Sam T. on 29 Jul 2016 23:59:31
It appears that the groups used to control access to reports are not consistent with the groups used for roles in RLS.
As I understand it, after quite a bit of testing and research:
Power BI groups:
- Allow you to share reports and dashboards with a user community, controlling access - works great
- Cannot use an existing Office 365 security group, or add an Office 365 security group as a "member"
Roles defined for Row-Level Security:
- Can control what data a user sees - very helpful, works fine, I just need to learn DAX better
- Cannot add a Power BI group as a "member"
So it appears I have to set up two different groups to use these two features, and make sure I keep my users and groups synchronized manually? What a headache!
It would be very helpful if I could use an existing security group as the group for sharing reports and dashboards, and also have the option to use an office 365 or universal group there but add an existing security group as a member of the group.
And RLS roles should be able to use a Power BI access group as a member, and/or an existing security group as a member.
This will greatly simplify management, and provide much needed flexibility.