Showing results for 
Search instead for 
Did you mean: 

Fabric is Generally Available. Browse Fabric Presentations. Work towards your Fabric certification with the Cloud Skills Challenge.

Impactful Individual
Impactful Individual

Nested Security Groups

Hi all,

Has anyone had any issues using nested security groups in PBI?


I found a couple of old threads but they didn't seem to answer the issue i.e. this one

We have spent some time developing a set of permissions groups to help us manage access to reports, with a single overarching main group and many subgroups (due to the number of users it's essential to be able to do this). However, it now looks like the subgroups are ignored by PBI.

Has anyone had the same issue and solved it?

Impactful Individual
Impactful Individual

Sorry to loop back to this but wondering if anyone else has come across it and found a fix? We seem to have hit the same issue again.

I did log a call with MS support but had to give up on it, they wanted me to collect fiddler traces for a user with issues that proved to be a real pain to manage (and I couldn't see how it would help as the issue must be server-side)

I have the same issue - a set of reports that I want to give different people different access to using security groups aligned to their roles and level of access.


People in the main security group can access reports but people in another security group which is a member of the main group (nested) cannot access.


I really don't want to have to expand out all the reports access - is there any update on this bug fix

There doesn't seem to be an ideal solution.


If you have your dataset and reports in separate workspaces you have to make sure there are matching security groups applied to each. You can't use the parent group on one and the subgroup on the other.

Super User
Super User

Hi @itchyeyeballs 


In theory this should work.


Could you give an example of where and how this is not working?


Also are they all Azure Active Directory Security Groups?

Did I answer your question? Mark my post as a solution!

Proud to be a Super User!

Power BI Blog


The specific issue we have is when assigning permissions to a dataset in a different workspace. The user can see the application but gets a warning that they don't have access to underlying dataset.


The parent security group is assigned correct permissions to dataset, user can only access if we add the nested security group to the permissions directly.


Yes, both parent and nested groups are security groups (not mail enabled) 

Hi @itchyeyeballs 


Thanks for the clarification.

It does appear that it is not enumerating (going down to the next level), for Security Groups.

I would log a support ticket for further investigations.

Did I answer your question? Mark my post as a solution!

Proud to be a Super User!

Power BI Blog

Helpful resources

PBI November 2023 Update Carousel

Power BI Monthly Update - November 2023

Check out the November 2023 Power BI update to learn about new features.

Community News

Fabric Community News unified experience

Read the latest Fabric Community announcements, including updates on Power BI, Synapse, Data Factory and Data Activator.

Power BI Fabric Summit Carousel

The largest Power BI and Fabric virtual conference

130+ sessions, 130+ speakers, Product managers, MVPs, and experts. All about Power BI and Fabric. Attend online or watch the recordings.

Top Solution Authors
Top Kudoed Authors