cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
laikittmun
Frequent Visitor

Users are getting Access Denied error to the datasets that have RLS configured on it.

Power BI Pro license users encountered error "You can't see the content of this report because you don't have permissions to the underlying dataset. The underlying dataset uses row-level security (RLS)." when accessing the dataset with permission  Read, Reshare, Rebuild granted to them and this dataset has RLS configured. Could anyone advise where went wrong that causes them not be able to use the dataset. The dataset has been published to a workspace with premium capacity.  

 

laikittmun_0-1642232665312.png

 

2 ACCEPTED SOLUTIONS

Yes that's the only solution I'm aware of. I generally have an empty role called "No RLS" but users have to be specifically assigned to it. We make use of Azure Security Groups to make it managable.



Ben Dobbs

LinkedIn | Twitter | Blog

Did I answer your question? Mark my post as a solution! This will help others on the forum!
Appreciate your Kudos!!

View solution in original post

v-kalyj-msft
Community Support
Community Support

Hi @laikittmun ,

If you have set RLS in a report, any user haven't been set a role in the RLS can't see the report, unless he is at least a contributor of the workspace.

According to your description, I have two solutions.

1. You can add a new role in Power BI Desktop and set nothing in the "Table filter DAX expression" box, like below.

vkalyjmsft_0-1642572800961.png

Then if you have access to admin center, you can create a distribution or security group with the 80 users and give them the Full access role in dataset security setting. Otherwise, you need to add them one by one.

2.Give the 80 users contributor role of the workspace, in this way, they can see whole content of the report and other reports in the workspace.

 

Reference:Row-level security (RLS) with Power BI - Power BI | Microsoft Docs

Roles in the new workspaces in Power BI - Power BI | Microsoft Docs

 

Best Regards,
Community Support Team _ kalyj

 

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

4 REPLIES 4
v-kalyj-msft
Community Support
Community Support

Hi @laikittmun ,

If you have set RLS in a report, any user haven't been set a role in the RLS can't see the report, unless he is at least a contributor of the workspace.

According to your description, I have two solutions.

1. You can add a new role in Power BI Desktop and set nothing in the "Table filter DAX expression" box, like below.

vkalyjmsft_0-1642572800961.png

Then if you have access to admin center, you can create a distribution or security group with the 80 users and give them the Full access role in dataset security setting. Otherwise, you need to add them one by one.

2.Give the 80 users contributor role of the workspace, in this way, they can see whole content of the report and other reports in the workspace.

 

Reference:Row-level security (RLS) with Power BI - Power BI | Microsoft Docs

Roles in the new workspaces in Power BI - Power BI | Microsoft Docs

 

Best Regards,
Community Support Team _ kalyj

 

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

bcdobbs
Super User
Super User

Just to check, is the workspace definently premium capacity and not premium per user? 

Assuming that's not the problem, if you click the three dots next to the dataset in the workspace and click security it should show you the roles for RLS.

 

It sounds like power bi doesn't think the users in question are a member of any role.

 

Start by checking that and then we can investigate further.



Ben Dobbs

LinkedIn | Twitter | Blog

Did I answer your question? Mark my post as a solution! This will help others on the forum!
Appreciate your Kudos!!

The workspace is under premium capacity. Just discover that this error will return if the user is not assign to any of the Security Role created for the datasets. Let say i have 100 users to access the datasets, but only 20 of them will be restricted to see data that relavant to them only. So I have created security roles to assign these 20 users and they didnt hit this error. Can I conclude that I have to create a security role without any filtering in it and assign the rest of the 80 users who should not have data restriction to avoid this error ? Any other better way for these 80 users to avoid this error when accessing the dataset ? 

Yes that's the only solution I'm aware of. I generally have an empty role called "No RLS" but users have to be specifically assigned to it. We make use of Azure Security Groups to make it managable.



Ben Dobbs

LinkedIn | Twitter | Blog

Did I answer your question? Mark my post as a solution! This will help others on the forum!
Appreciate your Kudos!!

Helpful resources

Announcements
June 2022 update 768X460.jpg

Check it out!

Click here to read more about the June 2022 updates!

Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

Power BI Dev Camp Session 23 768x460.jpg

Check it Out!

Mark your calendars and join us on Thursday, June 30 at 11a PDT for a great session with Ted Pattison!

June 20 episode 7 with aka link 768x460.jpg

The Power BI Community Show

Join us on June 20 at 11 am PDT when Kim Manis shares the latest on Azure Synapse analytics, the Microsoft Intelligent Data Platform, and notable Power BI Updates from Microsoft Build 2022.

Top Solution Authors