Fabric/Power BI Tenant Settings to Update

Posted by March 31, 2026 in Uncategorized

When implementing a new capacity for Power BI or Fabric, there are some tenant settings that need your immediate attention before letting users deploy Power BI report.

NOTE: Always disable (Preview) features. Review monthly what is new in the Admin Tenant settings.

Publish to Web

This should be disabled immediately. This is the first possibility of data from your company being exposed outside of your environment. Not sure why this is on by default, but it should not.

 

Article content

 

 

NOTE: You should isolate the capacity/workspace for public data if this is needed and use a Security Group to limit users. There is no way to turn this on for a capacity/workspace because it is a tenant wide setting.

Users can try Microsoft Fabric paid features

Disable immediately!!! You do not want any user to create a trial. There is a limit of one trial per user, but there is a need to contain the work done in Fabric because of CUs if a workspace gets moved to a capacity from the Trial

Article content

 

NOTE: Limit this feature as much as possible or just disable.

Users can create workspaces

This can lead to workspace sprawl and should be controlled by a Security Group list of Workspace Admins.

 

Article content

 

NOTE: Create a security group to limit users that can create workspaces. Educate this group about adding users to workspace and assigning the appropriate Role, not Workspace Admin or Member, but Contributor or Viewer.

Download Reports

This can give people the underlying data in reports. It is used to help with lost pbix files, but only a select group of developers or admins should have access.

Article content

 

 

NOTE: You should not be using deployed reports as Source Control. Use GitHub or Azure DevOps even if there are no CI/CD deployments.

Users can create Fabric Items

Fortunately, the capacity can have this enabled or disabled, so those admins can control more granular.

Article content

 

NOTE: If you are only using Power BI Reports, with semantic models, this should be disabled. If needed, select a Security Group to minimize the users that can create Fabric items. Using the Fabric Metrics App to monitor usage of CUs is imperative!!!

The next article will go more into the ones that need serious review and updates for select group of users.

You May Also Like

Fabric Data Agents

Power BI Desktop Refresh–Refresh just data

About the Author: admin

Leave a Reply