Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
Anonymous
Not applicable

Is it possible to choose what role level access when using Power BI live connection to Tabular Model

‎07-26-2021 12:12 PM

Hi,

I have a Tabular Model with Different roles level security (i.e Role_Admin, Role_HR, Role_Employees, etc) defined in the cube Role Level manager. There are multiple dashboards built that uses live connection to access the Tabular Model and there are situations where a single user is added to more than one dashboards. Now, when such a user logon to each dashboards, he/she is seeing all data based on the highest level of access that was granted.

Is there a way to explicitly specify what defined role level name for Power BI dashboard to use when connecting to the Tabular Model?

If that is not possible, are there other ways to specify what role name for Power BI report to use when it connects to the Tabular Model, whether at Desktop design level or in Power BI Service?

Please, i need urgent assistance with this.

 

Thank you!

Labels:
Message 1 of 5
947 Views
0
1 ACCEPTED SOLUTION
v-xiaotang
Community Support
Community Support
In response to Anonymous

‎08-01-2021 11:50 PM

thanks for your explanation, @Anonymous 

-

Personally speaking, if user has access to Model data via multiple roles, then the user will have access to data based on RLS with higher access, and there's no work-around.

Unless you set single access for each local role, then map user names to specified local role for each dataset on service. That is, separate different permissions into multiple roles, and ensure that one role one permission.

 

 

Best Regards,

Community Support Team _Tang

If this post helps, please consider Accept it as the solution to help the other members find it more quickly.

How to get your questions answered quickly -- How to provide sample data

View solution in original post

Message 4 of 5
758 Views
4 REPLIES 4
Anonymous
Not applicable

‎07-29-2021 02:34 PM

Hi v-xiaotang,

 

Thank you for your response. The article referenced is spot on how to implement row level security and data access gateway. These are already in place in our current data access provisioning in reports. However, recently, we decided to create multiple row level security  roles in Tabular model and each role points to its own unique AD group. The challenge is, we have some users who belong to different AD Groups, which also means they can have access to Tabular Model data via multiple roles in the row level security. For such users, we are noticing they are having access to data based on their row level security with higher access. 
My question is, is it possible to make Power BI explicitely choose a specific row level security role defined in the Tabular Model? If not, are there any work-around on this?

I hope I have been able to explain this better.

Thanks again for your assistance.

Message 3 of 5
801 Views
0
v-xiaotang
Community Support
Community Support
In response to Anonymous

‎08-01-2021 11:50 PM

thanks for your explanation, @Anonymous 

-

Personally speaking, if user has access to Model data via multiple roles, then the user will have access to data based on RLS with higher access, and there's no work-around.

Unless you set single access for each local role, then map user names to specified local role for each dataset on service. That is, separate different permissions into multiple roles, and ensure that one role one permission.

 

 

Best Regards,

Community Support Team _Tang

If this post helps, please consider Accept it as the solution to help the other members find it more quickly.

How to get your questions answered quickly -- How to provide sample data
Message 4 of 5
759 Views
Anonymous
Not applicable
In response to v-xiaotang

‎08-03-2021 01:45 PM

Thanks v-xiaotang,

Now that i know what i was trying to achieve is not possible, I will try some other approach without defining multiple RLS.

Message 5 of 5
695 Views
v-xiaotang
Community Support
Community Support

‎07-28-2021 08:03 PM

Hi @Anonymous 

you can use Map user names on specified dataset to achieve this goal.

The content of official tutorial is very detailed, so I attach the link directly. if you need more help, please let me know.

https://docs.microsoft.com/en-us/power-bi/connect-data/service-gateway-enterprise-manage-ssas#user-names-with-analysis-services

two videos in this tutorial are also helpful to help understand <Map user names>.

 

 

Best Regards,

Community Support Team _Tang

If this post helps, please consider Accept it as the solution to help the other members find it more quickly.

How to get your questions answered quickly -- How to provide sample data
Message 2 of 5
818 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All