- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Nested Security Groups
Hi all,
Has anyone had any issues using nested security groups in PBI?
I found a couple of old threads but they didn't seem to answer the issue i.e. this one https://community.powerbi.com/t5/Service/Using-AD-Groups-for-App-Viewing-Issues-with-nested-groups/m...
We have spent some time developing a set of permissions groups to help us manage access to reports, with a single overarching main group and many subgroups (due to the number of users it's essential to be able to do this). However, it now looks like the subgroups are ignored by PBI.
Has anyone had the same issue and solved it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry to loop back to this but wondering if anyone else has come across it and found a fix? We seem to have hit the same issue again.
I did log a call with MS support but had to give up on it, they wanted me to collect fiddler traces for a user with issues that proved to be a real pain to manage (and I couldn't see how it would help as the issue must be server-side)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have the same issue - a set of reports that I want to give different people different access to using security groups aligned to their roles and level of access.
People in the main security group can access reports but people in another security group which is a member of the main group (nested) cannot access.
I really don't want to have to expand out all the reports access - is there any update on this bug fix
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There doesn't seem to be an ideal solution.
If you have your dataset and reports in separate workspaces you have to make sure there are matching security groups applied to each. You can't use the parent group on one and the subgroup on the other.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In theory this should work.
Could you give an example of where and how this is not working?
Also are they all Azure Active Directory Security Groups?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
The specific issue we have is when assigning permissions to a dataset in a different workspace. The user can see the application but gets a warning that they don't have access to underlying dataset.
The parent security group is assigned correct permissions to dataset, user can only access if we add the nested security group to the permissions directly.
Yes, both parent and nested groups are security groups (not mail enabled)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the clarification.
It does appear that it is not enumerating (going down to the next level), for Security Groups.
I would log a support ticket for further investigations.
