020.4, you must make sure you are using PostgreSQL version 12 or later. For more information, see Upgrade Tableau Server with External Repository for a New Major Version of PostgreSQL

Visual improvements to user, group, and site dialogs

The 2020.4 release adds visual updates to administrator menus and dialogs to make managing users, groups and sites easier in Tableau Server.

Changes to default JVM heap size for Tableau Catalogue ingestion

Beginning with Tableau Server 2020.4, the default JVM heap size for Catalogue ingestion is determined by and then scales based on system memory. To review the default values for Catalogue ingestion, see noninteractivecontainer.vmopts.

Changed in 2020.3

Version 2020.3 includes the following changes you should know about before upgrading.

Data Acceleration for Workbooks that use the Object Model Framework

Administrators can now also enable data acceleration for workbooks that use the Object Model framework. See Data Acceleration.

Changed in 2020.2

Version 2020.2 includes the following changes you should know about before upgrading.

Analytics extensions (external service) connections must be reconfigured

Tableau supports a set of functions that your users can use to pass expressions to analytics extensions for integration with R and Python. Previously, this feature was referred to "external services". 

In previous versions of Tableau Server, the analytics extensions configuration applied to the Tableau Server global configuration and was administered with TSM.

Beginning with version 2020.2, you can configure a different analytics extensions connection for each site. Administration of the analytics extensions connection has moved out of TSM and to Tableau Server administrator. Additionally, configuring an analytics extensions connection no longer requires a restart of Tableau Server.

However, if you have configured Tableau Server with an analytics extensions connection, then you must reconfigure that connection after you upgrade Tableau Server to version 2020.2.

Before upgrading, document the existing analytics extensions configuration. On previous versions (2019.1-2020.1) you can run the tsm security vizql-extsvc-ssl list command to list the existing connection details. To retrieve the password that is stored for the analytics extensions connection (if any), run the following tsm command:

tsm configuration get -k vizqlserver.rserve.password

After you have upgraded, configure the analytics extension connection. See Configure Connections with Analytics Extensions.

Oracle data source connections require updated driver

Beginning with version 2020.2, Oracle data sources use a new JDBC driver. You must download and install this driver on Tableau Server to enable existing content relying on Oracle connections to properly display. Until this driver is downloaded and installed on Tableau Server, existing content will not display or refresh. Follow the instructions on the Driver Download(Link opens in a new window) page to get and install the new driver. For details on the changes and how they impact Tableau authors, see Oracle(Link opens in a new window) in the Tableau Desktop and Web Authoring Help.

WDC behaviour change if Run As service account has admin group privileges

Beginning with version 2020.2, because of changes to the QTWebEngine component used by Tableau Server, if you use Web Data Connectors (WDCs) and Tableau is configured with a Run As service account in a local administrators or domain administrators group, you may run into problems using WDCs. Our recommendation has been and continues to be to use a domain User account for the Run As service account. This is a good security practice.

For more information on possible issues, see the Tableau Knowledge Base(Link opens in a new window). For details on suggested best practices when creating a Run As service account, see Creating the Run As service account.

Tableau Resource Monitoring Tool Updates

The Startup Values of some TSM services have changed

Beginning in maintenance versions, the startup values of several TSM services have been changed from "Automatic" to "Automatic (Delayed Start)" to help address some occasional issues in timing. This change should not have a significant impact. Services affected: Tableau Server Administration Agent, Tableau Server Administration Controller, Tableau Server Client File Service, Tableau Server Coordination Service, Tableau Server Licence Manager and Tableau Server Service Manager.

If you are running an older version of Tableau Server you can leave the startup values as they were originally configured ("Automatic"), but updating them to the new values ("Automatic (Delayed Start)") will not negatively impact Tableau Server. For more information about service startup values, including the specific maintenance releases where this change took place, see Verify Tableau Service Settings(Link opens in a new window) in our current documentation.

Changed in 2020.1

Version 2020.1 includes the following changes you should know about before upgrading.

Tableau Server no longer supports Windows 7 or Windows 2008

Beginning with version 2020.1, in keeping with Microsoft's Windows Server support policy, Windows 7 and Window 2008 are no longer supported operating systems for Tableau Server.

