Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join us at FabCon Atlanta from March 16 - 20, 2026, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM. Register now.

Reply
justingraff88
Helper I
Helper I

Row Level Security Issues

‎05-09-2022 10:27 AM

I have a report which the RLS was working great. I went on PTO for two weeks and i think some permissions got changed on the workspace. I've updated everything back to what it was (everyone has viewer access except for a couple admins) but now my RLS is behaving strangly. It is dynamic for some users using userprincipalname() to filter based on their AD login. I have two roles: one that can see all with no filters, and one that uses the dynamic filter. How it was working before was the users assigned to the role with no filters could see everything, the users assigned to the dynamic role would only see entries assigned to them and if anyone else who had access to the workspace but was not in any of the roles tried to view the report the visuals would error out.

 

Now it half of the users in the dynamic role it works for and the other half is able to see everything. Also users who have access to the workspace but are not assigned a role are also able to see everything. I feel like there is some additional owner permissions granted somewhere but I have checked the permissions to the workspace and the individual report and both have everyone set to viewer. Any help would be great.

Labels:
Message 1 of 5
1,056 Views
0
4 REPLIES 4
v-luwang-msft
Community Support
Community Support

‎05-17-2022 07:15 PM

Hi @justingraff88 ,


Has your problem been solved, if so, please consider Accept a correct reply as the solution or share your own solution to help others find it.

Best Regards
Lucien

Message 5 of 5
965 Views
0
v-luwang-msft
Community Support
Community Support

‎05-12-2022 12:14 AM

Hi @justingraff88 ,

You can create a new workspace, then try to publish the report to this new workspace, then take the viewer that was previously only a viewer but had access to all the data, configure it as a viewer in the new workspace, and use that account to access the report in the new workspace to see if you can access all the data. If you can see the data, then go check the configuration of rls in the Pbix file, and if you can't see the data, go verify the role permissions in that worksapce before.

 

 

 

Did I answer your question? Mark my post as a solution!


Best Regards

Lucien

Message 4 of 5
981 Views
0
GilbertQ
Super User
Super User

‎05-09-2022 02:56 PM

Hi @justingraff88 

 

Can you also use SSMS and connect to the dataset if using PPU or Premium and then see when those users log in what they are shown as and what they are mapped to?

 

As @Tutu_in_YYC says it must be another permission which has got elevated permissions.





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 3 of 5
1,015 Views
0
Tutu_in_YYC
Super User
Super User

‎05-09-2022 01:29 PM

Hi Justin,

The only way to bypass RLS is through Workspace role. But if you have assigned everybody (but Admin) Viewer, then you have set it up correctly. Can you check if there is a AD Security Group in your workspace that may have Member or higher role? AD Security Group may contain more users, and the role will overwrite the same person that is already assigned with Viewer

 

@justingraff88 wrote:

 

... Also users who have access to the workspace but are not assigned a role are also able to see everything.

This is odd. Try publishing a dummy report with RLS to test it out?

 

Message 2 of 5
1,023 Views
0

Helpful resources

Announcements
FabCon Global Hackathon Carousel

FabCon Global Hackathon

Join the Fabric FabCon Global Hackathon—running virtually through Nov 3. Open to all skill levels. $10,000 in prizes!

October Power BI Update Carousel

Power BI Monthly Update - October 2025

Check out the October 2025 Power BI update to learn about new features.

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All
Top Solution Authors
View All