Governance & Administration - Default Domain settings

I'm picking up my favorite topic again: Governance and Administration!

With all the Fabric announcements in the last months, some of the Admin announcements might have slipped through. As you might know, the Admin part of Fabric is dear to my heart. I've posted about it earlier here, here, here, and here, to name a few 😀.

So in the next weeks I am going to highlight a few things with short, informative posts.

Last week I wrote about the rights of the Fabric Administrator.

Today I want to make you aware of a default value of the domain settings inside Fabric.

This default value might not be the best value for you.. 😉

Domains in Fabric

A short introduction to Domains: they are essentially a way of managing and structuring your data across the organization. You can logically group together data in workspaces. A logical grouping can be business units, areas, fields, solutions or actually whatever works for you. It shouldn't be something a Fabric Admin decides on his own. Ideally business and / or enterprise architects with the data owners (if any 😐) should implement the design of domains, subdomains and owners. People from you Center of Excellence (again: if available..) would be a good fit to include in this discussion.

In case you need some help or guidance on how to set up your domains, there's a nice article that can help you get started: Best practices for planning and creating domains.

Default Domain Settings

Check your defaults! I've said it multiple times, always check default settings in your tenant, be it in the tenant settings or the domain settings.

When you create a domain (either with or without adding a domain admin explicitly), you end up with the default settings applied to that domain. Let's check what that involves.

After creating your domain and navigating to the settings you can SHOULD set the Contributors of the domain.

By default, it is set to The entire organization. I would limit it to either of the other options. Preferably tenant and domain admins, but if you have a group of people from Finance that you want to allow to add workspaces to the Finance domain, I'm happy with that too. Just don't use the default setting 😀

Luckily there's one more caveat to this that restricts it to hopefully a sligthly smaller group: the documentation points out you also have to be a workspace admin to be able to use this feature, so that limits it to people that have an admin role in the workspace.

One more reason to not give everyone the admin role in your workspace by default!

Next to that, you can also audit for these changes by checking the audit log for Fabric, specifically the UpdateDataDomainFoldersRelationsAsAdmin operation, which gives you the activities when someone assigns (or unassigns) a workspace to/from a domain.

Conclusion

Domains give you a good option to manage and group the content in your organization.

Just be aware of the default settings when you create one. Set the contributors to the tenant and domain admins, or a security group, just don't use the default!

Let me know what you think, have you seen this default setting and more importantly, did you change it in any of your domains?

Governance & Administration - Fabric Administrator Role

It's been a while since I've written on a regular cadance, so I'm picking up my favorite topic again: Governance and Administration!

With all the Fabric announcements in the last months, some of the Admin announcements might have slipped through. As you might know, the Admin part of Fabric is dear to my heart. I've posted about it earlier here, here, here, and here, to name a few 😀.

So in the next weeks I am going to highlight a few things with short, informative posts.

Today I want to talk to you about the Fabric Administrator (role).

• What rights does an Admin have?
• Are there more people that also have these rights? (Hint: YES! 😉)

Toady, I'm not talking about the governance aspects of the Admin, the Tenant settings or the Admin portal in general. I'll leave that for a next time. Or read other posts, for example by Marc on other roles and controls in Fabric or the delicate balance of governance and collaboration.

Manage Fabric Administrators

Users with this role can manage everything in Fabric, so from the Admin portal, to workspace access, and have also read access to various other parts in the Office and Azure ecosystem.

I encourage you to check who are assigned this role, because it should only be a handful of people in my opinion. You can check this in the Azure portal, under Entra ID > Roles and administrators.

Alternatively you can also search for it in the top search bar and go there directly.

Looking at the description of the role, we can see a few interesting things:

(As an Admin,) You can go to Azure and O365 Service Health to check for potential status issues with those services. You can also check and file (Premium) support tickets, depending on the license/capacity you have.

I especially want to call out the last row in the permissions:

The link there reads: microsoft.powerApps.powerBi/....

Power Platform Administrator

Now let's take a look at the Power Platform Admnistrator role description:

You might have noticed the same path there: microsoft.powerApps.

So this means, everything "below" PowerApps is also accessible, so the Power Platform Admin can also access and manage the same things the Fabric Admin can!

