Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more.
Get startedGrow your Fabric skills and prepare for the DP-600 certification exam by completing the latest Microsoft Fabric challenge.
Hello Data Enthusiasts,
Question about PBI RLS.
I created a new role (limited view of dataset) thinking that I can just add 50 users into it, put them into their own audience and that would be OK. Then I test, those not in the role now have 'access denied' and cannot see what they once saw before RLS, which was everything across ALL reports using the same data model.
So, It appears that once you activate RLS on the data model you have to place ALL USERS into a role, so I would have to create an 'ALL Access' group as well. This obviously is slight inconvenience.
Is this really what needs to be done? or am I missing something?
I assumed those not in RLS would default to being able to see ALL.
Would a seperate data model be better?
Thanks!
Solved! Go to Solution.
As you mentioned, you could create a role that doesn't apply any restrictions, effectively giving users in this role access to all the data. You can use a rule in the role with a formula that always returns TRUE, like TRUE(), which does not filter any data.
As you mentioned, you could create a role that doesn't apply any restrictions, effectively giving users in this role access to all the data. You can use a rule in the role with a formula that always returns TRUE, like TRUE(), which does not filter any data.
@AmiraBedh Thanks for the reply!
How does this work with the PBI Request email?
When granting access do you have to specify a role as well as an audience (as part the process) or do you have to grant access to the audience then assign the role seperately (as an extra step outside of the process)?
Now I am a little bit lost. How ware you configuring your RLS ?
Im referring to this
https://learn.microsoft.com/en-us/power-bi/collaborate-share/service-request-access
When granting access you can specify the audience of the user a the same time as granting access.
What I haven't seen yet is if at the same time you ALSO specify the RLS role for the user as well. So I am wondering if this is a seperate step or not.
@AmiraBedh I think I found an answer to my query. I think it requires a seperate step. Not ideal but useful to know for planning. Thanks for your help today! Best wishes!
User | Count |
---|---|
95 | |
89 | |
70 | |
63 | |
58 |
User | Count |
---|---|
149 | |
113 | |
95 | |
80 | |
72 |