如何使用 Power API 或 Azure 门户提取所有 Power BI 用户和工作区访问权限?
How to extract all PowerBI users and workspace access using the PowerBI API or Azure Portal?
Power BI 新手。尝试获取有权访问每个仪表板的用户的报告。任何指针都会有所帮助。
提前致谢!
您可以使用 Get-PowerBIWorkspace from Microsoft Power BI Cmdlets to get list of workspaces and then list the members of the underlying Office 365 group (unless you are using the new preview workspaces, which has no underlying Office 365 group) using Get-UnifiedGroup cmdlet. To be able to use it, you need to Connect to Exchange Online PowerShell。然后枚举组,枚举当前组成员,并将它们导出到 CSV(或按您想要的方式处理结果)。如果您有权限,请提供 -Scope Organization 参数,或省略它以获取您的工作区列表。
Import-Module MicrosoftPowerBIMgmt
$password = "xxxxxxxx" | ConvertTo-SecureString -asPlainText -Force
$username = "xxxxxxxx@example.com"
$credential = New-Object System.Management.Automation.PSCredential($username, $password)
Connect-PowerBIServiceAccount -Credential $credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange `
-ConnectionUri https://outlook.office365.com/powershell-liveid/ `
-Credential $credential `
-Authentication Basic `
-AllowRedirection
Import-PSSession $Session
$Groups = Get-PowerBIWorkspace #-Scope Organization
$Groups | ForEach-Object {
$group = $_
Get-UnifiedGroupLinks -Identity $group.Name -LinkType Members -ResultSize Unlimited | ForEach-Object {
$member = $_
New-Object -TypeName PSObject -Property @{
Member = $member.Name
Group = $group.Name
}
}
} | Export-CSV "D:\PowerBIGroupMembers.csv" -NoTypeInformation -Encoding UTF8
Remove-PSSession $Session
Disconnect-PowerBIServiceAccount
下面是我创建的脚本。首先更改 PowerBI 凭据的用户名和密码。该脚本收集结果,然后打开两个 Out Grid windows(Workspaces 和 Workspace Users)。然后,您可以 copy/paste 将网格结果转换为 excel。这不会导出共享报告和仪表板。
我安装了两个 PBI powershell 模块。我认为此脚本仅使用 MicrosoftPowerBIMgmt。
检查您是否有 PBI 模块。
get-module -ListAvailable | where {$_.Name -like '*BI*'}
并检查可用的 cmdlet。
get-command -module MicrosoftPowerBIMgmt.Admin | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Capacities | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Data | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Profile | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Reports | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Workspaces | sort CommandType, name
get-command -module PowerBIPS | sort CommandType, name
PBI 工作区和权限
#****************
#------------------------------------------------------
# --> PBI WORKSPACES & PERMISSIONS
#
# Export PBI results to grid for copy/paste to Excel table
# * All groups (Active/Deleted)
# * All workspaces (Active)
# * All workspace permissions
#
# RestAPI call for each workspace (Group Users)
# * https://docs.microsoft.com/en-us/rest/api/power-bi/groups/getgroupusers
#
#------------------------------------------------------
#****************
#------------------------------------------------------
# --> PBI Connection
#------------------------------------------------------
Write-Host " PBI credentials ..." -ForegroundColor Yellow -BackgroundColor DarkGreen
## PBI credentials
$password = "myPassword" | ConvertTo-SecureString -asPlainText -Force
$username = "myemail@domain.com"
$credential = New-Object System.Management.Automation.PSCredential($username, $password)
## PBI connect
Connect-PowerBIServiceAccount -Credential $credential
# Login-PowerBI
#****************
#------------------------------------------------------
# --> Workspace info
#
# * Get-PowerBIWorkspace > "WARNING: Defaulted to show top 100 workspaces. Use -First & -Skip or -All to retrieve more results."
