I find this very alarming. I am logged onto my home computer. I have no saved connection to my work PC / Azure AD login on this computer that I can find anywhere (System Settings > Accounts, or Excel > Data Sources).
I have a model in the Power BI service. On my work PC I did Analyze in Excel. I export the connection as an ODC file. The I copied it to my home computer.
I can now go into my home computer and open this ODC file. It does not ask me for connection credentials. It lets me query anything in the model. When I pull the UPN (through a measure I have in the model), it shows "NT Authority\SYSTEM". That's scary. So I assume my RLS won't even work. What is going on here? Seems like a major security loophole! Excel will connect to my model despite not knowing who I am (i.e. my UPN).
