Skip to main content
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Impactful Individual
Impactful Individual

Nested Security Groups

Hi all,

Has anyone had any issues using nested security groups in PBI?


I found a couple of old threads but they didn't seem to answer the issue i.e. this one

We have spent some time developing a set of permissions groups to help us manage access to reports, with a single overarching main group and many subgroups (due to the number of users it's essential to be able to do this). However, it now looks like the subgroups are ignored by PBI.

Has anyone had the same issue and solved it?

Impactful Individual
Impactful Individual

Sorry to loop back to this but wondering if anyone else has come across it and found a fix? We seem to have hit the same issue again.

I did log a call with MS support but had to give up on it, they wanted me to collect fiddler traces for a user with issues that proved to be a real pain to manage (and I couldn't see how it would help as the issue must be server-side)

I have the same issue - a set of reports that I want to give different people different access to using security groups aligned to their roles and level of access.


People in the main security group can access reports but people in another security group which is a member of the main group (nested) cannot access.


I really don't want to have to expand out all the reports access - is there any update on this bug fix

There doesn't seem to be an ideal solution.


If you have your dataset and reports in separate workspaces you have to make sure there are matching security groups applied to each. You can't use the parent group on one and the subgroup on the other.

Super User
Super User

Hi @itchyeyeballs 


In theory this should work.


Could you give an example of where and how this is not working?


Also are they all Azure Active Directory Security Groups?

Did I answer your question? Mark my post as a solution!

Proud to be a Super User!

Power BI Blog


The specific issue we have is when assigning permissions to a dataset in a different workspace. The user can see the application but gets a warning that they don't have access to underlying dataset.


The parent security group is assigned correct permissions to dataset, user can only access if we add the nested security group to the permissions directly.


Yes, both parent and nested groups are security groups (not mail enabled) 

Hi @itchyeyeballs 


Thanks for the clarification.

It does appear that it is not enumerating (going down to the next level), for Security Groups.

I would log a support ticket for further investigations.

Did I answer your question? Mark my post as a solution!

Proud to be a Super User!

Power BI Blog

Helpful resources

Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City


Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

Top Solution Authors
Top Kudoed Authors