Active Directory security group
Manage access through Active Directory security groups. A distribution list is only helpful to a point. Active directory is already used for so many things, having the ability to manage the security to dashboards and reports would be very helpful.
Yes, this is must to have and I came across similar situation were I need to add 2000 users to access data source in data gateway cluster. These are very basic feature I don't know why Microsoft is not paying attention to these stuffs.
The thing is that I'm not aware that this is actually a documented requirement, in order to use a security group in Power BI. I believe we do not have security groups mail enabled. It's a matter of directory policy, in essence.
@Rgoerwit Check out my blog on implementing AD security. It sounds like your security groups are not mail enabled. https://www.skylinetechnologies.com/Blog/Skyline-Blog/April_2017/AD_Security_for_an_On-Premises_Data_Gateway
More weirdness. When I create an app and publish it, I'm given the chance to specify who should have access to it. I find I can only specify individuals. AD security groups that have been sync'd to Azure AD for our org appear in the drop-down, and I can select and add them.
But when I go back and republish the app, and I look at the list of people and groups that have access to it, the security groups are absent!
This is exactly the behavior I was seeing (seeing comments below) with data sources. It is either an interface problem or a failure to understand what us users were actually requesting. Not sure which. Maybe both?
[Deleted User] commented
Unable to add active directory groups to workspaces, can do so for content packs etc. Is this going to be included?
It seems that I can add users via an AD Security or distribution list, but the individual users are not receiving any e-mail...Am I missing something?
Can someone provide details on how to leverage that. In Desktop I see there is an active directory source I can connect to, and then I see a hundred tables that I could probably leverage to get the user/group association. But I'm not familiar with AD so I don't know where to start
Is this really implemented? Seems like everywhere I read, the gateway connector to on-premise services (and other data) is using a "single user" for access stored in the power bi portal. All other users in the organization then connect through this single user. People say "do Row Level Security" or "Use Power BI groups". As rgoerwil mentions, it leaves us the choice of double management.
Is this really done? All I can see is that access to a data source can be granted to an AD security group. The more pressing issue, though, is that we need a way to grant an AD security group access to a report.
Otherwise, we end up recreating (and hand maintaining) groups that exist already in our organizational AD trees.
I work at a college and I may want to share a report with all faculty. Believe me, I don't want to have to hand maintain a list of faculty in Power BI/Office 365, especially when our AD DCs already know who faculty are!
great enterprise feature. Does this works for 60 day trail license pro users