Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

View all the Fabric Data Days sessions on demand. View schedule

Reply
selvaskm
Frequent Visitor

RLS - Limit users belongs only to that department

‎07-04-2024 08:43 AM

Hi Experts,

I have a users table in my dataset as below. (This table is disconnected)

selvaskm_0-1720107435639.png


I need to implement RLS, where users belongs only to the "HR" department must not see any data, whereas the rest of users have to see all the data in the report.

Summary:
User3 and User5  - Data restricted as whole
Remaining Users - Access to All data.

How can we create DAX under role to achieve this.
Pls advice

Labels:
Message 1 of 4
572 Views
0
1 ACCEPTED SOLUTION
Anonymous
Not applicable

‎07-08-2024 01:21 AM

Hi @selvaskm ,

 

First of all, thanks @NaveenGandhi  for the quick reply. Allow me to provide additional insights:
You can use the following DAX:

 

COUNTROWS(FILTER('user_table',[username]==USERPRINCIPALNAME() && [department] <>"HR"))>0

 

vtangjiemsft_0-1720426668965.png

Then the result is as follows.

vtangjiemsft_1-1720426705897.pngvtangjiemsft_2-1720426743675.png

 

Best Regards,

Neeko Tang

If this post  helps, then please consider Accept it as the solution  to help the other members find it more quickly. 

View solution in original post

RLS - Limit users belongs only to that department.pbix
Message 4 of 4
429 Views
3 REPLIES 3
Anonymous
Not applicable

‎07-08-2024 01:21 AM

Hi @selvaskm ,

 

First of all, thanks @NaveenGandhi  for the quick reply. Allow me to provide additional insights:
You can use the following DAX:

 

COUNTROWS(FILTER('user_table',[username]==USERPRINCIPALNAME() && [department] <>"HR"))>0

 

vtangjiemsft_0-1720426668965.png

Then the result is as follows.

vtangjiemsft_1-1720426705897.pngvtangjiemsft_2-1720426743675.png

 

Best Regards,

Neeko Tang

If this post  helps, then please consider Accept it as the solution  to help the other members find it more quickly. 

RLS - Limit users belongs only to that department.pbix
Message 4 of 4
430 Views
selvaskm
Frequent Visitor

‎07-04-2024 09:55 PM

Hi @NaveenGandhi 
Thanks for reply.
In my dataset relationship is not there between user_table and fact_table.
As we need to see "Full data" or "No data" for certain users.

VAR loggeduser = MAXX(FILTER( UsersTable, UsersTable[username] = USERPRINCIPLENAME() ), UsersTable[Department])
RETURN
IF(loggeduser <> "HR", TRUE(), FALSE()
)

it gives expected results when as user is belongs to HR alone (1 record only in usertable),
but if a user have more departments then it will take maximum value.
In that case we may have incorrect access 


Message 3 of 4
491 Views
0
NaveenGandhi
Super User
Super User

‎07-04-2024 09:55 AM

Hi @selvaskm 

https://learn.microsoft.com/en-us/fabric/security/service-admin-row-level-security

You definetly need a relationship between the secuirty table and you main table. Once you have a relationship follow the above first 8 steps in "Define roles and rules in Power BI Desktop

" section. But in the 6th step use below DAX



NOT([department] = "HR")


Then follow the steps on "Manage security on your model" section in the same article and add the emails of users except HR.

Test the RLS once setup.
 

 If this post helps, then please consider Accept it as the solution to help the others find it more quickly. Appreciate you kudos!!





Message 2 of 4
543 Views
0

Helpful resources

Announcements
November Power BI Update Carousel

Power BI Monthly Update - November 2025

Check out the November 2025 Power BI update to learn about new features.

Fabric Data Days Carousel

Fabric Data Days

Advance your Data & AI career with 50 days of live learning, contests, hands-on challenges, study groups & certifications and more!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All
Top Solution Authors
View All