- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Honour Row-Level Security with XMLA Endpoints
Is it currently possible to honour row-level security with the XMLA endpoint, we're pulling data to present to end users but the cubes require the effective username to be supplied, trying the ChangeEffectiveUser(.. call returns the following error
"value of the 'EffectiveUserName' XML for Analysis property is not valid."
The documents here implies that it's not possible to provide the effectiveUser..
"Operations that require Analysis Services server admin permissions (rather than database admin) such as server-level traces and user impersonation using the EffectiveUserName connection-string property are not supported in Power BI Premium at this time."
Is this true? If so is it likely to change soon?
Cheers,
Ears.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Anonymous
I would test connecting directly to make sure it works and is configured as expected.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @GilbertQ ,
Did you have any more thoughts on this, is this something you have experience of?
I could really do with an answer!
Many thanks in advance..
Ears.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Anonymous
I would then suggest to be able to pass through the UPN to to PBI Premium to allow the RLS to function.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We've tried passing the UPN by using "ChangeEffectiveUser" but we're getting the error (mentioned in my first post)
Value of the 'EffectiveUserName' XML for Analysis property is not valid.
It does mention in the link provided that it isnt' support ".. in Power BI Premium at this time"
Is this the case?
Cheers,
Ears
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Anonymous
What are you trying to do with the XMLA end point?
You would need to log into the XMLA end point, and as long as you are in a defined role with the correct permissions you should be able to query the cube.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @GilbertQ
Cheers for your response.
We're calling the XMLA Endpoint in Power Bi Premium with a service principal from an AppService in Azure - It's a intranet application we have the users UPN in context of each call we just return data to the front-end web application. (that's all working correctly)
We have a seperate system that manages the RLS , but for it to function we need to include the UPN in the request , when we try including the user UPN we got the, perviously mentioned, error!
Looking at the documentation it seems that we should be able to use the EffectiveUserName element.
I'm reading conflicting information; it should work if we grant the principal server rights, or; it's not supported in PBI Premium -
Any ideas?
Cheers,Ears.
Helpful resources
Join us at the Microsoft Fabric Community Conference
March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!
Power BI Monthly Update - January 2025
Check out the January 2025 Power BI update to learn about new features in Reporting, Modeling, and Data Connectivity.
Subject | Author | Posted | |
---|---|---|---|
10-28-2024 05:52 AM | |||
10-30-2024 12:54 AM | |||
01-19-2023 02:55 PM | |||
07-14-2024 04:13 AM | |||
06-06-2024 02:51 AM |
User | Count |
---|---|
25 | |
16 | |
11 | |
9 | |
8 |
User | Count |
---|---|
35 | |
25 | |
19 | |
14 | |
13 |