I also encourage you to check the people assigned to this role 😀

Just In Time Access Roles

Depending on your organizational settings, Privileged Identity Management might be enabled.
This means that people might need to activate the Fabric Admin role (for a period of time) before it becomes active. In the below screenshot you can see that Ernst and me have the role permanently assigned for Powerdobs.

But if I'm working as a consultant it usually is on a need-to-have bases, so I can e.g. activate it for 1, 2 or 8 hours. 

Looking at the picture above, you can see that there's Active and Eligible assignments. Depending on the settings and activity, people might have the PIM-role, but not activated at the moment.

Wrap up

To complete the list of access to Fabric, the Global (tenant) Admin role also has access to everything in Fabric:

• Global Admin
• Power Platform Administrator
• Fabric Administrator

People with the above roles have the same rights as the Fabric Admin.

Did you know the Power Platform Administrator has those rights?

Do you think I missed any information in this blog?

Please let me know in the comments below.

Governance & Administration - Ownership Takeover for Fabric Items

It's been a while since I've written on a regular cadance, so I'm picking up my favorite topic again: Governance and Administration!

With all the Fabric announcements in the last months, some of the Admin announcements might have slipped through. As you might know, the Admin part of Fabric is dear to my heart. I've posted about it earlier here, here, here, and here, to name a few 😀.

So in the next weeks I am going to highlight a few things with short, informative posts.

Today I want to quickly show a new feature that was just introduced, but long awaited for!

Ownership takeover for Fabric items!

Yes, you read it right, you can now TAKE OVER OWNERSHIP in Fabric! 😁

In a workspace, go to the ellipsis of the item (the 3 dots), and go to settings.

In the settings of the item you can see the Take over button:

Clicking that will show a pop-up and will start the transfer of ownership.

After a few seconds (that was my experience for the handful items I tried) you will get the notification it succeeded.

After that the (Take over) button has disappeared and will show up for the original (and other) users.

A few things to be aware of:

• You need read and write permissions to the item you want to take over
• That means a Contributor or higher role in the workspace
• Depending on the item you transfer, you might need to set up/refresh credentials for connections, as explained here
• The old way of taking ownership of Power BI items will still remain the same
• Mirrored databases are not supported (yet)
• If you're taking over a pipeline that execute's other items (like a notebook), you have to take over ownership of that item separately

For more info check the MS Learn docs: Take ownership of Fabric items.

Wrap up

This is of course especially helpful when the creator of an item left the company or that account is locked for whatever reason.

What's next you ask? The API for takeover is not yet available, and you also can't switch to a Service Principal yet. It only switches ownership to the current user at this moment.

Have you tried this feature yet?

Let me know what you think!

Closing out on 2024

It's the holiday season again, already!

This year has been marked by significant advancements in Microsoft Fabric, and Power BI in specific, and I've had the privilege of engaging with these developments both personally and professionally.

Blogging

I can say I haven't been that active on my blog, I always have a lot of plans for the new year, but motivation is still not easy.. 😆 Let's not make plans this year, but just start blogging for myself and not for others or the views, and see what that brings.

5th Year MVP

One of the highlights of the year was being recognized once again as a Microsoft MVP. It’s a privilege to be part of this amazing program, and I’m very grateful for the opportunities it provides, to share knowledge, collaborate with brilliant minds, contribute to the data community and create new friendships.

Microsoft Ignite 2024: A Glimpse into the Future

One of the biggest events this year was Microsoft Ignite 2024, held in Chicago. The conference had some great innovations, with the number one being the introduction of Fabric SQL Database (in preview). This developer-friendly, transactional database, based on Azure SQL Database, offers seamless creation of operational (OLTP) databases within Fabric. Its integration with OneLake ensures near-real-time data replication, bridging the gap between transactional and analytical processing. 

Another noteworthy feature introduced was the Metrics Hub (also in preview), setting a new standard in how organizations define, track, and share KPIs. This centralized management system integrates effortlessly with Power BI, promoting consistency and enhanced collaboration across teams. 

Community Engagements and Speaking Opportunities

This year also provided new opportunities to connect with the data community through various speaking engagements. Events like DataGrillen in Germany and the 1st Fabric Conference in Europe were particularly memorable. Sharing insights on topics such as Administration and Governance in Fabric, and engaging in lively discussions with fellow data enthusiasts, was both fulfilling and inspiring. This extended beyond sessions, with early morning runs and social gatherings strengthening the relationships with old and new friends in the community. 

