Home » Microsoft » DA-100 v.2 » Which data modeling design should you use?
You have four sales regions. Each region has multiple sales managers.
You implement row-level security (RLS) in a data model. You assign the relevant distribution lists to each role.
You have sales reports that enable analysis by region. The sales managers can view the sales records of their region. The sales managers are prevented from viewing records from other regions.
A sales manager changes to a different region.
You need to ensure that the sales manager can see the correct sales data.
What should you do?
A. Change the Microsoft Power BI license type of the sales manager.
B. From Microsoft Power BI Desktop, edit the Row-Level Security setting for the reports.
C. Request that the sales manager be added to the correct Azure Active Directory group.
D. Manage the permissions of the underlying dataset.
Correct Answer: C
Explanation/Reference:
Using AD Security Groups, you no longer need to maintain a long list of users.
All that you will need to do is to put in the AD Security group with the required permissions and Power BI will do the REST! This means a small and simple security file with the permissions and AD Security group.
Note: Configure role mappings
Once published to Power BI, you must map members to dataset roles.
Members can be user accounts or security groups. Whenever possible, we recommend you map security groups to dataset roles. It involves managing security group memberships in Azure Active Directory. Possibly, it delegates the task to your network administrators.
Reference:
https://www.fourmoo.com/2018/02/20/dynamic-row-level-security-is-easy-with-active-directory-security-groups/ https://docs.microsoft.com/en-us/power-bi/guidance/rls-guidance