Currently, OneLake Security Roles must be configured individually within each Lakehouse. For organizations managing multiple Lakehouses based on data domains, this results in significant manual effort and duplication. Additionally, maintaining both Active Directory (AD) groups and separate OneLake Security Roles adds complexity and increases the risk of misalignment.