# * Grid exported for workspaces
#------------------------------------------------------
Write-Host " Workspace info ..." -ForegroundColor Yellow -BackgroundColor DarkGreen
## List all groups, Select ID desired for Variables section
## PBIWorkspace properties values are NULL if Scope is not set to Organization
# Get-PowerBIWorkspace -Scope Organization -Filter "tolower(name) eq 'BI Team POC - DEV'"
# SET
$Groups = Get-PowerBIWorkspace -Scope Organization -All | SORT @{Expression="Type"; Descending=$True}, Name
$Groups_deleted = $Groups | SELECT Id, Name, Type, State | WHERE State -EQ 'Deleted'
$Groups = $Groups | SELECT Id, Name, Type, State | WHERE State -NE 'Deleted'
$GroupWorkspaces = $Groups | WHERE Type -eq 'Workspace'
# PRINT
$Groups_deleted | Select Id, Name, Type, State | ft –auto
$Groups | Select Id, Name, Type, State | ft –auto
$GroupWorkspaces | Select Id, Name, Type | ft –auto
Get-PowerBIWorkspace -Scope Organization -Name "BI Team Sandbox" | Select Id, Name, Type | ft –auto
# OUT GRID
$GroupsWorkspaces | Select Id, Name, Type | Out-GridView
$Groups | Select Id, Name, Type | Out-GridView
$Groups_deleted | Select Id, Name, Type, State | Out-GridView
#------------------------------------------------------
## LOOP FOLDERS ##################
# * RestAPI call for each workspace (Group Users)
# * Grid exported for workspace user access
#------------------------------------------------------
# Clear variable before loop to reseat array data collector
clear-variable -name WorkspaceUsers
Write-Host " Looping ..." -ForegroundColor Yellow -BackgroundColor DarkGreen
foreach ($GroupWorkspaceId in $GroupWorkspaces.Id) {
$WorkspaceObject = Get-PowerBIWorkspace -Scope Organization -Id $GroupWorkspaceId
$pbiURL = "https://api.powerbi.com/v1.0/myorg/groups/$GroupWorkspaceId/users"
$WorkspaceObject | Select Id, Name, Type | ft –auto
Write-Host ($WorkspaceObject.Name +" | "+ $WorkspaceObject.Type) -ForegroundColor White -BackgroundColor Blue
Write-Host $GroupWorkspaceId -ForegroundColor White -BackgroundColor Blue
Write-Host $pbiURL -ForegroundColor White -BackgroundColor Blue
#****************
#------------------------------------------------------
# --> 1. API Call for WORKSPACE USERS
#------------------------------------------------------
Write-Host " API Call ..." -ForegroundColor Yellow -BackgroundColor DarkGreen
## API call
$resultJson = Invoke-PowerBIRestMethod –Url $pbiURL –Method GET
$resultObject = ConvertFrom-Json -InputObject $resultJson
## Collect data fields for each loop
$WorkspaceUsers += $resultObject.Value |
SELECT @{n='WorkspaceId';e={$GroupWorkspaceId}},
@{n='Workspace';e={$WorkspaceObject.Name}},
displayName,
emailAddress,
@{n='UserRole';e={$_.groupUserAccessRight}},
@{n='Principle';e={$_.principalType}} |
SELECT Workspace, displayName, UserRole, Principle, emailAddress |
SORT UserRole, displayName
## Print loop results
$WorkspaceUsers | ft -auto | Where{$_.WorkspaceId -eq $GroupWorkspaceId}
clear-variable -name resultJson
clear-variable -name resultObject
}
## END LOOP ##################
#------------------------------------------------------
## Export user access for all workspaces
$WorkspaceUsers | SORT Workspace, UserRole, displayName | Out-GridView
Power BI 新手。尝试获取有权访问每个仪表板的用户的报告。任何指针都会有所帮助。
提前致谢!
您可以使用 Get-PowerBIWorkspace from Microsoft Power BI Cmdlets to get list of workspaces and then list the members of the underlying Office 365 group (unless you are using the new preview workspaces, which has no underlying Office 365 group) using Get-UnifiedGroup cmdlet. To be able to use it, you need to Connect to Exchange Online PowerShell。然后枚举组,枚举当前组成员,并将它们导出到 CSV(或按您想要的方式处理结果)。如果您有权限,请提供 -Scope Organization 参数,或省略它以获取您的工作区列表。
Import-Module MicrosoftPowerBIMgmt
$password = "xxxxxxxx" | ConvertTo-SecureString -asPlainText -Force
$username = "xxxxxxxx@example.com"
$credential = New-Object System.Management.Automation.PSCredential($username, $password)
Connect-PowerBIServiceAccount -Credential $credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange `
-ConnectionUri https://outlook.office365.com/powershell-liveid/ `
-Credential $credential `
-Authentication Basic `
-AllowRedirection
Import-PSSession $Session
$Groups = Get-PowerBIWorkspace #-Scope Organization
$Groups | ForEach-Object {
$group = $_
Get-UnifiedGroupLinks -Identity $group.Name -LinkType Members -ResultSize Unlimited | ForEach-Object {
$member = $_
New-Object -TypeName PSObject -Property @{
Member = $member.Name
Group = $group.Name
}
}
} | Export-CSV "D:\PowerBIGroupMembers.csv" -NoTypeInformation -Encoding UTF8
Remove-PSSession $Session
Disconnect-PowerBIServiceAccount
下面是我创建的脚本。首先更改 PowerBI 凭据的用户名和密码。该脚本收集结果,然后打开两个 Out Grid windows(Workspaces 和 Workspace Users)。然后,您可以 copy/paste 将网格结果转换为 excel。这不会导出共享报告和仪表板。
我安装了两个 PBI powershell 模块。我认为此脚本仅使用 MicrosoftPowerBIMgmt。
检查您是否有 PBI 模块。
get-module -ListAvailable | where {$_.Name -like '*BI*'}
并检查可用的 cmdlet。
get-command -module MicrosoftPowerBIMgmt.Admin | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Capacities | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Data | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Profile | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Reports | sort CommandType, name
get-command -module MicrosoftPowerBIMgmt.Workspaces | sort CommandType, name
get-command -module PowerBIPS | sort CommandType, name
PBI 工作区和权限
#****************
#------------------------------------------------------
# --> PBI WORKSPACES & PERMISSIONS
#
# Export PBI results to grid for copy/paste to Excel table
# * All groups (Active/Deleted)
# * All workspaces (Active)
# * All workspace permissions
#
# RestAPI call for each workspace (Group Users)
# * https://docs.microsoft.com/en-us/rest/api/power-bi/groups/getgroupusers
#
#------------------------------------------------------
#****************
#------------------------------------------------------
# --> PBI Connection
#------------------------------------------------------
Write-Host " PBI credentials ..." -ForegroundColor Yellow -BackgroundColor DarkGreen
## PBI credentials
$password = "myPassword" | ConvertTo-SecureString -asPlainText -Force
$username = "myemail@domain.com"
$credential = New-Object System.Management.Automation.PSCredential($username, $password)
## PBI connect
Connect-PowerBIServiceAccount -Credential $credential
# Login-PowerBI
#****************
#------------------------------------------------------
# --> Workspace info
#
# * Get-PowerBIWorkspace > "WARNING: Defaulted to show top 100 workspaces. Use -First & -Skip or -All to retrieve more results."
