Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Don't miss out! 2025 Microsoft Fabric Community Conference, March 31 - April 2, Las Vegas, Nevada. Use code MSCUST for a $150 discount. Prices go up February 11th. Register now.

Reply
svp1000
Frequent Visitor

The report cannot be viewed because the underlying dataset uses row level security

‎07-08-2024 09:34 AM

Hi All,

 

I need some help with this issue I am facing. So I used userprinciplename() and set up rls on PowerBI desktop and it works fine on the desktop when i use modeling -> view as -> username.

 

I published the report on a brand new workspace and gave viewer access to the workspace to one colleague as a test and shared a link to the report. He is getting this error "The report cannot be viewed because the underlying dataset uses row level security". Now I know that I can add them to the semantic model -> security -> add the person and they will have access but what if I eventually need to have 7000 users, will i need to give access to 7000 users individually if there is no active directory that exists for this group?

Labels:
Message 1 of 3
836 Views
0
1 ACCEPTED SOLUTION
djurecicK2
Super User
Super User

‎07-08-2024 09:58 AM

Hi @svp1000 

 

 will i need to give access to 7000 users individually if there is no active directory that exists for this group?

 

Yes, you will need to do this if you do not use groups. You should use groups.

 

You can use the following groups to set up row-level security.

 

Here is more information:

 

https://learn.microsoft.com/en-us/fabric/security/service-admin-row-level-security#working-with-memb...

 

https://guyinacube.com/2020/02/25/can-you-use-groups-with-power-bi-row-level-security-rls/

 

 

View solution in original post

Message 2 of 3
826 Views
0
2 REPLIES 2
v-yohua-msft
Community Support
Community Support

‎07-08-2024 06:46 PM

Hi, @svp1000 

Thanks for the reply from @djurecicK2 , please allow me to provide addition:

You can also try optimizing RLS, RLS filters can affect query performance, so it's critical to design your model efficiently.
Apply RLS filters primarily to dimension-type tables, which are typically small and contain attributes such as user, department, or region. Fact-type tables, which contain transactional data, should have fewer RLS filters.
Make sure your relationship is well-designed, as RLS filters spread through relationships. Follow the principles of star schema and maintain clear relationships between tables.

 

How to Get Your Question Answered Quickly 

Best Regards

Yongkang Hua

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Message 3 of 3
797 Views
0
djurecicK2
Super User
Super User

‎07-08-2024 09:58 AM

Hi @svp1000 

 

 will i need to give access to 7000 users individually if there is no active directory that exists for this group?

 

Yes, you will need to do this if you do not use groups. You should use groups.

 

You can use the following groups to set up row-level security.

 

Here is more information:

 

https://learn.microsoft.com/en-us/fabric/security/service-admin-row-level-security#working-with-memb...

 

https://guyinacube.com/2020/02/25/can-you-use-groups-with-power-bi-row-level-security-rls/

 

 

Message 2 of 3
827 Views
0

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

December 2024

A Year in Review - December 2024

Find out what content was popular in the Fabric community during 2024.

View All