Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.

Reply
verianalizi
Frequent Visitor

Azure AD Security Group In Lakehouse SQL analytics endpoint

Hello,

Can I access AD Security group in Lakehouse SQL analytics endpoint? I tried IS_MEMBER ('AnyGroupName')  function. But it didn't work. It returned "NULL". Do you have any idea? My aim is to create RLS security in SQL with Security Groups.

 

Below link says for IS_MEMBER function:  "... current user is a member of a database role or a Windows domain group."

 

https://learn.microsoft.com/en-us/sql/t-sql/functions/is-member-transact-sql?view=sql-server-ver16

 

Thanks in advance.

6 REPLIES 6
v-gchenna-msft
Community Support
Community Support

Hi @verianalizi ,

Thanks for using Fabric Community.

RLS security in SQL Endpoint - Fabric with Security Groups can be implemented.
For detail process please check this link for reference.

Hope this is helpful. Please let me know incase of further queries.

Hello thank you for your response but I can't access the link. "about:blank#blocked"

Hi @verianalizi ,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet .
In case if you have any resolution please do share that same with the community as it can be helpful to others .
Otherwise, will respond back with the more details and we will try to help .

Hi @verianalizi ,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet .
In case if you have any resolution please do share that same with the community as it can be helpful to others .
Otherwise, will respond back with the more details and we will try to help .

Hi @v-gchenna-msft,

 

The approach shown in the link, is using USER_NAME() for single user only.

 

 

-- Creating a function for the SalesRep evaluation
CREATE FUNCTION Security.tvf_securitypredicate(@SalesRep AS nvarchar(50))
RETURNS TABLE
WITH SCHEMABINDING
AS
RETURN SELECT 1 AS tvf_securitypredicate_result
WHERE @SalesRep = USER_NAME() OR USER_NAME() = 'manager@contoso.com';
GO

 


How can we do it for Entra ID security groups?

I have tried to do that, but I wasn't succesful. Can you provide some guidance. Please see my post: SQL Analytics Endpoint - RLS for Security Groups - Microsoft Fabric Community

Helpful resources

Announcements
RTI Forums Carousel3

New forum boards available in Real-Time Intelligence.

Ask questions in Eventhouse and KQL, Eventstream, and Reflex.

Expanding the Synapse Forums

New forum boards available in Synapse

Ask questions in Data Engineering, Data Science, Data Warehouse and General Discussion.

MayFabricCarousel

Fabric Monthly Update - May 2024

Check out the May 2024 Fabric update to learn about new features.

LearnSurvey

Fabric certifications survey

Certification feedback opportunity for the community.