使用 Azure AD B2B 将 Power BI 内容分发给外部来宾用户Distribute Power BI content to external guest users with Azure AD B2B

Power BI 与 Azure Active Directory 企业到企业 (Azure AD B2B) 集成后,即可将 Power BI 内容安全地分发给组织外的来宾用户,同时仍然可以控制内部数据。Power BI integrates with Azure Active Directory Business-to-business (Azure AD B2B) to allow secure distribution of Power BI content to guest users outside the organization, while still maintaining control over the internal data.

备注

此功能目前不可用于 Power BI 移动应用。This feature is not currently available with the Power BI mobile apps. 在移动设备上,你可以在浏览器中查看使用 Azure AD B2B 共享的 Power BI 内容。On a mobile device, you can view Power BI content shared using Azure AD B2B in a browser.

邀请来宾用户Invite guest users

有两种方法可将来宾用户邀请到 Power BI 租户:计划性邀请或临时邀请。There are two ways to invite guest users to your Power BI tenant: planned invites or ad-hoc invites. 第一次将外部用户邀请到组织时才需要邀请。Invitations are only needed the first time an external user is invited to your organization.

计划性邀请Planned invites

计划性邀请在 Microsoft Azure 门户的 Azure AD 中或使用 PowerShell 执行。A planned invite is performed within the Microsoft Azure Portal in Azure AD or using PowerShell. 如果知道必须要邀请的用户,则使用此选项。This is the option to use if you know which users must be invited.

只有成为租户管理员才能在 Azure AD 门户中创建来宾用户。Creating the guest users in the Azure AD portal requires that you be a tenant admin.

  1. 导航到 Azure 门户,选择“Azure Active Directory”。Navigate to the Azure Portal and select Azure Active Directory.

  2. 导航到“用户和组” > “所有用户” > “新来宾用户”。Navigate to Users and groups > All users > New guest user.

    Azure AD 门户 - 新来宾用户

  3. 输入“电子邮件地址”和“个人消息”。Enter the email address and personal message.

    Azure AD 门户 - 新来宾用户邀请消息

  4. 选择“邀请”。Select Invite.

若要邀请多个来宾用户,请使用 PowerShell。To invite more than one guest user, use PowerShell. 有关详细信息,请参阅 Azure Active Directory B2B 协作代码和 PowerShell 示例For more information, see Azure Active Directory B2B collaboration code and PowerShell samples.

来宾用户需要在他们收到的电子邮件邀请中选择“开始”。The guest user needs to select Get Started in the email invitation they receive. 然后就会将该来宾用户添加到租户。The guest user is then added to the tenant.

来宾用户电子邮件邀请

临时邀请Ad-hoc invites

若要在任意时间执行邀请,在发布应用前将外部用户添加到该应用的访问列表中。To perform an invite at anytime, add the external user to the access list of an app when publishing it.

被添加到应用访问列表的外部用户

该来宾用户将收到指示已与其共享应用的电子邮件。The guest user will receive an email indicating the app has been shared with them.

指示已与来宾用户共享应用的电子邮件

该来宾用户必须使用其组织电子邮件地址进行登录。The guest user must sign in with their organization email address. 完成登录后,将提示他们接受邀请。They will be prompted to accept the invitation after signing in. 登录后,系统会将来宾用户重定向到对应的应用内容。After sign in, the guest user is redirected to the app content. 若要返回该应用,可将链接设置为书签或保存该电子邮件。To return to the app, bookmark the link, or save the email.

许可Licensing

来宾用户需要获得相应的许可才能查看已共享的应用。The guest user will need to have the proper licensing in place to view the app that was shared. 有三种获得许可的方式。There are three options to accomplish this.

使用 Power BI PremiumUse Power BI Premium

将应用工作区分配到 Power BI Premium 容量后,来宾用户无需获取 Power BI Pro 许可证就能使用此应用。Assigning the app workspace to Power BI Premium capacity will allow the guest user to use the app without requiring a Power BI Pro license. 使用 Power BI Premium 时,应用还可以使用其他功能(例如加快刷新速度、专用容量及较大的模型大小)。Power BI Premium also allows for apps to take advantage of other capabilities like increased refresh rates, dedicated capacity and large model sizes.

使用 Power BI Premium

向来宾用户分配 Power BI Pro 许可证Assign Power BI Pro license to guest user

向租户内来宾用户分配 Power BI Pro 许可证后,该来宾用户即可查看内容。Assigning a Power BI Pro license to the guest user, within your tenant, allows that guest user to view the content.

备注

只有在来宾用户访问你的租户内的内容时,你的租户的 Power BI Pro 许可证才适用于来宾用户。A Power BI Pro license from your tenant applies to guest users only when they access content within your tenant.

分配租户的 Pro 许可证

来宾用户拥有自己的 Power BI Pro 许可证Guest user brings their own Power BI Pro license

在来宾用户的租户中已向来宾用户分配 Power BI Pro 许可证。The guest user already has a Power BI Pro license assigned within their tenant.

来宾用户拥有自己的许可证

限制Limitations

  • 外部 B2B 来宾仅限于使用内容。External B2B guests are limited to consumption of content only. 外部 B2B 来宾可以查看应用、仪表板、报表,导出数据以及为仪表板和报表创建电子邮件订阅。External B2B guests can view apps, dashboards, reports, export data and create email subscriptions for dashboards and reports. 他们无法访问工作区或发布自己的内容。They can't access workspaces or publish their own content.
  • 此功能目前不可用于 Power BI 移动应用。This feature is not currently available with the Power BI mobile apps. 在移动设备上,你可以在浏览器中查看使用 Azure AD B2B 共享的 Power BI 内容。On a mobile device, you can view Power BI content shared using Azure AD B2B in a browser.
  • sovereign 云(政府)内不支持通过 Power BI 使用来宾用户。Using guest users with Power BI is not supported within sovereign clouds (government).

后续步骤Next steps

有关详细信息(包括行级别安全性的工作方式),请查看白皮书For more detailed information, including how row-level security works, check out the whitepaper.

有关 Azure Active Directory B2B 的信息,请参阅什么是 Azure AD B2B 协作?For information regarding Azure Active Directory B2B, see What is Azure AD B2B collaboration?