Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
Anonymous
Not applicable

RLS with USERPRINCIPALNAME working differently in the same month

‎10-18-2021 03:15 AM

Hi Experts, 

 

I created in my report the Sales role based on [UserMail] = userprincipalname(). In recent weeks if I tested the role through "View as" "Other role" and entered the email of a specific seller the report was filtered correctly, currently instead things seem to work differently because in addition to the email I also have to select the role to get the same result. Because of this change, I can no longer filter dynamically on Power BI Service.
The steps are:
1. Create a new role based on principalname(), the filter is apply on dimension table that contains mail and ID link for fact table.
2.Test the role by 

LucaPennella_0-1634551940163.png

and the filter don't work
3. Instead, if I select the Sales box and specific the Other User the RLS work properly

4. Actually the RLS doesn't work on Power Bi Service.

Please give me some advice. Thank you.  


Luca

Labels:
Message 1 of 4
1,604 Views
0
3 REPLIES 3
Anonymous
Not applicable

‎10-18-2021 07:32 AM

Hi @Burningsuit,

Many thanks, I totally understood your indications and I applied them but the RLS works partially.
RLS correctly detects most of the email, however for some of them it displays all the data without applying the filter. The emails in question have the Viewer role and the exact role set, it seems that it does not identify the email correctly in fact the card with the formula userprincipalname() is with my name.
The same emails that do not work on power bi service are instead read correctly on Power Bi desktop
Thank you.

Luca

Message 3 of 4
1,502 Views
0
Burningsuit
Resident Rockstar
Resident Rockstar
In response to Anonymous

‎10-18-2021 08:46 AM

Hi @Anonymous 

If userprincipalname() is displaying as your name in Power BI service, then it must be your account accessing the data, and as it is your account, you see all the data. I think it must be something to do with your schema (the relationships of the tables which you apply RLS to) or the DAX code youre using to implement RLS. If it is simply "[UserMail] = userprincipalname()" and [UserMail] is in the main "fact" table this should work.

Stuart

Message 4 of 4
1,476 Views
0
Burningsuit
Resident Rockstar
Resident Rockstar

‎10-18-2021 04:31 AM

Hi @Anonymous 

In Power BI Desktop the value of userprincipalname() is taken from the contact details of the user logged into the computer running Power BI desktop, not the account logged in to Power BI Service. If you select "other user" in view as roles it replaces this with the value given, so userprincipalname() = "what you typed in other user". But it does not turn on the rule you have given,  "Sales", so you need to do both, enter a value for "Other User" AND select the rule that it applies to. That's what's happening in Power BI Desktop.

In Service userprincipalname() is taken from the Power BI account details of the user logged in.

To apply RLS you need to go to "security" on the Dataset, and add the group, or the list of users that are subject to RLS to the role you specified ("Sales" in your case, "Attendees" in mine). 

Burningsuit_0-1634556379897.png

You can then go to the "more" options (...) next to the role name to test the role for different user names.

Burningsuit_1-1634556453897.png

 

 Note that if you are doing this in a Workspace, RLS is only applied for users with "viewer" access. Users with"Admin", "Member" or "Contributor" access will see all the data, regardless of how the report is shared with them.

Hope this helps

Stuart

Message 2 of 4
1,539 Views

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All