Level 2 AD Group & SQL server Microsoft Entra admin group & usage of IS_MEMBER for Row Level Security
Sandeep Kumar
0
Reputation points
Currently we are running into an issue developing Row Level Security since the IS_MEMBER
does not work for the Microsoft Entra Admin group setup for that SQL server. (https://learn.microsoft.com/en-us/sql/t-sql/functions/is-member-transact-sql?view=sql-server-ver16)
When the SQL Server is provisioned the Product Parent AD Group APP-XXX-PP-XXXX-DEV
gets set as the Microsoft Entra Admin for that server.
So now we can't have users of our system (apps/frontend) also belong to the APP-XXX-PP-XXXX-DEV
group otherwise the RLS will fail.
Any experiences with this?
Sign in to answer