Reply
itchyeyeballs
Impactful Individual
Impactful Individual

Nested Security Groups

‎10-26-2022 04:28 AM

Hi all,

Has anyone had any issues using nested security groups in PBI?

 

I found a couple of old threads but they didn't seem to answer the issue i.e. this one https://community.powerbi.com/t5/Service/Using-AD-Groups-for-App-Viewing-Issues-with-nested-groups/m...

We have spent some time developing a set of permissions groups to help us manage access to reports, with a single overarching main group and many subgroups (due to the number of users it's essential to be able to do this). However, it now looks like the subgroups are ignored by PBI.

Has anyone had the same issue and solved it?

Labels:
Message 1 of 7
2,763 Views
0
6 REPLIES 6
itchyeyeballs
Impactful Individual
Impactful Individual

‎12-22-2022 03:08 AM

Sorry to loop back to this but wondering if anyone else has come across it and found a fix? We seem to have hit the same issue again.

I did log a call with MS support but had to give up on it, they wanted me to collect fiddler traces for a user with issues that proved to be a real pain to manage (and I couldn't see how it would help as the issue must be server-side)

Message 5 of 7
2,634 Views
Wisaacs
New Member
In response to itchyeyeballs

‎09-04-2023 07:53 AM

I have the same issue - a set of reports that I want to give different people different access to using security groups aligned to their roles and level of access.

 

People in the main security group can access reports but people in another security group which is a member of the main group (nested) cannot access.

 

I really don't want to have to expand out all the reports access - is there any update on this bug fix

Message 6 of 7
2,098 Views
0
itchyeyeballs
Impactful Individual
Impactful Individual
In response to Wisaacs

‎09-04-2023 10:21 AM

There doesn't seem to be an ideal solution.

 

If you have your dataset and reports in separate workspaces you have to make sure there are matching security groups applied to each. You can't use the parent group on one and the subgroup on the other.

Message 7 of 7
2,088 Views
0
GilbertQ
Super User
Super User

‎10-26-2022 02:53 PM

Hi @itchyeyeballs 

 

In theory this should work.

 

Could you give an example of where and how this is not working?

 

Also are they all Azure Active Directory Security Groups?





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 2 of 7
2,711 Views
0
itchyeyeballs
Impactful Individual
Impactful Individual
In response to GilbertQ

‎10-26-2022 03:00 PM

Hi,

The specific issue we have is when assigning permissions to a dataset in a different workspace. The user can see the application but gets a warning that they don't have access to underlying dataset.

 

The parent security group is assigned correct permissions to dataset, user can only access if we add the nested security group to the permissions directly.

 

Yes, both parent and nested groups are security groups (not mail enabled) 

Message 3 of 7
2,706 Views
GilbertQ
Super User
Super User
In response to itchyeyeballs

‎10-26-2022 05:23 PM

Hi @itchyeyeballs 

 

Thanks for the clarification.


It does appear that it is not enumerating (going down to the next level), for Security Groups.


I would log a support ticket for further investigations.





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 4 of 7
2,698 Views
0
avatar user

Helpful resources

Announcements
March PBI video - carousel

Power BI Monthly Update - March 2025

Check out the March 2025 Power BI update to learn about new features.

March2025 Carousel

Fabric Community Update - March 2025

Find out what's new and trending in the Fabric community.

Stop
View All
Top Solution Authors (Last Month)
View All
Top Kudoed Authors (Last Month)
View All