Posted: Thu Mar 24, 2011 3:50 pm Post subject: Caching AD Security Groups for Offline Permissions
I have an application that uses AD security groups to apply permissions for access to device classes on end user machines as part of a endpoint security suite.
The permissions for users are based on active directory security groups.
I am getting instances that the policy in the software is not being applied correctly when end users who are mobile logon to their notebooks. This is resulting in WIFI being disabled and access to device classes being declined by the client software as a default behaviour.
Is this because the machine when in an offline state does not cache AD Security Group information? For end users who are mobile will I need to define device class permissions explicitly for the user rather than a security group that the user is a member of?
Domain is a single domain Win 2K3 Native with XP Pro SP3 clients.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum