Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!
How do I enable a PBI desktop user to read PBI service dataflow entities when the user is not the one that created the dataflow? Note, the Dataflow is created in a Workspace that is using Azure Data Lake Gen2 storage.
Currently, the user opens PBI Desktop, does Get Data, Power BI Dataflows and is displayed a list of all dataflows and their entities. However, when an entity is checked for selection as a data source the user gets the message "Expression.Error: Access to the resource is forbidden."
Regards,
Tim
Solved! Go to Solution.
I believe our permission issues are caused by the fact that we are writing to a tenant based Azure Data Lake Gen2 storage filesystem (as opposed to the default shared Data Lake filesystem). We need to manually assign permissions to all of our Data Lakes CDM folders and files. It is tedious for now because the permissions do not propagate to files that already existed before new permissions are applied. The Data Lake permission propagation rules are still not clear to me but we finally got things to work "good enough" after much manual tweaking and testing. Hopefully, this manual effort is eliminated or minimized after PBI dataflows get out of preview mode. In the meantime the manual effort can be minimized by knowing the GUIDs of all security groups needing access to individual folders and their files soon after the CDM folders are created by a refresh.
hi, @tcash
I have test on my side, it works well.
User A create a data flow in a workspace, and User B could get data in power bi desktop from this data flow.
Best Regards,
Lin
I believe our permission issues are caused by the fact that we are writing to a tenant based Azure Data Lake Gen2 storage filesystem (as opposed to the default shared Data Lake filesystem). We need to manually assign permissions to all of our Data Lakes CDM folders and files. It is tedious for now because the permissions do not propagate to files that already existed before new permissions are applied. The Data Lake permission propagation rules are still not clear to me but we finally got things to work "good enough" after much manual tweaking and testing. Hopefully, this manual effort is eliminated or minimized after PBI dataflows get out of preview mode. In the meantime the manual effort can be minimized by knowing the GUIDs of all security groups needing access to individual folders and their files soon after the CDM folders are created by a refresh.
hi, @tcash
Great! It's pleasant that it works "good enough".
If you consider this issue closed, please mark it as "solved", that way, other community members will easily find the solution when they get same issue.
Thanks.
Best Regards,
Lin