Currently on Alteryx it is possible to add visibility of a subscriptions scheduled workflows to all members of that subscription.
What we would quite like is for the ability to turn on or off the ability to edit workflows within that subscription for all members.
As in if a member goes on leave, or leaves the company, or is ill, other members can edit, update and cancel the scheduled workflow as needed without needing to go through an admin for it.
As an Admin, I would like to be able to see, from the Gallery, a single place where the history of workflows that have been run is displayed. Right now I can only see workflows running or queued. I would like to be able to look back at past executions and see status, runtime, errors, etc.
This data is currently available in Designer on our Alteryx Server. But right now our system is just one environment. I'm not sure if when we expand to multiple Gallery and Worker machines where I will have to look for workflow history.
Also, Workflow schedules can only be seen in Gallery, and not Designer. So it would be nice to have everything in one place.
We have several clients that operate in a Multi-Forest environment due to mergers and acquisitions. Currently with Alteryx Server the only option we can offer them is to use Built-In authentication. A lot of corporate and particularly finance institutions prefer a single sign on approach and utilise Windows authentication to do this.
Would it be possible to add support for Multi-Forest organisations into Server to support organisations going through mergers and acquisitions?
This would really benefit us in selling Server in to organisations with complex structures and reduce friction in publishing or preparing workflows.
We have installed Server on Azure VM and have looked into options such as a replica AD Domain Controller in the Azure environment for authentication, however, we would like to have Server authenticated using Azure AD.
As the Server Admin I'd like to have the ability to view ALL "Workflow Results" for all Subscriptions.This will give the highest level admin the ability to monitor all schedules (on the entire server instance) and monitor if they are unable to complete successfully (example- unable to allocate memory) and any other errors are occurring.
Knowing this information will help the server administrator understand if there are issues with the server itself (e.g. if we need more workers or to simply adjust actual server system settings..etc..)
We have the Local License Server installed. Right now, if a Designer user changes roles, or leaves the company, they have to release their license from their client-side machine. If they don't release it properly, and IT can't get us into their machines, then we have to wait 7 days for that license to roll off the server. There should be a way for a system admin to forcefully revoke someone's license.
Now, gallery does not support AD group , need to setup user one by one.
If gallery support AD group synchronization, it is more convenient for gallery admin to manage large number of users.
By assigning AD users to AD group, it will reduce the maintenance task of gallery admin, since gallery admin don't need to grant rights in the gallery directly.
Given the need for administrators to be able to perform analysis and monitoring on server performance; user usage etc - it is necessary to provide full documentation for both the API and the database underlying the server so that admins can use this to good effect.
Although very limited documentation is available on the server API (https://gallery.alteryx.com/api-docs) what we're looking for is a much more fully formed and navigable experience like some of the examples below.
This will make building helper processes substantially easier; as well as allow admins to fully manage their environment.
I work at a large organization where Security and Privacy are of utmost importance. The ideology that we need to follow is Least Privilege and Need to Know.
We (Curators) do not want all the Artisans to publish workflows to Home Page, either knowingly or unknowingly. We however do want to allow a few power users to publish their work in Home Page, but currently the Gallery does not provide the ability to pick and choose who can share workflows publicly. We are educating users to not share any contents publicly, but as we scale up, it will be difficult to manage and govern this.
I'm suggesting to implement a global Yes/No feature that will Enable/Disable Artisans to publish contents in Home Page (just like the way we have for Jobs/Scheduling feature). Further, in Users section, Edit User setting needs to have a Yes/No button that will allow Curators to let certain Artisans place workflows in My Company's Gallery.
Organizations that never want any workflow to be shared publicly can disable this feature using global Yes/No button. Organizations (like the one I work at) that want to enable this only for certain Artisans, can set the Global Yes/No to No, and then in Users tab, they can pick and choose the Users that need this functionality (which will override the global default). Finally Organizations that do not really care about this functionality can just set the global setting to Yes.
Hoping other organizations find value in this functionality as well. Thanks.
With Version 2018.3, you removed the Autodetect SMTP button, and with it, have rendered the Email Tool virtually useless for many people, which is a shame because it is a critical tool for some of us to share reports produced in Alteryx.
In requiring an SMTP path, there are a host of authentication issues that need to be addressed, and we can't seem to figure out how to configure the path and From emails properly to allow the tool to work without errors.
My only solution at this point is to rollback to 2018.2 so I can continue to use the Email tool.
Please address this so we can use the tool as before, or provide the necessary configuration options to allow for proper authentication with popular email services (Gmail, etc.)
This idea covers 2 things:
- Disabling certain tools for users
- Pushing out other tools
- If we want to disable a particular tool for everyone or for specific users - then we need to go to every single deployed machine and adjust settings or delete some DLLs.
- What we would need is to be able to take a user / group of users - and de-select certain tools or apply limits
- In our corporate environment - every designer needs to check in with the server before fully starting up. If it cannot connect to the server, it needs to terminate gracefully
- As the designer logs in - the first negotiated conversation is "What tools and capabilities and standard default settings should I have"
- If a useful tool is brought into our environment (like the JIRA connector here: https://gallery.alteryx.com/#!app/JIRA-Connector/58d87c2feffc2a0dd0b5ed8f or the CREW macros) - we want to be able to push these out to all the users
- Again - every designer checks in with the server first
- Then negotiates tools
- then downloads any missing tools or updates new versions of existing tools.
