Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Get Fabric Certified for FREE during AI Skills Fest. This week only. Secure your voucher now.

Reply
mcapaldi
Regular Visitor

Roles/permissions needed for remote Lakehouse access

‎04-29-2026 11:56 AM

In our organization we are running into an issue where staff on the IT team are able to connect to our Lakehouses remotely via the SQL endpoint but our analytics team are not. The IT and security teams have been trying to identify what permission is different, but were unable to. This is the error message our analytics team get but IT do not.

A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - The wait operation timed out.)

 

We have tested with multiple people on both teams so it does appear to be something in our team structure. It does not matter what access level the user has in the Lakehouse (we tested an IT as a viewer and Analytics as admin, and only the IT member was able to get in).

 

Can anyone point us in the right direction for the permissions/setup needed to give the analysts access?

Labels:
Message 1 of 5
443 Views
0
1 ACCEPTED SOLUTION
mcapaldi
Regular Visitor

‎04-30-2026 10:22 AM

In case anyone runs into similar errors, once we checked all of our permissions were set up correctly, we actually identified the issue to be the wifi at the work location of the analytics team. The analytics team were able to connect to the lakehouse off site without issue. IT is working to find the specific problem on the network

View solution in original post

Message 3 of 5
345 Views
0
4 REPLIES 4
v-shchada-msft
Community Support
Community Support

‎05-07-2026 03:59 AM

Hi @mcapaldi,

Could you please confirm whether your issue has been resolved or if you're still facing challenges? Your update will be valuable to the community and may assist others with similar concerns.

Thank you.

Message 5 of 5
208 Views
0
mcapaldi
Regular Visitor

‎04-30-2026 10:22 AM

In case anyone runs into similar errors, once we checked all of our permissions were set up correctly, we actually identified the issue to be the wifi at the work location of the analytics team. The analytics team were able to connect to the lakehouse off site without issue. IT is working to find the specific problem on the network

Message 3 of 5
346 Views
0
v-shchada-msft
Community Support
Community Support
In response to mcapaldi

‎05-04-2026 05:13 AM

Hi @mcapaldi,
Thank you for reaching out to the Microsoft Fabric Community Forum.

As you mentioned earlier, IT is working to find the specific problem on the network. Could you please confirm whether your issue has been resolved or if you are still facing any challenges?

Your confirmation will help us understand the current status and will also be valuable for others in the community who may encounter a similar scenario.

Thank you.

Message 4 of 5
260 Views
0
MJParikh
Super User
Super User

‎04-29-2026 02:51 PM

Hi @mcapaldi,

The error ("TCP Provider, error: 0, The wait operation timed out") in Fabric Lakehouse context is almost always a permissions gap, not a network issue. The key insight: granting a user any Lakehouse role (even admin) does not automatically create a SQL user or grant SQL endpoint access. These are two separate permission layers in Fabric.

The IT team likely has workspace-level roles (Member or above) that inherit SQL endpoint access automatically, while the analytics team only has item-level or Lakehouse-level permissions.

There are two distinct permission paths. Here is the likely gap:

  • Workspace roles: Any user with at least a Viewer role on the workspace automatically gets read access to all SQL endpoints in that workspace. IT staff probably have this; analytics team likely does not.
  • Item-level permissions ("Manage Permissions"): If users are outside the workspace, you must explicitly share the Lakehouse and grant "Read all SQL Analytics Endpoint Data". Just sharing the Lakehouse item alone is not enough.
  • No workspace access at all: Users must be added to the workspace OR given explicit item-level permissions. Neither alone is guaranteed to work unless you follow the right path.

Review below steps to fix the issue

  1. Go to the Lakehouse in Fabric and select Manage Permissions
  2. Add the analytics team users or their group
  3. Grant "Read all SQL Analytics Endpoint Data" permission
  4. If you need more granular control (table-level), add users without checking any options (this grants CONNECT only), then run GRANT SELECT ON <table> TO <user> inside the SQL endpoint

Alternatively, if analytics users need full workspace access anyway, add them as Viewer to the workspace. That automatically covers SQL endpoint read access without any extra steps.

The test where you set IT as Viewer and Analytics as Admin, yet IT still worked, confirms the issue is not about Lakehouse role level. The IT team's broader workspace membership is what carried the SQL endpoint access. Analytics team members, regardless of their Lakehouse role, were missing the workspace-level membership or the specific "Read all SQL Analytics Endpoint Data" item permission.



Thank you!
Proud to be a Super User!
📩 Need more help?
✔️ Don’t forget to Accept as Solution if this guidance worked for you.
💛 Your Like motivates me to keep helping

Message 2 of 5
397 Views

Helpful resources

Announcements
June Fabric Update Carousel

Fabric Monthly Update - June 2026

Check out the June 2026 Fabric update to learn about new features.

Fabric SQL PBI Data Days

Data Days 2026 coming soon!

Sign up to receive a private message when registration opens and key events begin.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

View All