Solved: Is it possbile that a specif user can bypass the R...

thebigwhite · ‎07-02-2020

We are facing a particular case with an User that even he is assigned to a specific role and is set as "Viewer" seems to by pass the security role.

It's extremely curious cause with all other users of our domain the role is working fine.

Are there role on Office 365 that can bypass the security role?

Thanks

thebigwhite · ‎07-22-2020

We have republished the report and re-inserted the user on the workspace.

Now the security is working fine.

I think our supplier had fixed the role which likely was not working correctly.

Thanks for your help

View solution in original post

v-shex-msft · ‎07-02-2020

HI @thebigwhite,

I'd like to suggest you check this account to confirm he only has 'read' permission of the related dataset, or the RLS filter effect will be ignored.
Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.

thebigwhite · ‎07-02-2020

The account has got only viewer permission and the dataset is not linked to Analysis services (just dataflow).

v-shex-msft · ‎07-07-2020

HI @thebigwhite,

Did this user has global admin permission of a group of specific workspaces? How did you RLS configure, have you enabled UPN on this user that mapping this user to other accounts? (if RLS is based on the user mapping table, please also take a look on it to confirm if anything specific on that user)

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.

thebigwhite · ‎07-22-2020

We have republished the report and re-inserted the user on the workspace.

Now the security is working fine.

I think our supplier had fixed the role which likely was not working correctly.

Thanks for your help

Rajnish366 · ‎01-16-2025

I am also facing similar issue. one of my user is by-passing RLS applied. User has only viewer access and is not a part on admin/contibutor/member of workspace.
Also in My model i have a bi-directional many to 1 relationship with 'Applied security at both side'. is this may a possible reason? if yes then why only for a single user?
Can someone suggest?

collinq · ‎07-02-2020

Hi @thebigwhite ,

Is this an Analysis Service live connection? According to this article, https://docs.microsoft.com/en-us/power-bi/admin/service-admin-rls "You can't define roles within Power BI Desktop for Analysis Services live connections. You need to do that within the Analysis Services model."

Also, when in Desktop and you select "View as Roles" and select the role that this person is in does it work as expected? Can you confirm that you only have this person in one single role and not conflicting roles?

I would appreciate Kudos if my response was helpful. I would also appreciate it if you would Mark this As a Solution if it solved the problem. Thanks!

Did I answer your question? Mark my post as a solution!

Proud to be a Datanaut!
Private message me for consulting or training needs.

Is it possbile that a specif user can bypass the RLS security?

I would appreciate Kudos if my response was helpful. I would also appreciate it if you would Mark this As a Solution if it solved the problem. Thanks!

Helpful resources

Join us at the Microsoft Fabric Community Conference

Power BI Monthly Update - January 2025

Fabric Community Update - January 2025

New Offer! Become a Certified Fabric Data Engineer

Is it possbile that a specif user can bypass the RLS security?

I would appreciate Kudos if my response was helpful. I would also appreciate it if you would Mark this As a Solution if it solved the problem. Thanks!

Helpful resources

Join us at the Microsoft Fabric Community Conference

Power BI Monthly Update - January 2025

Fabric Community Update - January 2025