This kind of central server capability is essential in any enterprise deployment of several hundred seats.
Please Enable OAuth 2.0/OpenID Support for Alteryx Server & Connect. Currently, it supports only AD , SAML .
Current SAML has limitations, Unable to import Security groups from LDAP/AD if SAML is enabled.
Right now, if you are using Windows Authentication, you can map AD group and users on the Permissions and Collections tab. But for some reason, you can't use AD groups on the Data Connections tab. Most of our databases are already secured by in-house AD groups in which you have to be a member in order to access that database. Instead of managing a 2nd, most likely duplicate, list of users in the Data Connections tab I would like to be able to map the pre-existing AD group to that data connection. That also means I don't have to service access requests. If someone wants access to a database, they talk to the database owners, get added to the group and then they automatically can pull that data into Alteryx.
Would like to see a Notification hierarchy implemented to Gallery. Currently, the settings that control notifications are at the Gallery-level....where only the admin can control, for example, notifying users if a new workflow was added to a collection they belong too. Could this setting be inherited, but then, for example, a Collection owner can implement their own notification settings that overrides the Gallery default? Using the same example as before, perhaps the Collection owner could disable notifying their Users if a new workflow is loaded to the collection.
As users change roles; or possibly even leave the firm - we need to automatically manage the ownership of their and their permission.
- We need to be able to export all permissions and ownership of assets by user using an API
- We then need to be able to revoke permissions using an API (we have a central entitlement management process that this can be tied into)
- we also need to trigger a revoke on all licenses via API.
If done within Alteryx server:
- When a dept code on a user changes; or user leaves - trigger an invalidate on all assets.
- Workflow to both the primary and secondary owner to ask for a new owner
- Also automatically trigger a revoke on all licenses
Currently, this is completely manual with whoever is assuming the schedule creating it under their profile and then the old schedule being deleted.
This can happen often in organization where a user leaves the company or assumes a new role requiring some else to maintain those schedules. It would be convenient if there was an option to reassign the owner of a schedule to simply this process.
We've confirmed with @KevinP that the Alteryx Gallery / Server API does not currently support downloading canvasses in unzipped data-stream format. (https://community.alteryx.com/t5/Alteryx-Server-Discussions/Server-API-Download-packages-for-surveil...)
Please can we add an API end-point that allows the following:
Current API only allows this to be downloaded to a zipped file; which then needs to be unzipped; and then loaded back into a data stream.
each canvas in our environment goes through initial dev; then a testing phase; then into production usage after completing testing & peer review.
Currently the server environment has no concept of progression or promotion so we have to set up our own Dev; UAT; and Prod gallery & server - this really is very clunky because assets have to be manually copied across.
What would be more effective is:
- Allow a single asset to have a lifecycle (like you do in GIT) - so that it can go through dev and testing as a branch of the main code
- Once ready - user then changes the lifecycle type to "testing" or "UAT" and pushes it to users
- Once signed off, the user then promotes this to a production flow, and it replaces the current production version
There are a few areas where we'd need to do some thinking (dependancy tracking; branching; changing connection details as you promote so that you can hit the prod data stores etc) - but fundamentally this would go a VERY long way towards eliminating much of the admin involved in running the gallery.
Today in managing Alteryx server, we manually configure new connections using the front end. However, this has some potential drawbacks as it makes it hard to easily track change history, or make bulk updates to multiple strings, and it also leaves room for user error on configuration.
In this case I'm pretty specifically looking to modify aliases on the server itself. I'm not particularly concerned with distribution to a wider audience, and the usernames/passwords associated in this case should not be available for use locally by users. As a part of this, I am trying to identify a method to reduce or eliminate the need for anyone (including the data connection manager) to need to know the password for the specified accounts. As some of these accounts may be used by multiple systems, it would be significantly simpler to integrate this maintenance into existing automated processes, rather than have a manual step to update the Alteryx connection values on the Gallery.
This is specifically a challenge today with regards to specific usernames or passwords which need to be stored. Alteryx saves these values using machine-level encryption, but that is difficult to generate automatically. Having a supported method that would easily allow creation of this file with password-level information would greatly improve maintenance of the Alteryx Server, particularly from an IT automation perspective.
@SteveA did an article about server logging a few years ago which was very helpful.
... and in the training events at Inspire this year there was a session on how to find and interpret server logs.
it would be very useful for large server environments to move away from discrete log files as much as possible, and instead move towards a world where the logs are stored in a data format, and one logging infra is used for all so that an admin team can see these all in one place.
Granted - the initial boot-up of a server, where it needs to connect to the logging DB is going to be a challenge - but after this initial primary boot sequence it would be great if all server logs and logging events were stored in a database of some kind so that we can analyze and collect events. That way, server admins can have a great UI experience; as well as a great analytical experience without having to regex through multiple different .LOG files.