Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now! Learn more

Reply
Lee_D2022
Regular Visitor

RLS Only Works For Some Users

‎06-23-2022 07:12 AM

We have a problem with our RLS whereby it is working for some users and not others, for these it is displaying all records unfiltered.

 

All users have the same permission level for the Workspace and they are all in the same role (and they are not duplicated across roles either).   Also, this issue is across multiple Workspaces and datasets.

 

I've removed the workspace, recreated it, etc. as still the problem persists.

 

Any other suggestions would be greatly appreciated as Google has let me down  😊

Labels:
Message 1 of 11
1,112 Views
0
10 REPLIES 10
Lee_D2022
Regular Visitor

‎06-28-2022 02:43 AM

Hi

 

Thanks for the reply (and apolgies for not getting back sooner)

 

The users have the same permissions level in the WS (viewer) and are in the same RLS security group.

 

There are 2 different datasets in the WS and the problem persists for the same users across dataset

Message 4 of 11
1,027 Views
0
otravers
Community Champion
Community Champion
In response to Lee_D2022

‎06-28-2022 05:17 AM

Do you have an RLS role that can view everything? What's the DAX expression that defines it?

------------------------------------------------
1. How to get your question answered quickly - good questions get good answers!
2. Learning how to fish > being spoon-fed without active thinking.
3. Please accept as a solution posts that resolve your questions.
------------------------------------------------
BI Blog: Datamarts | RLS/OLS | Dev Tools | Languages | Aggregations | XMLA/APIs | Field Parameters | Custom Visuals
Message 5 of 11
1,017 Views
0
Lee_D2022
Regular Visitor
In response to otravers

‎06-28-2022 05:27 AM

It passes userprinciplename to the users name (code below)

There is a role that sees everything.  This doesn't have any filters applied.

DAX

Username =
var atpos = iferror(search("@",USERPRINCIPALNAME()),0)
return
if(atpos > 0,SUBSTITUTE(left(USERPRINCIPALNAME(),atpos-1),"."," "),"Error")
Message 6 of 11
1,014 Views
0
otravers
Community Champion
Community Champion
In response to Lee_D2022

‎06-28-2022 05:46 AM

I suggest you create a table in a new report page with each user's UPN and then a column with that DAX expression. Publish it in the service to see the UPN resolve to emails.

------------------------------------------------
1. How to get your question answered quickly - good questions get good answers!
2. Learning how to fish > being spoon-fed without active thinking.
3. Please accept as a solution posts that resolve your questions.
------------------------------------------------
BI Blog: Datamarts | RLS/OLS | Dev Tools | Languages | Aggregations | XMLA/APIs | Field Parameters | Custom Visuals
Message 7 of 11
1,009 Views
Lee_D2022
Regular Visitor
In response to otravers

‎06-28-2022 08:03 AM

That sheds a little more light on the situation.  The problem users are returning my name and, as I'm in the see all group, they can then see all.

 

Why would this happen for some users and not all of them?  Could it be how their profile is set up?

Message 8 of 11
1,000 Views
0
otravers
Community Champion
Community Champion
In response to Lee_D2022

‎06-28-2022 08:07 AM

Yeah I'd review these users' profiles in AAD and how they're different from those that work as expected.

------------------------------------------------
1. How to get your question answered quickly - good questions get good answers!
2. Learning how to fish > being spoon-fed without active thinking.
3. Please accept as a solution posts that resolve your questions.
------------------------------------------------
BI Blog: Datamarts | RLS/OLS | Dev Tools | Languages | Aggregations | XMLA/APIs | Field Parameters | Custom Visuals
Message 9 of 11
999 Views
0
Lee_D2022
Regular Visitor
In response to otravers

‎06-30-2022 07:10 AM

Just sat with the IT team and compared AAD profiles and there's nothing discernably different between the two.

Message 10 of 11
954 Views
0
otravers
Community Champion
Community Champion
In response to Lee_D2022

‎06-30-2022 07:15 AM

What happens if you just use USERPRINCIPALNAME() as the DAX expression for the "see all" profile instead of your conditional logic?

------------------------------------------------
1. How to get your question answered quickly - good questions get good answers!
2. Learning how to fish > being spoon-fed without active thinking.
3. Please accept as a solution posts that resolve your questions.
------------------------------------------------
BI Blog: Datamarts | RLS/OLS | Dev Tools | Languages | Aggregations | XMLA/APIs | Field Parameters | Custom Visuals
Message 11 of 11
951 Views
0
Tutu_in_YYC
Super User
Super User

‎06-23-2022 07:26 AM

Did you add them to the workspace with a role other than "Viewer", if yes, that would overwrite the RLS. Only "Viewer" works with RLS.

Message 2 of 11
1,102 Views
otravers
Community Champion
Community Champion
In response to Tutu_in_YYC

‎06-23-2022 07:38 AM

This is the most likely explanation. I blame Microsoft for defaulting to Member when you add users to a workspace.

------------------------------------------------
1. How to get your question answered quickly - good questions get good answers!
2. Learning how to fish > being spoon-fed without active thinking.
3. Please accept as a solution posts that resolve your questions.
------------------------------------------------
BI Blog: Datamarts | RLS/OLS | Dev Tools | Languages | Aggregations | XMLA/APIs | Field Parameters | Custom Visuals
Message 3 of 11
1,075 Views

Helpful resources

Announcements
Power BI DataViz World Championships

Power BI Dataviz World Championships

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now!

December 2025 Power BI Update Carousel

Power BI Monthly Update - December 2025

Check out the December 2025 Power BI Holiday Recap!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All