Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
gdarshna
New Member

Row-level security using Organization hierarchy not working in app/web

‎12-26-2017 05:24 AM

I have implemented RLS for the Organization hierarchy in the desktop version using the following DAX:

 

[EmailID] = "USERPRINCIPALNAME()"

||[Org Level 4] = "USERPRINCIPALNAME()"

||[Org Level 3] = "USERPRINCIPALNAME()"

||[Org Level 2] = "USERPRINCIPALNAME()"

||[Org Level 1] = "USERPRINCIPALNAME()"

 

Using "Test as roles" i tested it and it works fine. But it doesn't work in the app/web.

 

For example, the Manager is able to view his subordinates in the desktop version, but the cloud version shows blank values despite adding his id to the role created.

 

Any help is highly appreciated!

Cheers guys!!

Labels:
Message 1 of 7
1,285 Views
0
6 REPLIES 6
Arvin_
New Member

‎12-20-2023 12:49 AM

Hi   gdarshna

Did you solve this problem?  If you did, let me know how!  I also have the same problem.

Message 7 of 7
108 Views
0
v-shex-msft
Community Support
Community Support

‎12-26-2017 06:17 PM

HI @gdarshna,

 

I think you don't need add " symbol to dax formula.
If you add " character, it means you are try to find out 'Email ID' or 'Org Level' columns which has text "USERPRINCIPALNAME()".


In addition, I'd like to suggest you check on group permission, current only read permission members can enable the RLS feature.

 

Row-level security (RLS) with Power BI

Using RLS with app workspaces in Power BI

If you publish your Power BI Desktop report to an app workspace within the Power BI service, the roles will be applied to read-only members. You will need to indicate that members can only view Power BI content within the app workspace settings.

 

Limitations

Here is a list of the current limitations for row-level security on cloud models.

  • If you previously had roles/rules defined within the Power BI service, you will need to recreate them within Power BI Desktop.
  • You can define RLS only on the datasets created using Power BI Desktop client. If you want to enable RLS for datasets created with Excel, you will need to convert your files into PBIX files first. Learn more
  • Only ETL, and DirectQuery connections are supported. Live connections to Analysis Services are handled in the on-premises model.
  • Q&A and Cortana is not supported with RLS at this time. You will not see the Q&A input box for dashboards if all models have RLS configured. This is on the roadmap, but a timeline is not available.
  • External sharing is not currently supported with datasets that use RLS.
  • For any given model, the maximum number of Azure AD principals (i.e. individual users or security groups) that can be assigned to security roles is 1,000. To assign large numbers of users to roles, be sure to assign security groups, rather than individual users.

 

Regards,
Xiaoxin Sheng

 

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.
Message 2 of 7
1,264 Views
gdarshna
New Member
In response to v-shex-msft

‎12-26-2017 09:27 PM

Hi Xiaoxin Sheng!

 

Thank you for your quick response!

I tried to remove " and it's still showing blank values in the web.

Also, I'm publishing it to My workspace and not to the app workspace.

 

Any suggestions?

Message 3 of 7
1,260 Views
0
v-shex-msft
Community Support
Community Support
In response to gdarshna

‎12-26-2017 11:54 PM

Hi @gdarshna,

 

Maybe you can try to use below formula as the RLS formula:

IF (
    [EmailID] = USERPRINCIPALNAME ()
        || [Org Level 4] = USERPRINCIPALNAME ()
        || [Org Level 3] = USERPRINCIPALNAME ()
        || [Org Level 2] = USERPRINCIPALNAME ()
        || [Org Level 1] = USERPRINCIPALNAME (),
    TRUE (),
    FALSE ()
)

4.PNG

 

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.
Message 4 of 7
1,252 Views
gdarshna
New Member
In response to v-shex-msft

‎12-27-2017 02:38 AM

It's still the same 😞

Works in the desktop but gives blanks in the web 😞

Message 5 of 7
1,244 Views
0
v-shex-msft
Community Support
Community Support
In response to gdarshna

‎12-28-2017 12:09 AM

Hi @gdarshna,

 

Please write measures to display the result of ‘USERPRINCIPALNAME’ and 'USERNAME' functions.
Then, you can create card visuals with above measures to show the function result to ensure if current user is in the specific columns.

 

Sample measure:

USERNAME = USERNAME()

USERPRINCIPALNAME = USERPRINCIPALNAME()

6.PNG

 

>>Also, I'm publishing it to My workspace and not to the app workspace.

BTW, RLS also not works on dataset owner.

 

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.
Message 6 of 7
1,234 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All