Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
verianalizi
Frequent Visitor

Azure AD Security Group In Lakehouse SQL analytics endpoint

Hello,

Can I access AD Security group in Lakehouse SQL analytics endpoint? I tried IS_MEMBER ('AnyGroupName')  function. But it didn't work. It returned "NULL". Do you have any idea? My aim is to create RLS security in SQL with Security Groups.

 

Below link says for IS_MEMBER function:  "... current user is a member of a database role or a Windows domain group."

 

https://learn.microsoft.com/en-us/sql/t-sql/functions/is-member-transact-sql?view=sql-server-ver16

 

Thanks in advance.

6 REPLIES 6
Anonymous
Not applicable

Hi @verianalizi ,

Thanks for using Fabric Community.

RLS security in SQL Endpoint - Fabric with Security Groups can be implemented.
For detail process please check this link for reference.

Hope this is helpful. Please let me know incase of further queries.

Hello thank you for your response but I can't access the link. "about:blank#blocked"

Anonymous
Not applicable
Anonymous
Not applicable

Hi @verianalizi ,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet .
In case if you have any resolution please do share that same with the community as it can be helpful to others .
Otherwise, will respond back with the more details and we will try to help .

Anonymous
Not applicable

Hi @verianalizi ,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet .
In case if you have any resolution please do share that same with the community as it can be helpful to others .
Otherwise, will respond back with the more details and we will try to help .

Hi @Anonymous,

 

The approach shown in the link, is using USER_NAME() for single user only.

 

 

-- Creating a function for the SalesRep evaluation
CREATE FUNCTION Security.tvf_securitypredicate(@SalesRep AS nvarchar(50))
RETURNS TABLE
WITH SCHEMABINDING
AS
RETURN SELECT 1 AS tvf_securitypredicate_result
WHERE @SalesRep = USER_NAME() OR USER_NAME() = 'manager@contoso.com';
GO

 


How can we do it for Entra ID security groups?

I have tried to do that, but I wasn't succesful. Can you provide some guidance. Please see my post: SQL Analytics Endpoint - RLS for Security Groups - Microsoft Fabric Community

Helpful resources

Announcements
Europe Fabric Conference

Europe’s largest Microsoft Fabric Community Conference

Join the community in Stockholm for expert Microsoft Fabric learning including a very exciting keynote from Arun Ulag, Corporate Vice President, Azure Data.

AugFabric_Carousel

Fabric Monthly Update - August 2024

Check out the August 2024 Fabric update to learn about new features.

September Hackathon Carousel

Microsoft Fabric & AI Learning Hackathon

Learn from experts, get hands-on experience, and win awesome prizes.

Sept NL Carousel

Fabric Community Update - September 2024

Find out what's new and trending in the Fabric Community.