Azure Analysis Services
An Azure service that provides an enterprise-grade analytics engine.
438 questions
permissions to refresh a data model in azure analysis services
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 73%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Muhammad Pathan
25
Reputation points
I am refreshing a data model in Azure Analysis Services using an Azure Function App (C# .NET 6). I am using the Microsoft.AnalysisServices.Tabular package available at https://www.nuget.org/packages/Microsoft.AnalysisServices.NetCore.retail.amd64. When I have read access rights, which have i have been correctly added as a role user and granted permissions for in Azure Analysis Services using ad, the model refresh does not work. I get the following error: 'Azure Analysis Services database not found' (this is because it can't read the Analysis Services DB). I also cannot see the Azure Analysis Services database in SQL Server Management Studio. I can connect to the server, however, I can't expand to see the model. After this, I tried the same for process role permissions and the exact same thing happened. Following this, a new role was created with both read and process rights, which was granted correctly, again getting the same error. I finally tried with admin rights, and the model refreshed correctly. When i log in to SQL Server Management Studio and connect to azure analysis services. If i go into the database section i can click into it and correctly see the azure analysis services database (the model i will be refreshing). The problem with admin rights is that it grants high-level permissions to everything, which is bad for security, and as user i should not allowed admin rights. Are there any permissions that are lower then admin that could allow me to refresh the data model. any workarounds? I expected that read and process rights would be high enough to do what I am doing but it doesn't work code
using System;
using Microsoft.Azure.WebJobs;
using Microsoft.Extensions.Logging;
using Microsoft.AnalysisServices.Tabular;
using Azure.Identity;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Azure.WebJobs.Extensions.Http;
using Microsoft.AspNetCore.Http;
using System.Xml;
namespace refreshModel
{
public static class AnalysisServicesRefreshFunction
{
[FunctionName("AnalysisServicesRefreshFunction")]
public static async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req, ILogger log)
{
log.LogInformation($"C# HTTP trigger function executed at: {DateTime.Now}");
// Retrieve environment variables
string env = Environment.GetEnvironmentVariable("ENV");
if (string.IsNullOrEmpty(env))
{
return new BadRequestObjectResult("ENV environment variable is not found.");
}
// Analysis services details
string serverNamePrefix = "serverNamePrefix";
string serverName = serverNamePrefix + env;
string aasDatabaseName = "aasDatabaseName";
string uId = "myAdId";
string pass = "mypass";
var connectionString = $"Provider=MSOLAP;Data Source=asazure://uksouth.asazure.windows.net/{serverName}:rw;Initial Catalog={aasDatabaseName};User ID={uId};Password={pass};";
using (var server = new Server())
{
try
{
server.Connect(connectionString);
}
catch (Exception ex)
{
log.LogError($"An error occurred while connecting to the server: {ex.Message}");
return new BadRequestObjectResult($"An error occurred while connecting to the server: {ex.Message}");
}
try
{
Database database = server.Databases.FindByName(aasDatabaseName);
if (database == null)
{
return new BadRequestObjectResult("Azure analysis services database not found.");
}
Model model = database.Model;
if (model == null)
{
return new BadRequestObjectResult("Model not found.");
}
// Refresh the model
model.RequestRefresh(RefreshType.Full);
model.SaveChanges();
log.LogInformation("Data model refresh requested successfully.");
return new OkObjectResult("Data model refresh requested successfully.");
}
catch (Exception ex)
{
log.LogError($"An error occurred while refreshing the data model: {ex.Message}");
return new BadRequestObjectResult($"An error occurred while refreshing the data model: {ex.Message}");
}
}
}
}
}
Azure Analysis Services
Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,276 questions
.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,383 questions
SQL Server Analysis Services
SQL Server Analysis Services
A Microsoft online analytical data engine used in decision support and business analytics, providing the analytical data for business reports and client applications such as Power BI, Excel, Reporting Services reports, and other data visualization tools.
1,244 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 51%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)
Marc De Vreese 16 Reputation points2024-02-20T15:08:05.97+00:00 @Muhammad Pathan What did you do to get the function working ? I recall that you had a problem with the "Specified method is not supported" (https://learn.microsoft.com/en-us/answers/questions/1527630/function-app-not-connecting-to-analysis-services-s). I'm still having this problem. What we do for processing is adding a applicationId as administrator for processing.
-
Muhammad Pathan 25 Reputation points
2024-02-20T15:30:32.12+00:00 @Marc De Vreese it looks like the issue was due to managed identity not being supported or working. I switched to AD credentials and the function app worked when given admin role permissions. i am getting added as a role user for azure analysis services by admin. this is done in SQL Server Management Studio when connected to analysis services.
when i have full control through role permissions i can refresh the model. however if i only have process and read it fails. and get exception Azure Analysis Services database not found. To my knowledge you shouldn't need admin just to refresh a model. admin gives all elevated permissions to everything so i shouldn't have that. i was only given it temp to test if the model refresh was not occurring due to permissions or code. my current thoughts are that by get added as a role user and ticking process and read it is not adding low level permissions required. (Database permissions override the ability to set permissions on lower-level objects by making role options grayed out or un-selectable) If i can find out which permissions are required to read and refresh i can add that. if i clear all database permissions and try do it lower level so not go into general. instead go into cubes, dimensions and mining structures and add all required then add this as a role user.
-
PRADEEPCHEEKATLA-MSFT 77,336 Reputation points Microsoft Employee2024-02-26T08:22:59.33+00:00 @Muhammad Pathan - I agree that this issue looks strange and I wasn't able to reproduce this issue. If you have a support plan could you please file a support ticket for deeper investigation and do share the SR# with us?
Sign in to comment
1 answer
Sort by: Most helpful
-
Olaf Helper 40,816 Reputation points2024-02-19T11:14:49.3266667+00:00 -
Muhammad Pathan 25 Reputation points
2024-02-19T11:35:04.66+00:00 Already tried this
Sign in to comment -