Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.

Reply
Anonymous
Not applicable

Analysis Services (Jet Reports OLAP) + Role management

‎10-19-2017 12:59 AM

Hi 🙂

 

I've installed the Enterprise Gateway and I can refresh from app.powerbi.com.

I've managed the role and permissions from the JetDataManager (Olap Cubes) and when I execute PowerBI Desktop with a user who doesn't have all the access, everything it's working.

 

But when I publish the report, this same user has all permissions 😕

 

In my AD,  my local user @domain.local has @domain.com (same UPN)

 

What should I do ?

 

Thanks in advance

 

Best regards,

Matthieu

Message 1 of 8
1,871 Views
0
1 ACCEPTED SOLUTION
Anonymous
Not applicable
In response to Anonymous

‎11-20-2017 07:17 AM

@v-jiascu-msft

 

Hi Dale,

 

Thanks again for your replies. 

 

I tried several things, but I think my final solution is to rename the Source in PowerBI Desktop.

 

Both sources (Desktop / Gateway) were on the same serveur / database, but one was named "Cubes Olap" and the other "Olap".

 

It works now. Thanks again.

 

Best regards,

Matt

View solution in original post

Message 7 of 8
1,968 Views
7 REPLIES 7
v-jiascu-msft
Employee
Employee

‎10-19-2017 08:00 PM

@Anonymous,

 

Hi Matthieu,

 

It seems that your server allowed the access that was unauthorized. So you should restrict it from the server side. 

If you only want to restrict the access of a Power BI dataset, you can try RLS. Reference: powerbi-admin-rls.

 

Best Regards!

Dale

Community Support Team _ Dale
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Message 2 of 8
1,855 Views
0
Anonymous
Not applicable
In response to v-jiascu-msft

‎10-23-2017 12:46 AM

@v-jiascu-msft

 

Hi Dale,

 

I do a little schema to explain my problem:

 

2017-10-23 09_40_01-Document1 - Word.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

My Enterprise Gateway is configured with User 1.

 

I tried to map : 

user2@company.com to user2@company.local

and I tried again user2@company.com to company\user2

 

But my Gateway works with my AD Configuration, the email is in the AD card and I don't have to map for the USER 1, so I think I have not to map username. 

 

Thanks in advance

 

Best regards,

Matthieu

Message 4 of 8
1,837 Views
0
v-jiascu-msft
Employee
Employee
In response to Anonymous

‎10-23-2017 02:23 AM

@Anonymous,

 

Hi Matthieu,

 

I thought it was a Service from a party outside of Microsoft. Let's talk about some simple explanations first.

>>>The email address, that you sign into Power BI with, is what we will pass to Analysis Services as the effective user. 

1. If your SSAS server is in a domain company.local, you could grant access to user1@company.local, user2@company.local.

2. If you log in Power BI Service with the same address like user1@company.local, you don't need to map users.

3. If you log in PBI Service with user1@company.com, you need to map users.  And you need to map a user to a proper user in order to get the proper access.

 

Analysis Services Jet Reports OLAP Role management.jpg

 

 

 

 

 

 

 

 

 

 

 

 

 

Question: 1. Can you make it more clear what the type of connection is? Live or import?

2. How did you map the users?

 

Reference: https://powerbi.microsoft.com/en-us/documentation/powerbi-gateway-enterprise-manage-ssas/#map-user-names

 

Best Regards!

Dale

Community Support Team _ Dale
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Message 5 of 8
1,825 Views
0
Anonymous
Not applicable
In response to v-jiascu-msft

‎10-28-2017 01:43 AM

@v-jiascu-msft

 

Hi Dale,

 

Thanks for your reply and sorry for the delay, I was at clients this week. 

Question 1 : connection live or import

It's an import connection, but I tried with both, a report with live, a report with import, and I shared it to my test account with configured rights. 

Same in both cases, I can see everything with this account.

 

Question 2 : users "mapping"

I have a local user which has the complete email as upn : user1@company.com

But.. in doubt I tried to map from PowerBI gateway online tool :

user1@company.com to company\user1

And i tried too

user1@company.com to user1@company.local

And too 

User 1 to  user1@company.local and company\user1

 

Still "nothing" because I can see everything.. 

 

Thanks in advance for ur help.

 

Best regards,

Matt

Message 6 of 8
1,801 Views
0
Anonymous
Not applicable
In response to Anonymous

‎11-20-2017 07:17 AM

@v-jiascu-msft

 

Hi Dale,

 

Thanks again for your replies. 

 

I tried several things, but I think my final solution is to rename the Source in PowerBI Desktop.

 

Both sources (Desktop / Gateway) were on the same serveur / database, but one was named "Cubes Olap" and the other "Olap".

 

It works now. Thanks again.

 

Best regards,

Matt

Message 7 of 8
1,969 Views
v-jiascu-msft
Employee
Employee
In response to Anonymous

‎11-20-2017 04:32 PM

@Anonymous

 

Hi Matt,

 

Thank you very much for sharing. I will try your solution later.

 

Best Regards!

Dale

Community Support Team _ Dale
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Message 8 of 8
1,718 Views
0
Anonymous
Not applicable
In response to v-jiascu-msft

‎10-20-2017 12:17 PM

@v-jiascu-msft

 

Hi Dale,

 

Thanks for your reply but :

  • I have restricted from server side because it's working if the user use the Desktop app. 
  • RLS couldn't work because of Analysis Services.

It's about the online access, I don't understand why the rights are working in local but not online, with the same user which has a valid UPN.

 

Thanks in advance

 

Best regards,

Matthieu

Message 3 of 8
1,851 Views
0

Helpful resources

Announcements
LearnSurvey

Fabric certifications survey

Certification feedback opportunity for the community.

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All