For more information about supported versions of Windows, see Operating system requirements.

tableau-server-obliterate script now preserves backup and log files

In previous versions of Tableau Server, running the tableau-server-obliterate script deleted all content from the Data directory. Beginning with version 2020.1, the default behaviour of the tableau-server-obliterate script has changed: the script copies and saves Tableau Server backup and log files to the logs-temp directory. The default location for the logs-temp directory is at \ProgramData\Tableau\logs-temp. You can set options on the script to disable this new functionality.

See Remove Tableau Server from Your Computer.

Improvements to the tsm topology deploy-coordination-service command

Beginning with version 2020.1, the command to deploy a new coordination service ensemble waits for the ensemble to be properly deployed and removes the old ensemble before returning control to the command prompt. This simplifies the process for deploying a new coordination service ensemble and eliminates the chances of continuing on with other commands or actions before Tableau Server is properly configured for the new ensemble. You no longer need to run the tsm topology cleanup-coordination-service command after deploying a new ensemble in version 2020.1.0 and later.

Note: With this change, all coordination service ensemble commands require input for a "y/n" prompt confirming that a server restart will take place. To run these commands without input, include the --ignore-prompt option.

For more information about deploying a coordination service ensemble, see Deploy a Coordination Service Ensemble.

Large statistical file extracts consume system resources

Beginning with Tableau Server 2020.1, a change to the Statistical File (SAS) library may cause large SAS-based extract refreshes to fail. The following connection error will be visible in the backgrounder logs, along with spikes in system memory consumption.

"exceeded per-process memory threshold"

To work around the issue, run the following TSM commands after upgrading Tableau Server:

tsm configuration set -k features.ReadStat -v false
tsm pending-changes apply

For more information and steps to work around the issue in Tableau Desktop, see the Knowledge Base article, Large Sas File Extract Refresh Failed And Huge Memory Consumption Observed After Upgraded Tableau Server To 2020.3.1(Link opens in a new window).

Changed in 2019.4

Version 2019.4 includes the following changes you should know about before upgrading.

Tableau Server installer has been rewritten

The 2019.4 release of Tableau Server features a newly rewritten Setup program for Tableau Server.

This update changes some of the command line switches and options available for the installer. If you have automated the installing or upgrading of Tableau Server, be sure to review the current command line options for the Server Setup program. See Changes to Command Line Install Options for Tableau Server Setup for more information.

New tabcmd installer for Windows

The 2019.4 release of Tableau Server features a newly rewritten Setup program for installing tabcmd on Windows.

This update changes some of the command line options. If you have automated the installation of tabcmd, be sure to review the current command line options for the tabcmd Setup program. For more information, see tabcmd and Install Switches and Properties for tabcmd (Windows)

Updates to Tableau Server Job management

The Job management page has several updates and new options including the following:

  • The Jobs page now includes Average Run and Average Queue time information for each job.

  • Improved job cancellation experience. Server and Site admins can now enter customised notes as well as pick recipients of the email when cancelling a job.

  • More information is provided in the job detail dialog box, such as: the last time the job was run successfully and the name of the job creator.
  • Cancelling flow run jobs is now supported. Previously, in Tableau Server version 2019.3, only extract refreshes and subscriptions were supported.
  • New Task Type has been added: Encryption jobs.

  • Failed jobs now includes jobs that have been suspended. Suspended jobs are a sub-status of the failed jobs and have their own icon to distinguish them from other failed jobs.

For more information, see Managing Background Jobs in Tableau Server.

Updates to tsm maintenance cleanup command

The tsm maintenance cleanup command now includes an option to clear the image cache.

In addition, the --verbose option has been removed from the command. Running the command with the --verbose option will result in an error. If your organisation has automated task using the tsm maintenance cleanup command with the --verbose option, update your automation scripts.

Changed behaviour for Copy Link when sharing a view

Beginning with version 2019.4, the behaviour of the Copy Link option of the Share button in a view no longer includes the "embed=y" parameter by default. To include this parameter you need to edit the copied URL before adding it to your web page code. For more information sharing views by embedding them in web pages, see Embed Views into Webpages(Link opens in a new window) in the Tableau Desktop and Web Authoring Help. For details about the parameter, see URL parameters for iframe tags(Link opens in a new window) in the Tableau Desktop and Web Authoring Help.

