I'm using USERNAME() to check against a security table for Row Level Security (RLS) based on the user.
For one of the users, I'm getting a weird e-mail format returned: email@example.com
Didn't figure this out until I explicitly put USERNAME() in a card on the report to see what was being used.
Has anyone seen that? Is this going to happen for all users that have outlook.com e-mail addresses?
Using the "firstname.lastname@example.org" in my look up table doesn't work, so I'm thinking I have to filter out any text before a # in an e-mail address to correct for this weird behavior. Any insights to this would help me with configuring my access table for others.
Yes, that's what I've been using. So what I've done now is replicated the Security Role and use the unaltered USERPRINCIPALNAME() value and put that weird e-mail format into the table to accomodate when that happens.
I have the exact same issue. It only started Monday of this week. Prior to that the Username() function did return the email address of the person signed in. A solution to this other than just having to change my file to fit the random UPNs that I get is much needed.
I have tried both and the problem is that neither function returns the correct output. An even bigger problem is that they used to.
From Microsoft's own documentation the show dynamic row level security working as such:
You can see by design, neither function is supposed to return the extra information, allowing you to set something up in rls like [useremail] = UPN(). But that no longer works because of the need to manipulate the email address in the table, since you can't manipulate the UPN without compromising logins.
You could do as OP said and just enter the extra information into your table, but now the old users that are in there behave differently. Their function still returns their email while the newly added users return the extra information. So to keep everyone the same you would need to remove everyone and reinvite so every user UPN() function returns the extra information and then write up the dax to fix the emails to match the UPN() function.
I guess you can't put e-mails into the message body. I just posted a reply that disappeared. Sucks.
So basically, I've determined there are 3 different e-mail formats that get return: 1) regular, 2) live.com# prefix, and 3) abc_workmail.com#EXT#(at)onmail.mail.com
It's a pain to figure out which one is going to show up, so I decided to just fix the e-mail back to regular and not have to mess with the special characters inserted. Here's an example of my formula used in the RLS role:
After a couple of weeks speaking with Microsoft reps, the issue seems to be resolved. The UPN() and UN() function should now return the email of the user rather than the added extension for external users.
Yes, it looks like they did change the e-mails to show actual e-mails. Interestingly, one of my external users had an e-mail that was email@example.com and now it shows FirstName.LastName@company.com. I had to update my access table. Not sure of what circumstances determine which e-mail will be used.