You’re offline. This is a read only version of the page.
19
I applied column security profiles to a sandbox solution, tested my access to the sandbox data tables in a Power BI connection. I confirmed the column security profiles are working, showing null values for the columns that I have secured. I published all customizations in this particular solution, exported the solution as managed. Then I imported the solution into my production environment. To confirm the column security profiles were imported, I went into the admin center and checked the column security profiles. After refreshing the page, the profiles appeared. I assumed that my sensitive data was secure, so I shared the app and applied a security role to my tester, including applying this test user to the column security profile as well. My tester then connected to the production environment tables in Power BI, using the Dataverse connection. My tester showed his screen, and the sensitive data was exposed, suggesting the column security profile did not apply.
Worked in sandbox, imported into production, then stopped working.
Does anyone know what I missed? What should I do when moving a solution to production, ensuring the security profiles transfer as well.
Thanks for your help!
Thank you @hAms and @PowerThomas for your feedback. I did not figure out what exactly was the issue, but I finally resolved it by deleting the solution (and all objects, sec roles, col sec profiles, everything) from the production environment. I then went back to the sandbox solution, and "add required objects" for each object in the solution. Three tables added to the solution, (users table, and two others). I then published all customizations, exported the solution as managed, and imported to the production environment. I had our tester connect to the production environment tables in Power BI, and navigate to the restricted columns. All showed as "null" values.
Soo that fixed it, next time I will go back to basics and be sure to check the solution has all required objects and no unmanaged solution layers before importing into prod.
Thanks for your feedback!
It sounds like you have encountered an issue with the column security profiles not being applied correctly after importing the solution into your production environment.
Here are a few things you can check to try and resolve the issue:
Confirm that the column security profiles were imported correctly in the production environment. You can check this by going to the admin center, navigating to the column security profiles, and verifying that the profiles you created in the sandbox environment are present in the production environment.
Confirm that the test user has been assigned the appropriate security role in the production environment. This will ensure that the user has the necessary permissions to access the secured columns.
Confirm that the test user has been added to the column security profile in the production environment. This will ensure that the user is only able to see the data that has been made available to them through the column security profile.
Confirm that the test user is using the correct connection when connecting to the production environment tables in Power BI. The connection should be set up to connect to the production environment, rather than the sandbox environment.
You can also check if the data source used in the Power BI report has been updated to the production environment's data source after import.
It is possible that there is an issue with the import process that is causing the column security profiles to not be applied correctly in the production environment. If you continue to experience issues, it may be helpful to contact Microsoft support for further assistance in troubleshooting the problem.
Please let me know if you have any other questions.
If my reply helped you, please give a 👍, & if it solved your issue, please 👍& Accept it as the Solution to help other community members find it more. |
@harry1848 the column is entirely restricted for all profiles by default, when column security is enabled for a specific column.
Do you have a profile where read permission for the selected column is ‘Allowed’? If so, double check if this user is part of that profile.
#1
mmbr1606
22
Super User 2025 Season 1
#2
stampcoin
19
#3
Michael E. Gernaey
15
Super User 2025 Season 1
Share
Report
All responses (
Answers (
