cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
jhartranft60 Frequent Visitor
Frequent Visitor

Row Level Security not working

Hello,

 

I've created a report and, in Desktop, I've created several roles relating to the different groups within the report and an "Exec" role to give Executives a view of all.  I've filtered these roles using DAX and when I 'View As', I see exactly what I've intended for each role.

 

Next, I've gone into BI Service and added the directors to their respective group roles.  I've also edited the app workspace to ensure that members can only view, not edit, BI content.  I've then chosen "Test as role" and again see exactly what the role is intended to see.

 

Unfortunately, when I have a group director access the app they're able to see all data instead of being limited to just their group.  Is there something I'm missing? 

 

*Note - those with access to the app are not members of the workspace.  I don't think they need to be, but figured I'd toss this info out there as well.

1 ACCEPTED SOLUTION

Accepted Solutions
jhartranft60 Frequent Visitor
Frequent Visitor

Re: Row Level Security not working

@PBIUSER3  Yes, I ended up using Dynamic RLS to fix the problem.  Our PBI login matches ID's in the data, for example:

 

Login: UserBob123@microsoft.com

Data: UserID- UserBob123; Customer-ABEX; Order#-7524

 

I then used a filter in the role like: UserPrincipalName()=Concatenate(UserID,"@microsoft.com") 

 

Hope that helps!

         

7 REPLIES 7
Highlighted
Community Support Team
Community Support Team

Re: Row Level Security not working

Hi @jhartranft60,

 

According to document, it mentioned RLS not works for user who is the dataset owner or has edit permission.
Please double check his according to confirm if he has edit permission.

Row-level security (RLS) with Power BI

 

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin Sheng
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.



For learning resources/Release notes, please visit: | |
jhartranft60 Frequent Visitor
Frequent Visitor

Re: Row Level Security not working

He does not.  He's not a member of the workspace and only accessing the report via the app. 

Community Support Team
Community Support Team

Re: Row Level Security not working

HI @jhartranft60,

 

Can you confirm your table has correspond records with that user?

 

>>He's not a member of the workspace and only accessing the report via the app.

Did you mean external guest from external tenant and use Azure B2B feature to get access permission?

Distribute Power BI content to external guest users with Azure AD B2B

 

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin Sheng
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.



For learning resources/Release notes, please visit: | |
jhartranft60 Frequent Visitor
Frequent Visitor

Re: Row Level Security not working

Hello,

 

Yes, I've used multiple test users at this point, each put into a different role.  I'm not using Dynamic RLS, so the records shouldn't have to tie them directly, just to the rules of the roles I've put them in.  As mentioned previously, I've tested the roles in both Desktop and Service and they work exactly as intended.  I just can't seem to figure out why they don't work for any users that I assign to those roles.

 

>>He's not a member of the workspace and only accessing the report via the app.

>>Did you mean external guest from external tenant and use Azure B2B feature to get access permission?

>>No, this was in response to a previous question about the test user having edit permissions.  My response is that they are not a member of the App Workspace and therefore that isn't a concern.  They are a member of the organization given access to the app only.

 

Community Support Team
Community Support Team

Re: Row Level Security not working

Hi @jhartranft60,

 

How did you assign roles? Assigned to email or office security group? If you mean security group, did this user joined in that group? Any specific permissions/rules enabled on this user?


In addition, you can also open a support ticket for better support from power bi team.

 

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin Sheng
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.



For learning resources/Release notes, please visit: | |
PBIUSER3 Occasional Visitor
Occasional Visitor

Re: Row Level Security not working

Hey @jhartranft60 , did you ever find a solution to this as I am having the same issue.

 

Thank you

jhartranft60 Frequent Visitor
Frequent Visitor

Re: Row Level Security not working

@PBIUSER3  Yes, I ended up using Dynamic RLS to fix the problem.  Our PBI login matches ID's in the data, for example:

 

Login: UserBob123@microsoft.com

Data: UserID- UserBob123; Customer-ABEX; Order#-7524

 

I then used a filter in the role like: UserPrincipalName()=Concatenate(UserID,"@microsoft.com") 

 

Hope that helps!