Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
syasmin25
Helper V
Helper V

RLS on pages

‎06-30-2020 01:58 AM

Hello, 

I was wondering if there is a way I can implement RLS on pages for groups?

Message 1 of 8
2,265 Views
0
7 REPLIES 7
Pragati11
Super User
Super User

‎06-30-2020 02:12 AM

Hi @syasmin25 ,

 

Yes you can use RLS on all the pages of your report in Power BI for a level like Group.

You will need to add a little bit to what groups you are talking about here - AD Groups? As I don't have visibility on what groups you are talking about, Refer following articles:

https://guyinacube.com/2020/02/25/can-you-use-groups-with-power-bi-row-level-security-rls/

https://community.powerbi.com/t5/Service/Row-level-security-using-AD-groups/td-p/300732

https://www.fourmoo.com/2018/02/20/dynamic-row-level-security-is-easy-with-active-directory-security...

 

Thanks,

Pragati

Best Regards,

Pragati Jain


MVP logo


LinkedIn | Twitter | Blog YouTube 

Did I answer your question? Mark my post as a solution! This will help others on the forum!

Appreciate your Kudos!!

Proud to be a Super User!!

Message 2 of 8
2,249 Views
0
syasmin25
Helper V
Helper V
In response to Pragati11

‎06-30-2020 02:14 AM

Thank you for the links. I was looking to use the groups on AD to filter out pages. I do not know if that is a possibility. Is there a way I could do it with just one report?

Message 3 of 8
2,247 Views
0
Pragati11
Super User
Super User
In response to syasmin25

‎06-30-2020 02:15 AM

Hi @syasmin25 ,

 

Please refer the links I have shared. There are 2 of them setting up RLS using AD groups.

 

Thanks,

Pragati

Best Regards,

Pragati Jain


MVP logo


LinkedIn | Twitter | Blog YouTube 

Did I answer your question? Mark my post as a solution! This will help others on the forum!

Appreciate your Kudos!!

Proud to be a Super User!!

Message 4 of 8
2,244 Views
0
syasmin25
Helper V
Helper V
In response to Pragati11

‎06-30-2020 05:36 AM

Hello, 

I apologise for the misunderstanding here. I have already created the groups from AD. I was wondering if it was possible to limit a groups access from a particular page of the report. For example, 
 I have 3 groups that I would have created in Power BI Desktop. 

syasmin25_0-1593520480937.png

And I do not want Level 2 to have access to Page 2 of my report, there would be no data, Is there a way I can do that?

syasmin25_1-1593520574267.png

 





Message 5 of 8
2,230 Views
Pragati11
Super User
Super User
In response to syasmin25

‎06-30-2020 06:04 AM

Hi @syasmin25 ,

 

To my knowledge I don't think there is a way of achiving this. You may have to create a different version of dashboard with less pages in it.

Because RLS works on the data model level not on report tab-level.

Also, do check the following thread if it helps:

https://community.powerbi.com/t5/Desktop/RLS-with-UserName/td-p/82327

 

Thanks,

Pragati

Best Regards,

Pragati Jain


MVP logo


LinkedIn | Twitter | Blog YouTube 

Did I answer your question? Mark my post as a solution! This will help others on the forum!

Appreciate your Kudos!!

Proud to be a Super User!!

Message 6 of 8
2,225 Views
syasmin25
Helper V
Helper V
In response to Pragati11

‎06-30-2020 06:42 AM

okay, is there a way I can restrict a group from a dataset(FIELD/TBL) then? Or, could you please tell me how to set hierarchy from Active Directory? I have gone through a lot of tutorials but I have not been able to come across one for that.

Message 7 of 8
2,222 Views
Anonymous
Not applicable
In response to syasmin25

‎09-14-2020 07:08 AM

@syasmin25  If I understood your concern right then below is the solution.

Assuming you have a table (Headcount) with the unique emp id along with the email address of every employee and the immediate reporting contact - counselor email address along with the counselor unique emp id. Basically 4 columns - emp id, emp email, counselor id, conselor email (considering you have the team data where the staff, reporting senior, reporting manager, reporting senior manager are present in this table).

You need to create a column heirarchy path using the below DAX :

Heirarchy = path('Headcount'[emp id],'Headcount'[counselor id])

This will generate the complete heirarchy path from the staff to the senior manager for every employee.

Now create additional columns for every level.

Level 1 senior manager, level 2 manager, 3 senior and 4 staff.

level 1 column will have the below DAX to generate the email address of the senior manager, and 2 will have email of the manager and so on.

DAX for level 1 = lookup('Headcount'[emp email],'Headcount'[emp id],PATHITEM('Headcount'[Heirarchy],1,1),'Headcount'[emp email])

Dax for level 2 = lookup('Headcount'[emp email],'Headcount'[emp id],PATHITEM('Headcount'[Heirarchy],2,1),'Headcount'[emp email])

Dax for level 3 = lookup('Headcount'[emp email],'Headcount'[emp id],PATHITEM('Headcount'[Heirarchy],3,1),'Headcount'[emp email])

Dax for level 4 = lookup('Headcount'[emp email],'Headcount'[emp id],PATHITEM('Headcount'[Heirarchy],4,1),'Headcount'[emp email])

 

Now you need to set up RLS on this table with the user name function.

Go to manage roles. create a role 'Heirarchy' -> Table is 'Headcount' 

under the expression set the rule as below.

[emp email] = USERPRINCIPALNAME()
|| [Level 4] = USERPRINCIPALNAME()
|| [Level 3] = USERPRINCIPALNAME()
|| [Level 2] = USERPRINCIPALNAME()
|| [Level 1] = USERPRINCIPALNAME()

 

The above rule works as below.

If a user present in the headcount at staff level views, he will see only his data in the report.

a senior will see his data as well as the data for all staff reporting to him

a manager sees his data, his reporting seniors and the further drill of the staff members reporting to those seniors,

a senior manager will see all the data

 

Guess the above technique and explanation helps.

Do upvote and mark as solution if this fixes your corcern.

Message 8 of 8
2,178 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All
Top Solution Authors
View All