Hello,
I recenetly implemented the DRLS on one of my reports using our Active Directory. It is a Quality Assurance report, so employees can see their own reports, their managers can see their employess, directors can see everything below and so on and so forth.
You can see below on the left, my DAX in desktop and then I have a microsoft group added in service with a few other users who aren't in the group.
My issue I am having is that I have a user who has responsibiltiy over QA for a team, however - the team does not actually report up through him in the directory, so he can't see anything. He is not in the PC CLAIMS microsoft group. I do have a bucket in service that filters by the team - when I put him in there, he sees everything .. not limited to the role. When I add him to this SECURE group with the other 3 users you see up above, he sees everything .. not limited to the role again.
The reason why this is happening is that his name doesn't occur in the actual data, because he doesn't have any QA's and he's not listed as a manager for anyone. He is listed in my active directory table as an employee.
I'm wondering if anyone knows of a "backdoor" that I can basically say if this users email = "", then it goes around the RLS and gives him access to a certain team = "".
I hope that makes sense. I feel like I've tried it all. I can't change it all for one user, so I'm hoping that I can do something that works for him specifically.
Trevor
Helpful resources
Microsoft Fabric Learn Together
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Power BI Monthly Update - April 2024
Check out the April 2024 Power BI update to learn about new features.
Fabric Community Update - April 2024
Find out what's new and trending in the Fabric Community.
