Caching AD Security Groups for Offline Permissions

Networking/Security Forums -> Windows

Author: GhostyDogLocation: UK PostPosted: Thu Mar 24, 2011 3:50 pm    Post subject: Caching AD Security Groups for Offline Permissions

I have an application that uses AD security groups to apply permissions for access to device classes on end user machines as part of a endpoint security suite.

The permissions for users are based on active directory security groups.

I am getting instances that the policy in the software is not being applied correctly when end users who are mobile logon to their notebooks. This is resulting in WIFI being disabled and access to device classes being declined by the client software as a default behaviour.

Is this because the machine when in an offline state does not cache AD Security Group information? For end users who are mobile will I need to define device class permissions explicitly for the user rather than a security group that the user is a member of?

Domain is a single domain Win 2K3 Native with XP Pro SP3 clients.

Cheers for any input.


Networking/Security Forums -> Windows

output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group