Looking Ahead

As we are moving into the new year, my agenda is already filled with promising developments. The upcoming Fabric February 2025 event in Oslo, Norway, is an occasion that promises to bring together the best minds in the industry. And in March the MVP Summit in Redmond will be another highlight!
It's an exciting time to be part of the data community, and I look forward to continuing this journey with all of you, exploring new technologies, sharing knowledge, and fostering the collaborative spirit that defines our field. 

Thank you for being a part of this year's journey. Wishing you all a great New Year's Eve and an insightful 2025 ahead!

Nicky. Out.

P.S. I should mention that I did use AI to create a summary of events of my blog and my LinkedIn posts. I used that as a basis for this post.

Microsoft Ignite 2024 - My Key Highlights

Last week was the annual Microsoft Ignite conference in Chicago. In this blog, I will take you through my most important highlights of the sessions.

Fabric SQL Database (Preview): The future of SQL in the cloud

Let's get straight to the point with the biggest announcement: Fabric SQL Database! 

SQL Database in Microsoft Fabric is a developer-friendly, transactional database, based on Azure SQL Database, with which you can easily create an operational (OLTP) database in Fabric. In addition to the Fabric Lakehouse and the Warehouse, you now also have an efficient SaaS SQL database at your disposal as a developer with the performance of a transactional database and under the hood a(n extra) storage that is optimized for analytical purposes (Delta Parquet).

SQL Database in Fabric is:

• The home of OLTP workloads in Fabric
• Easy to configure and manage
• Set up for analytics by automatically replicating data to OneLake in near-real-time
• Based on the underlying technology of Mirroring in Fabric
• Under the hood, the same as Azure SQL Database, plus you have a web-based editor in the Fabric portal

With the introduction of Fabric SQL Database, Microsoft is taking traditional database management to a new level:

• Simple and secure architecture: Automated management and scaling optimizations
• Source control integration and CI/CD support: Essential for modern DevOps processes
• Capacity billing: Pausable compute resources ensure cost efficiency
• Unique cross-platform capabilities: Perform JOINs across databases, warehouses, and lakehouses

In addition to SQL Database in Fabric, the next version of SQL Server was also announced: SQL Server 2025. It is currently in Private Preview. It also supports mirroring to Fabric.

Metrics Hub: Standardized Metric management in Fabric (Preview)

The introduction of the Metrics Hub in Fabric is a new standard in how organizations define, track, and share KPIs. This new approach integrates seamlessly with Power BI and provides centralized management for metrics, enabling consistency and better collaboration. You might be thinking, this sounds familiar? You are! 😊 First there was Metrics, then Goals, and now the Metrics Hub where you can create Metric sets.

The advantage of being able to create and share metrics centrally is that you still have that one single version of the truth. Users can then use these measures in Power BI reports. But developers and data scientists can also use them in notebooks, using Semantic Link (Labs)!

Fabric AI Capacities

There will be an option to run all AI (=Copilot) compute on a separate capacity, so that other Fabric workloads are not affected by the use of Copilot. You still need at least an F64, and it's not available in all Azure regions, so be sure to check the Copilot FAQ for all your questions.

Fabric Org Apps

Org apps is a new item in your workspace, which now allows you to create an app as you did before by publishing an App in your workspace. One of the benefits of this is that you can create multiple Org apps per workspace!

In addition, you can customize more things like the design and behavior of the app. However, you can still only add items from the current workspace.

It is important to know that there is a tenant setting for Org apps that you need to activate. You can also use Org apps with a trial capacity.

Some other important updates for org apps compared to workspace apps:

• In addition to Power BI reports, you can now also add Fabric notebooks and real-time dashboards
• The distribution of org apps has been simplified, because access to underlying items (e.g. semantic models) is also applied, even in other workspaces. Users will therefore receive read access to all items that are dependent on the items in the app. These rights will also be removed when a user is deleted. There are a few exceptions, so check this.
• The items in an Org app are no longer a copy of the item, but the original items from the workspace
• Check all the differences between workspace and Org apps here

This week, an extensive blog about Org apps was also published where you can find even more information.

