Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started
Hello. Before I get started with my complex request, I will say I have exhausted bing, google, and youtube before posting here. Also due to the nature of my work I cannot supply examples or screenshots, but I can easily describe my problem. I hope there is a low overhead solution:
My team uses PowerBI Desktop to produce a report on a weekly basis. We publish a report with a dated filename every Monday.
(20220822_ReportName.pbix, 20220829_Report.pbix, 20220905_Report.pbix, etc). With these examples, on 8/29, we take the 8/22 report, save it as a new copy: 8/29, refresh data. Save, and Publish to the Service for consumption by Leadership. We have multiple reports available and we archive for historical purposes. We also archive the pbix file so that if someone needs a tweek made to a published report, we can do it with the pbix file that is at the refreshed state of the time of publish. Otherwise we would have to strip out loads of newer backend data to refresh a newer pbix to only show the older data... Yeah that part might be a little confusing... but each published file comes from a copy of the previous pbix but refreshed data of the current week. Next week will be this week's pbix, saved as next weeks date and then refreshed with next weeks updated backend files. This week's file stays this weeks data for historical purposes.
I have implemented ROW Level security on the Service to allow an access list to be created on the relevant dataset so that people in different departments can see only their department's data within the reports and drill throughs.
My problem starts here. When I make a copy of last weeks pbix (to preserve the "manage roles"), refresh my report and publish as this weeks report, I have to go into the service and completely rebuild my Access list on the new dataset.
My access list is over 70 people. There has GOT to be a way carry this security access list forward to the newer dataset without having to re-invent the list? Ive seen some talk about dynamic row level security but its my understanding that it would check some sort of 3rd party access list to validate? and this is not available for my situation. Thanks!
Solved! Go to Solution.
Hi @new2pbix
If you publish a pbix with a different name every time, it generates a new dataset in the service. You need to implement RLS security for the new dataset on the Service. This is by design. Dynamic Row Level is applied in a single dataset just like the static RLS, so it is not applicable in your case.
I wonder how many roles are created in the pbix? If there are only several roles, for example, 5 roles, you can create 5 Security Groups in your organization that every group is for a specific role. Then distribute 70 members to the corresponding groups. When you manage security access list in the service, you just need to add 5 groups to their related roles. Members in a group will have role that their group is added to. This will be simpler than managing lists of 70 people.
You can use the following groups to set up row level security.
Note, however, that Office 365 groups are not supported and cannot be added to any roles.
See Add members section in Row-level security (RLS) with Power BI - Power BI | Microsoft Docs
Compare groups - Microsoft 365 admin | Microsoft Docs
Best Regards,
Community Support Team _ Jing
If this post helps, please Accept it as Solution to help other members find it.
Hi @new2pbix
If you publish a pbix with a different name every time, it generates a new dataset in the service. You need to implement RLS security for the new dataset on the Service. This is by design. Dynamic Row Level is applied in a single dataset just like the static RLS, so it is not applicable in your case.
I wonder how many roles are created in the pbix? If there are only several roles, for example, 5 roles, you can create 5 Security Groups in your organization that every group is for a specific role. Then distribute 70 members to the corresponding groups. When you manage security access list in the service, you just need to add 5 groups to their related roles. Members in a group will have role that their group is added to. This will be simpler than managing lists of 70 people.
You can use the following groups to set up row level security.
Note, however, that Office 365 groups are not supported and cannot be added to any roles.
See Add members section in Row-level security (RLS) with Power BI - Power BI | Microsoft Docs
Compare groups - Microsoft 365 admin | Microsoft Docs
Best Regards,
Community Support Team _ Jing
If this post helps, please Accept it as Solution to help other members find it.
Thanks for your reply. This is very thorough and informative. Exactly the answer I needed, even though I cannot implement it in my environment. Ive tested and determined that the only way to get where I need to be on this is to publish a report and overwrite that report every week so that the security settings are retained on the single dataset.
Check out the September 2024 Power BI update to learn about new features.
Learn from experts, get hands-on experience, and win awesome prizes.
User | Count |
---|---|
113 | |
105 | |
99 | |
39 | |
30 |