# * Grid exported for workspaces
#------------------------------------------------------
Write-Host " Workspace info ..." -ForegroundColor Yellow -BackgroundColor DarkGreen
## List all groups, Select ID desired for Variables section
## PBIWorkspace properties values are NULL if Scope is not set to Organization
# Get-PowerBIWorkspace -Scope Organization -Filter "tolower(name) eq 'BI Team POC - DEV'"
# SET
$Groups = Get-PowerBIWorkspace -Scope Organization -All | SORT @{Expression="Type"; Descending=$True}, Name
$Groups_deleted = $Groups | SELECT Id, Name, Type, State | WHERE State -EQ 'Deleted'
$Groups = $Groups | SELECT Id, Name, Type, State | WHERE State -NE 'Deleted'
$GroupWorkspaces = $Groups | WHERE Type -eq 'Workspace'
# PRINT
$Groups_deleted | Select Id, Name, Type, State | ft –auto
$Groups | Select Id, Name, Type, State | ft –auto
$GroupWorkspaces | Select Id, Name, Type | ft –auto
Get-PowerBIWorkspace -Scope Organization -Name "BI Team Sandbox" | Select Id, Name, Type | ft –auto
# OUT GRID
$GroupsWorkspaces | Select Id, Name, Type | Out-GridView
$Groups | Select Id, Name, Type | Out-GridView
$Groups_deleted | Select Id, Name, Type, State | Out-GridView
#------------------------------------------------------
## LOOP FOLDERS ##################
# * RestAPI call for each workspace (Group Users)
# * Grid exported for workspace user access
#------------------------------------------------------
# Clear variable before loop to reseat array data collector
clear-variable -name WorkspaceUsers
Write-Host " Looping ..." -ForegroundColor Yellow -BackgroundColor DarkGreen
foreach ($GroupWorkspaceId in $GroupWorkspaces.Id) {
$WorkspaceObject = Get-PowerBIWorkspace -Scope Organization -Id $GroupWorkspaceId
$pbiURL = "https://api.powerbi.com/v1.0/myorg/groups/$GroupWorkspaceId/users"
$WorkspaceObject | Select Id, Name, Type | ft –auto
Write-Host ($WorkspaceObject.Name +" | "+ $WorkspaceObject.Type) -ForegroundColor White -BackgroundColor Blue
Write-Host $GroupWorkspaceId -ForegroundColor White -BackgroundColor Blue
Write-Host $pbiURL -ForegroundColor White -BackgroundColor Blue
#****************
#------------------------------------------------------
# --> 1. API Call for WORKSPACE USERS
#------------------------------------------------------
Write-Host " API Call ..." -ForegroundColor Yellow -BackgroundColor DarkGreen
## API call
$resultJson = Invoke-PowerBIRestMethod –Url $pbiURL –Method GET
$resultObject = ConvertFrom-Json -InputObject $resultJson
## Collect data fields for each loop
$WorkspaceUsers += $resultObject.Value |
SELECT @{n='WorkspaceId';e={$GroupWorkspaceId}},
@{n='Workspace';e={$WorkspaceObject.Name}},
displayName,
emailAddress,
@{n='UserRole';e={$_.groupUserAccessRight}},
@{n='Principle';e={$_.principalType}} |
SELECT Workspace, displayName, UserRole, Principle, emailAddress |
SORT UserRole, displayName
## Print loop results
$WorkspaceUsers | ft -auto | Where{$_.WorkspaceId -eq $GroupWorkspaceId}
clear-variable -name resultJson
clear-variable -name resultObject
}
## END LOOP ##################
#------------------------------------------------------
## Export user access for all workspaces
$WorkspaceUsers | SORT Workspace, UserRole, displayName | Out-GridView