Posted: Thu Mar 24, 2011 3:50 pm Post subject: Caching AD Security Groups for Offline Permissions
I have an application that uses AD security groups to apply permissions for access to device classes on end user machines as part of a endpoint security suite.
The permissions for users are based on active directory security groups.
I am getting instances that the policy in the software is not being applied correctly when end users who are mobile logon to their notebooks. This is resulting in WIFI being disabled and access to device classes being declined by the client software as a default behaviour.
Is this because the machine when in an offline state does not cache AD Security Group information? For end users who are mobile will I need to define device class permissions explicitly for the user rather than a security group that the user is a member of?
Domain is a single domain Win 2K3 Native with XP Pro SP3 clients.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Looking for more Windows Networking info?
Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing! View a sample newsletter.
Become a WindowsNetworking.com member!
Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!