CHEEKATLAPRADEEP-MSFT-zz
commented
5 years ago @24hector Thank you for your interest in Azure products and services. We are investigating and will get back to you soon.
Closed 24hector closed 5 years ago
CHEEKATLAPRADEEP-MSFT-zz
commented
5 years ago @24hector Thank you for your interest in Azure products and services. We are investigating and will get back to you soon.
24hector
commented
5 years ago Thank you for your assistance. To make things a bit more clear the setup we have is the following: We have a cube and I have created two roles on this cube that slice it in different ways based on the DAX row filters created. I want for the same user to get two different PowerBI reports each mapped to one of the two roles that provides different slice of data. For that reason I created two different Azure AD Email enabled security groups where the user is a member of and assigned these groups instead of the user itself to each of the PowerBI reports and the cube roles. My hope was that the AzureAD groups would be carried with the username of the user running the reports and would help activate the correct role in the cube. What happens though is that both roles rights are active on whichever report is run on PowerBI. An obvious solution would be to create two different cubes but I was wondering if there is a way to achive the same result without creating another cube.
CHEEKATLAPRADEEP-MSFT-zz
commented
5 years ago @Minewiskan Could you please look into this issue?
ghost
commented
5 years ago @CHEEKATLAPRADEEP-MSFT - I do not see any documentation issue here. This is a product question and should be directed to the support or forum channels.
Hi, We have a tabular model on Azure SSAS and we are generating PowerBI reports based on that model. We want to build a dynamic steering of the access of cube data based on which user logs in. By that I mean that depending on which report the user runs that a different slice of the cube is performed(with the help of dax filters). I have created different roles in the cube but I noticed that because it is the effective name that is used to pull the data from the cube, the rights of the two different roles are combined when creating the power bi report. I decided then to create two different Azure AD groups(email security) and use the groups to differentiate the data pull from the cube. The group emails were added to both power bi app and the cube roles. The result however was again the same. When one powerbi report is created, mapped to only one of the Azure AD groups and respective cube roles, data from both roles where the user belongs to are still defining the cube slice. Is there any way for one user to get different slices of a cube by being assigned two different roles(with different dax filters) in the cube itself?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.