March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount! Early bird discount ends December 31.
Register NowBe one of the first to start using Fabric Databases. View on-demand sessions with database experts and the Microsoft product team to learn just how easy it is to get started. Watch now
Hi,
The reporting setup is on-premise and consists of Power BI Report Server, has various types of PBIX files in imported mode and few direct query access and many other.
There is AD based authetication provisioned to all the above PBIX reports.
There is no SSAS and the PBIX files are linked to SQL Server.
Issue :
When I try to open the web URL of Power BI I get the popup as attached in the screenshot. I am already logged in into the Computer and still asks for Authentication. When I give the credentials it takes me to the Report Folders and so on and does ask for further authentication to the PBIX files and so on.
Is there a possibility that this extra step of Authentication is removed when users have already logged in into the machines?
What is your authentication setting? Are you using Kerberos?
Currently, we are using Active Directory to give access to the PBIX files. Users use a the Report Server weblink and a prompt comes up asking for authentication. Users use their Windows Credentials to login.
Regards,
KK
After further communications and readings I found that "smoupre" has commented about the single sign-on using ADFS Server. below is the link
https://community.powerbi.com/t5/Service/Single-Sign-on-for-Power-BI/td-p/221115
I am trying to find the documentation references for implementation of this but also there is only little I can do here to implement due to the nature of the project. I am trying to get the information from Power BI developer/solutions perspective what information should I be sharing with the Infrastructure team so that they can implement it.
In addition to ADFS Server, there is another option "Azure AD Pass Through Authentication".
Regards,
KK
Hi, it is hard to be sure (because you offuscated your URL), but I guess that you are using a FQDN name on your URL. Are you?
If yes, by security reasons, your browser will not try to impersonate the authenticated user. To solve this problem, you sould add your domain to the Local Intranet configuration of your browser (something like *.yourdomain.com). This can also be done for all the machines using a police on AD.
You can find more about it on the following link : https://support.microsoft.com/en-us/help/303650/intranet-site-is-identified-as-an-internet-site-when...
March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!
User | Count |
---|---|
3 | |
2 | |
2 | |
1 | |
1 |
User | Count |
---|---|
4 | |
4 | |
4 | |
3 | |
3 |