Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Grow your Fabric skills and prepare for the DP-600 certification exam by completing the latest Microsoft Fabric challenge.

Reply
DizHamilton
Frequent Visitor

RLS - All users or nothing?

‎04-12-2024 08:08 AM

Hello Data Enthusiasts,

Question about PBI RLS

 

I created a new role (limited view of dataset) thinking that I can just add 50 users into it, put them into their own audience and that would be OK. Then I test, those not in the role now have 'access denied' and cannot see what they once saw before RLS, which was everything across ALL reports using the same data model.

 

 So, It appears that once you activate RLS on the data model you have to place ALL USERS into a role, so I would have to create an 'ALL Access' group as well. This obviously is slight inconvenience.

 

Is this really what needs to be done? or am I missing something?

 

I assumed those not in RLS would default to being able to see ALL.

 

Would a seperate data model be better?

Thanks!

Labels:
Message 1 of 6
189 Views
0
1 ACCEPTED SOLUTION
AmiraBedh
Resident Rockstar
Resident Rockstar

‎04-12-2024 08:19 AM

As you mentioned, you could create a role that doesn't apply any restrictions, effectively giving users in this role access to all the data. You can use a rule in the role with a formula that always returns TRUE, like TRUE(), which does not filter any data.


Proud to be a Power BI Super User !

Microsoft Community : https://docs.microsoft.com/en-us/users/AmiraBedhiafi
Linkedin : https://www.linkedin.com/in/amira-bedhiafi/
StackOverflow : https://stackoverflow.com/users/9517769/amira-bedhiafi
C-Sharp Corner : https://www.c-sharpcorner.com/members/amira-bedhiafi
Power BI Community :https://community.powerbi.com/t5/user/viewprofilepage/user-id/332696

View solution in original post

Message 2 of 6
173 Views
5 REPLIES 5
AmiraBedh
Resident Rockstar
Resident Rockstar

‎04-12-2024 08:19 AM

As you mentioned, you could create a role that doesn't apply any restrictions, effectively giving users in this role access to all the data. You can use a rule in the role with a formula that always returns TRUE, like TRUE(), which does not filter any data.


Proud to be a Power BI Super User !

Microsoft Community : https://docs.microsoft.com/en-us/users/AmiraBedhiafi
Linkedin : https://www.linkedin.com/in/amira-bedhiafi/
StackOverflow : https://stackoverflow.com/users/9517769/amira-bedhiafi
C-Sharp Corner : https://www.c-sharpcorner.com/members/amira-bedhiafi
Power BI Community :https://community.powerbi.com/t5/user/viewprofilepage/user-id/332696
Message 2 of 6
174 Views
DizHamilton
Frequent Visitor
In response to AmiraBedh

‎04-12-2024 08:59 AM

@AmiraBedh  Thanks for the reply!

How does this work with the PBI Request email?

When granting access do you have to specify a role as well as an audience (as part the process) or do you have to grant access to the audience then assign the role seperately (as an extra step outside of the process)?


Message 3 of 6
153 Views
0
AmiraBedh
Resident Rockstar
Resident Rockstar
In response to DizHamilton

‎04-12-2024 10:24 AM

Now I am a little bit lost. How ware you configuring your RLS ?


Proud to be a Power BI Super User !

Microsoft Community : https://docs.microsoft.com/en-us/users/AmiraBedhiafi
Linkedin : https://www.linkedin.com/in/amira-bedhiafi/
StackOverflow : https://stackoverflow.com/users/9517769/amira-bedhiafi
C-Sharp Corner : https://www.c-sharpcorner.com/members/amira-bedhiafi
Power BI Community :https://community.powerbi.com/t5/user/viewprofilepage/user-id/332696
Message 4 of 6
141 Views
0
DizHamilton
Frequent Visitor
In response to AmiraBedh

‎04-12-2024 10:57 AM

Im referring to this

https://learn.microsoft.com/en-us/power-bi/collaborate-share/service-request-access

When granting access you can specify the audience of the user a the same time as granting access.

What I haven't seen yet is if at the same time you ALSO specify the RLS role for the user as well. So I am wondering if this is a seperate step or not.




Message 5 of 6
137 Views
0
DizHamilton
Frequent Visitor
In response to DizHamilton

‎04-12-2024 11:10 AM

@AmiraBedh I think I found an answer to my query. I think it requires a seperate step. Not ideal but useful to know for planning. Thanks for your help today! Best wishes!

Message 6 of 6
136 Views
0

Helpful resources

Announcements
RTI Forums Carousel3

New forum boards available in Real-Time Intelligence.

Ask questions in Eventhouse and KQL, Eventstream, and Reflex.

MayPowerBICarousel1

Power BI Monthly Update - May 2024

Check out the May 2024 Power BI update to learn about new features.

View All