Hi, I've been searching on many forums to solve my issue but no luck, the GPO's "Allow log on through Remote Desktop Services" and "Deny log on through Remote Desktop Services" are working well on Windows clients but not on Linux. I created a test OU where i moved my test computer in, allowed a specific user to log on through Remote Desktop Services, results: anybody can login via ssh on my test computer. In sssd logs we can see that its not applying GPOS to the computer:
[ad_gpo_process_gpo_done] (0x0400): no applicable gpos found after dacl filtering (Fri Jun 2 15:52:06 2017) [sssd[be[domain.tld]]] [sysdb_gpo_get_gpo_result_object] (0x4000): cn=gpos,cn=ad,cn=custom,cn=domain.tld,cn=sysdb (Fri Jun 2 15:52:06 2017) [sssd[be[domain.tld]]] [sysdb_gpo_get_gpo_result_object] (0x4000): No GPO Result object. (Fri Jun 2 15:52:06 2017) [sssd[be[domain.tld]]] [ad_gpo_access_done] (0x0400): GPO-based access control successful. (Fri Jun 2 15:52:06 2017) [sssd[be[domain.tld]]] [ad_gpo_access_send] (0x0400): service systemd-user maps to Permitted (Fri Jun 2 15:52:06 2017) [sssd[be[domain.tld]]] [ad_gpo_access_done] (0x0400): GPO-based access control successful. What am i missing here? All GPOS have authenticated user default rights on it. I attached my sssd.conf here. Any help would be much appreciated Regards, Mush.
sssd.conf
Description: Binary data
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
