Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!

Reply
sonocapace
Frequent Visitor

Direct Query SQL Server Security

I've created an on-premises gateway using my Windows credentials. I've created several Power BI reports which pull directly from SQL Server views. The views rely on SQL functions to expose only the data to which a specific logged in user is mapped in the SQL database. These views work perfectly when used as data connections in Excel, but when a user tries to refresh the reports in Power BI online they see only the data to which I myself (the report creator) am mapped. Any suggestions?

1 ACCEPTED SOLUTION
v-qiuyu-msft
Community Support
Community Support

Hi @sonocapace,

 

In Power BI data gateway SQL Server data source, all queries to the data source will run using these credentials entered when creating the data source. So when users access the report, those credential are passed to SQL function on SQL side to limit the specific data.

 

In your scenario, I would suggest you use Row Level Security feature to limit user specific data. you can connect to the SQL Server tables instead of views, which has one column contains different user's User Principal Name (UPN). For example, user1@contoso.microsoft.com.

 

q6.PNG

 

In desktop, create a role use Username() via Manage Roles like below:

 

q5.PNG

 

After publish the report to service, go to dataset security, add users under this role. For detail information, please refer to this article: Row-level security (RLS) with Power BI.

 

 

Best Regards,
Qiuyun Yu

 

 

Community Support Team _ Qiuyun Yu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

1 REPLY 1
v-qiuyu-msft
Community Support
Community Support

Hi @sonocapace,

 

In Power BI data gateway SQL Server data source, all queries to the data source will run using these credentials entered when creating the data source. So when users access the report, those credential are passed to SQL function on SQL side to limit the specific data.

 

In your scenario, I would suggest you use Row Level Security feature to limit user specific data. you can connect to the SQL Server tables instead of views, which has one column contains different user's User Principal Name (UPN). For example, user1@contoso.microsoft.com.

 

q6.PNG

 

In desktop, create a role use Username() via Manage Roles like below:

 

q5.PNG

 

After publish the report to service, go to dataset security, add users under this role. For detail information, please refer to this article: Row-level security (RLS) with Power BI.

 

 

Best Regards,
Qiuyun Yu

 

 

Community Support Team _ Qiuyun Yu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Helpful resources

Announcements
April AMA free

Microsoft Fabric AMA Livestream

Join us Tuesday, April 09, 9:00 – 10:00 AM PST for a live, expert-led Q&A session on all things Microsoft Fabric!

March Fabric Community Update

Fabric Community Update - March 2024

Find out what's new and trending in the Fabric Community.