Skip to main content

Power BI

New

Make access and RLS groups consistent

Vote (9) Share
Sam T.'s profile image

Sam T. on 29 Jul 2016 23:59:31

It appears that the groups used to control access to reports are not consistent with the groups used for roles in RLS.

As I understand it, after quite a bit of testing and research:

Power BI groups:
- Allow you to share reports and dashboards with a user community, controlling access - works great
- Cannot use an existing Office 365 security group, or add an Office 365 security group as a "member"

Roles defined for Row-Level Security:
- Can control what data a user sees - very helpful, works fine, I just need to learn DAX better
- Cannot add a Power BI group as a "member"

So it appears I have to set up two different groups to use these two features, and make sure I keep my users and groups synchronized manually? What a headache!

It would be very helpful if I could use an existing security group as the group for sharing reports and dashboards, and also have the option to use an office 365 or universal group there but add an existing security group as a member of the group.

And RLS roles should be able to use a Power BI access group as a member, and/or an existing security group as a member.

This will greatly simplify management, and provide much needed flexibility.

Comments (1)
Sam T.'s profile image Profile Picture

18bac547 ea3c-478b-9dea-343022088a03 on 05 Jul 2020 22:55:33

RE: Make access and RLS groups consistent

Fully Agree. Simply put, O365 unified groups should be supported for RLS. Classic mail distribution groups work, but are much more cumbersome to establish & maintain.