Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hi 🙂
I've installed the Enterprise Gateway and I can refresh from app.powerbi.com.
I've managed the role and permissions from the JetDataManager (Olap Cubes) and when I execute PowerBI Desktop with a user who doesn't have all the access, everything it's working.
But when I publish the report, this same user has all permissions 😕
In my AD, my local user @domain.local has @domain.com (same UPN)
What should I do ?
Thanks in advance
Best regards,
Matthieu
Solved! Go to Solution.
Hi Dale,
Thanks again for your replies.
I tried several things, but I think my final solution is to rename the Source in PowerBI Desktop.
Both sources (Desktop / Gateway) were on the same serveur / database, but one was named "Cubes Olap" and the other "Olap".
It works now. Thanks again.
Best regards,
Matt
@Anonymous,
Hi Matthieu,
It seems that your server allowed the access that was unauthorized. So you should restrict it from the server side.
If you only want to restrict the access of a Power BI dataset, you can try RLS. Reference: powerbi-admin-rls.
Best Regards!
Dale
Hi Dale,
I do a little schema to explain my problem:
My Enterprise Gateway is configured with User 1.
I tried to map :
user2@company.com to user2@company.local
and I tried again user2@company.com to company\user2
But my Gateway works with my AD Configuration, the email is in the AD card and I don't have to map for the USER 1, so I think I have not to map username.
Thanks in advance
Best regards,
Matthieu
@Anonymous,
Hi Matthieu,
I thought it was a Service from a party outside of Microsoft. Let's talk about some simple explanations first.
>>>The email address, that you sign into Power BI with, is what we will pass to Analysis Services as the effective user.
1. If your SSAS server is in a domain company.local, you could grant access to user1@company.local, user2@company.local.
2. If you log in Power BI Service with the same address like user1@company.local, you don't need to map users.
3. If you log in PBI Service with user1@company.com, you need to map users. And you need to map a user to a proper user in order to get the proper access.
Question: 1. Can you make it more clear what the type of connection is? Live or import?
2. How did you map the users?
Best Regards!
Dale
Hi Dale,
Thanks for your reply and sorry for the delay, I was at clients this week.
Question 1 : connection live or import
It's an import connection, but I tried with both, a report with live, a report with import, and I shared it to my test account with configured rights.
Same in both cases, I can see everything with this account.
Question 2 : users "mapping"
I have a local user which has the complete email as upn : user1@company.com
But.. in doubt I tried to map from PowerBI gateway online tool :
user1@company.com to company\user1
And i tried too
user1@company.com to user1@company.local
And too
User 1 to user1@company.local and company\user1
Still "nothing" because I can see everything..
Thanks in advance for ur help.
Best regards,
Matt
Hi Dale,
Thanks again for your replies.
I tried several things, but I think my final solution is to rename the Source in PowerBI Desktop.
Both sources (Desktop / Gateway) were on the same serveur / database, but one was named "Cubes Olap" and the other "Olap".
It works now. Thanks again.
Best regards,
Matt
@Anonymous
Hi Matt,
Thank you very much for sharing. I will try your solution later.
Best Regards!
Dale
Hi Dale,
Thanks for your reply but :
It's about the online access, I don't understand why the rights are working in local but not online, with the same user which has a valid UPN.
Thanks in advance
Best regards,
Matthieu
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.
User | Count |
---|---|
58 | |
20 | |
18 | |
18 | |
9 |