Changed in 2019.3

Version 2019.3 includes the following changes you should know about before upgrading.

Default cipher suite no longer includes default support for old ciphers

The 2019.3 version of Tableau Server no longer includes default support for Triple-DES, IDEA and CAMELIA ciphers for SSL connections. These ciphers are no longer considered adequately secure. In the previous versions of the Security Hardening Checklist, we included a recommendation to disable the Triple-DES cipher, which was enabled by default.

Depending on your environment, you may need to make additional configurations before our after upgrading:

  • If you disabled the Triple-DES cipher as documented in the Checklist, then we recommend running the following commands before you upgrade to 2019.3:

    tsm configuration set -k ssl.ciphersuite -d

    tsm pending-changes apply

    This command reverts Tableau Server to the 2019.2 (and older) default cipher suite configuration. After you have upgraded to 2019.3, Triple-DES, IDEA and CAMELIA will be removed from the default supported ciphers.

    Do not run the command if you made other changes to the ssl_ciphersuite key.

  • If you did not change the ssl_ciphersuite key, then Setup will update the key value to the new default as part of the upgrade process. The new default value for the ssl_ciphersuite key is HIGH:MEDIUM:!aNULL:!MD5:!RC4:!3DES:!CAMELLIA:!IDEA:!SEED.

  • If your users still require support for Triple-DES, then we recommend upgrading to more recent browsers that support more secure ciphers. If that is not an option, then you can run the following commands after you have upgraded. The first command sets the ssl_ciphersuite key to the pre-2019.3 configuration, which supports Triple-DES:

    tsm configuration set -k ssl.ciphersuite -v "HIGH:MEDIUM:!aNULL:!MD5:!RC4"

    tsm pending-changes apply

Usage data is sent to Tableau

Beginning with Tableau Server 2019.3, server usage data is sent to Tableau by default. This is the case for new installs and upgrades. You have the ability to opt out during installation, upgrade or at any time after Tableau Server has been installed. For more information about usage data, see Server Usage Data.

To disable the sending of server usage data:

  • If you are installing Tableau Server for the first time, you can disable this feature during the configuration of initial node settings. For details, see Configure Initial Node Settings.

  • If you are upgrading Tableau Server, the upgrade-tsm script will let you know about the option and how to disable it.

  • If you want to have installed or upgraded Tableau Server and want to disable the sending of server usage data, you can do this from the TSM Maintenance page, or from the command line. For details, see Server Usage Data.

Upgrade without needing to provide a password

Beginning with Tableau Server 2019.3, when you upgrade from version 2019.2 or later, the upgrade-tsm script no longer requires you to specify a user and password. Version 2019.3 and later take advantage of the What's New and Changed in Tableau Server feature and uses the account you have logged in as to authenticate the upgrade. You can override this behaviour with the --user option, to specify an administrative user. When you do this, you can also provide a password using the --password option, or enter a password when prompted. Upgrades from versions earlier than 2019.2.0 will still prompt you for a password.

Some tsm command options are no longer configurable

Beginning with Tableau Server 2019.3, the following options are enabled on install and are no longer configurable:

  • backgrounder.enable_sort_ jobs_by_job_rank
  • backgrounder.enable_task_ run_time_and_job_rank
Changed in 2019.2

Version 2019.2 includes the following changes you should know about before upgrading.

Minimum hardware requirements have changed

Beginning with version 2019.2, Tableau Server requires a minimum of 4 cores and 16 GB of RAM in order to install. The installation program will check that the computer you are installing on satisfies these minimums before you can install. If the computer does not meet these hardware minimums, Tableau cannot be installed. For details, see Minimum Hardware Requirements and Recommendations for Tableau Server. For more information about this change, see this Tableau blog post: Updated machine requirements for Tableau Server trials.(Link opens in a new window)

Upgrade requires at least 15% free disk space on each node

Upgrading to version 2019.2 includes a version update to the PostGRES database that Tableau uses internally. This update means that a backup of the database is done before upgrading, and that requires a minimum of 15% free space on each node.