Power BI

• The biggest update by far: write-back with User Data Functions: native write-back integration with reusable functions and new options to link these to buttons in Power BI, with which you can update data in a source
• In the Pipeline activity, you can now refresh a semantic model at table and partition level
• Dataflow Gen2 updates: this item will soon also be supported in CI/CD (in source control and deployment pipelines)

OneLake

At the heart of Fabric is OneLake, a single central repository for all data, regardless of format. Some new developments:

• Shortcuts with Iceberg tables: Direct integrations with Snowflake and other platforms
• Mirroring: Support for Azure SQL and Snowflake (GA)
• Cross-cloud JOINs: Analyze datasets spread across different clouds and formats: You can combine SQL Database, Lakehouses and Warehouses in one query
• Open mirroring (preview): this allows you to write change data from any application directly into a mirrored database in Fabric. Open mirroring is based on the open Delta Lake table format

Platform

• Workspace monitoring (not to be confused with the Admin Monitoring workspace, this is intended for tenant insights): a database in your workspace that records log data and metrics about all items in that workspace. All of this is recorded in a real-time intelligence Eventhouse database. There are example queries in the Fabric samples GitHub. 
• Surge protection for capacities: This capability is coming soon, and it allows you to set a cap on the background workload of a capacity. This helps to better guarantee the availability of interactive workloads (such as Power BI report usage). You can set this per capacity.
• OneLake catalog: This is the new central hub to find, search, and use all Fabric items. You can use all available filters, including new ones like domains and tags. You can explore in-place items and view details.

Conclusion

Ignite 2024 showed that Microsoft is strongly committed to an integrated and future-oriented data platform, with AI and Copilot as a common thread. Innovations such as workspace monitoring, improved security through service principal support, and the advanced capabilities of the OneLake Catalog make it easier than ever to manage data effectively.

I believe that with these developments, the Microsoft Intelligent Data Platform is ready to support organizations in an increasingly data-intensive world.

Do you have any highlights from Ignite that I missed? Then let me know in the comments!


Items that are being worked on now and in the future are often public via the Fabric roadmap. There you can find per workload the items that will be worked on in the coming 6-12 months.

Some examples:

• A new Fabric navigation experience
• Support for folders for Git integration
• Better ownership of Fabric items
• Fabric Capacity Metrics Cross-capacity insights
• Capacity Metrics Chargeback

My DataGrillen Adventure: Speaking, Connecting, and New Friendships

I just got back from an incredible trip to DataGrillen, and I can’t wait to share my experiences with you. If you haven’t heard of it, DataGrillen is this amazing community-driven conference in Germany, where data professionals from around the world gather to share knowledge, ideas, and, of course, some good BBQ and beers. This year was special for me because I had the honor of speaking again at the event.

A special thanks goes out to Ben (@bweissman) & William (@sql_williamd) for organizing the event! But let's start from the beginning.

The Journey Begins

The anticipation was building as I packed up the car, later picked up Eduard Koekkoek (@heartforarts) and set off on our road trip to Germany. Eduard, a great friend and fellow data enthusiast, was the perfect companion for the journey. We spent some time on the road discussing everything from the latest in data technologies to our expectations for the conference. The drive was quite long, but the conversation made it fly by.

Stepping onto the Stage

The highlight of my trip was undoubtedly my speaking session. I had the first session at the first day, just after the opening "ceremony". The preparation that goes into a talk is always intense, but the passion I have for the subject kept me going. The topic was close to my heart, Administration and Governance in Fabric, and I was thrilled to see a room of fellow data enthusiasts ready to dive into the discussion. 

The audience was incredibly receptive, and the interaction was great. There’s something deeply fulfilling about sharing knowledge and seeing that spark of understanding and curiosity in others. The Q&A session that followed was lively, with thoughtful questions. It’s moments like these that remind me why I really like what I do.

Reconnecting with Old Friends

One of the best parts of conferences is the chance to reconnect with friends and colleagues from the industry. DataGrillen was no exception. With the change of forgetting someone, I won't call out names here 😀
It was like a reunion of sorts, seeing familiar faces, catching up on the latest in our professional and personal lives, and talking about past conferences and projects. There’s a special bond that forms when you share experiences and challenges over the years, and DataGrillen provided the perfect backdrop for these reunions.

A smaller group of people, specifically people into running, like to get together for an early run on days of a conference. We created a very special, long-running thread on Twitter (a.k.a. X), that actually started 2 years ago at DataGrillen!

Ran a little bit more 😊🥵 pic.twitter.com/dWM8mNwwo4

— Koen Verbeeck 🇺🇦 🌈 (@Ko_Ver) May 17, 2024

Furthermore, we exchanged ideas over beers and BBQ, debated the future of data technologies, and shared a lot of laughs. These moments are invaluable, and they remind me of the strength and warmth of the data community. It's not just about the work we do, but the friendships we forge along the way.

Making New Connections

While reconnecting with old friends was wonderful, making new ones was equally exhilarating. DataGrillen attracted a diverse crowd of professionals, each bringing unique perspectives and experiences. I met so many passionate individuals, each conversation was a learning opportunity, and a chance to see the data world through a different lens.

The DataGrillen Vibe

What sets DataGrillen apart is its atmosphere. The organizers have created an environment that fosters learning and networking in the most enjoyable way possible. The BBQ element adds a fun twist, making the conference feel more like a community gathering than a formal event. It’s the perfect balance of professional development and relaxation.

Looking Ahead

As Eduard and I drove back home, I felt a great sense of satisfaction and inspiration. DataGrillen was more than just a conference: it was a reminder of the incredible community we’re all part of. I left with new knowledge, strengthened friendships, and a bunch of new connections that I’m excited to nurture.

If you ever get the chance to attend DataGrillen, don’t hesitate. It’s an experience that goes beyond the sessions and keynotes – it’s about the people, the conversations, and the community. I’m already looking forward to next year’s event!

Session materials

My slides were already shared with the conference, but in case you haven't found them, you can find them at my GitHub.
I've also uploaded the template file I used in my demo for Admin Monitoring to the above page.

First page of my demo file

You can also find slides of previous conferences there. I generally follow this pattern: https://github.com/NickyvVr/talks/tree/master/slides/YYYY/yyyymmdd [Conference name]

Until next time, keep learning, keep sharing, and keep grilling!

Deprecation of Legacy Power BI Apps!

In case you missed the official blog post 2 months ago, I suggest you read my blog post :)

Or if you want you can refer to the official blog here: Announcing the retirement of legacy Power BI Apps (pre-audiences).

Already on March 6, 2023(!), Power BI apps with multiple audiences went Generally Available.

TL;DR

If you still have a pre-audience app, that is: an app that was created before app audiences where a thing, you can should upgrade your app now. Support from Microsoft will stop after April 30.

One other way you could also do the upgrade, is to unpublish your app and create the app again.

N.B. Be aware that:

• You will get a different URL (AppID) 
• Any custom changes that users did are gone, so e.g. personal bookmarks and comments

💡 Pro Tip: Only unpublish an app if you need to remove it! 

What does this actually mean?

Legacy apps will continue to work, also after May 1st. But technical support from Microsoft will stop after this date. So I do think it is a wise step to upgrade old apps.

Why do I want to upgrade?

• Content Management: In the new Power BI apps with audiences, you can have to add content via the Update app feature by navigating to the Content tab and clicking Add content. In the legacy app you used to include content by using the app toggle in the workspace. This toggle will not be supported anymore, although it is still shown in the workspace.
  
  

• Audiences: You can use different audiences for separate authorizations to a subsection of reports from the workspace. If you are using the default access request method, you also need to provide an audience group in the drop-down button with a pending access request before you can approve it.
• Content visibility: By default, all newly added content to an already published app is marked as invisible. App authors must manually unhide content for each audience group. 

More information on publishing apps, using audiences or current limitations can be found here: Publish an app in Power BI.

Upgrade process

In case you still have the legacy app, or if you haven't created an app in a workspace, the workspace might still show the old toggle button:

After you upgarde or create an (new) app, it will show either Yes, No or blank depending on the eligibility of the item to be in an app. That's because only Power BI items can be included in an app.

After you click upgrade, you'll get a notice the app was updated.

Be aware that after the upgrade your app is created withouth any audiences. So be sure to check the authorizations and shared content in the upgraded app.

Other updates to apps

Other recent updates to apps where announced here:

• The number of audiences has been increased (from 10) to 25
• You can now enable custom messaging for handling app access requests
• At the Fabric Community Conference in Las Vegas: Multiple apps per workspace coming soon!