"Referrer-Policy" HTTP header added

Beginning in 2019.2, Tableau Server includes the ability to configure Referrer-Policy HTTP header behaviour. This policy is enabled with a default behaviour that will include the origin URL for all "secure as" connections (policy no-referrer-when-downgrade). In previous versions, the Referrer-Policy header was not included in responses sent by Tableau Server. This change is not likely to impact user scenarios for most browsers. However, we recommend testing browser-based user scenarios after you upgrade to 2019.2. In the event a user scenario is effected, you can disable or change this header behaviour. See HTTP Response Headers.

Map-related internet addresses have changed

Beginning in 2019.2, Tableau Server needs access using port 443 to two new map locations: 

  • mapsconfig.tableau.com
  • api.mapbox.com

These replace the address used by previous versions: maps.tableau.com. For details on configuring Tableau Server for proper internet access, see Configuring Proxies for Tableau Server.

Changed in 2019.1

Version 2019.1 includes the following changes you should know about before upgrading.

High-resolution thumbnails

In version 2019.1 and later, workbooks and views use higher resolution thumbnails. When you upgrade to Tableau Server version 2019.1 or later, the Backgrounder runs the Enqueue Thumbnails Upgrade job and the Upgrade Thumbnails job, which refreshes thumbnails for any views that have not been edited or published since Tableau version 2018.2 and converts them from low resolution thumbnail images (192 x192 pixels) to high resolution thumbnail images (300 x 300 pixels), as shown in the figure below.

When the Upgrade Thumbnails job refreshes the thumbnail images, the modified date of the view is changed to match the thumbnail update date. The Upgrade Thumbnails job does not change the modified date of workbooks when it updates the contained view's thumbnails.

Thumbnails may appear blurry until the Upgrade Thumbnails job is complete. Depending on the number of workbooks you have, this could a few minutes to a few hours. You may also notice that thumbnail images may appear in low resolution for up to a week after upgrading to Tableau Server 2019.1. For more information, see Upgrade Thumbnails Job(Link opens in a new window).

Project card images

In version 2019.1 and later, project card images will not appear on the project card unless they are added as the last item in the project description and encapsulated with ! (exclamation marks). For more information, see Add a Project Image(Link opens in a new window).

Changed in 2018.3

Version 2018.3 includes some changes you should know about before upgrading.

Connecting to secondary trusted Active Directory domains may result in error

A secondary domain is one that Tableau Server connects to for user synchronisation, but is a domain where Tableau Server is not installed. Tableau Server will attempt to connect to secondary domains for user and group synchronisation. But in some cases, Tableau Server will be unable to connect to the secondary domain, which will result in the error, "Domain not in allowlist (errorCode=101015)".

Setting the wgserver.domain.whitelist option in TSM is required by a fix for the security vulnerability, [Important] ADV-2020-003: Tableau Server Forced Authentication(Link opens in a new window). As of February 2020, the fix for this vulnerability is included in all latest versions and maintenance releases of Tableau Server. See wgserver.domain.allowlist.

Floating worksheet captions become transparent

To make a floating caption visible again, content authors will need to change the caption background to a colour.

Changes to some Data Engine tsm configuration set options

Two new configuration tsm set configuration options have been added: hyper.hard_concurrent_query_thread_limit and hyper.soft_concurrent_query_thread_limit

The new options replace the hyper.num_job_worker_threads and hyper.num_task_worker_threads options available in Tableau Server versions 2018.3 and earlier. The hyper.num_job_worker_threads and hyper.num_task_worker_threads have been deprecated and will no longer work in 2019.1 and later.

SSL Off-loading and SAML

Beginning with version 2018.3, Tableau Server validates SAML response message returned from the IdP. If your organisation terminates SSL connections from the IdP at a proxy server before sending the authentication request to Tableau Server, then users may be unable to login with SAML after you upgrade from 2018.2.

In this scenario, SSL is "off-loaded" at the proxy server, which means the https request is terminated at the proxy server and then forwarded to Tableau Server over http. Since SSL is off-loaded at the proxy, Tableau Server will validate with the protocol that it receives (http), but the IdP response is formatted with https, so validation will fail unless your proxy server includes the X-Forwarded-Proto header set to https. See Configure Tableau Server to work with a reverse proxy server.

Continue to Server Upgrade - Gather Configuration Details.

Thanks for your feedback!