dSHeuristics
 
Notifications
Clear all

dSHeuristics

4 Posts
2 Users
0 Reactions
1,419 Views
Posts: 42
Topic starter
(@gflex)
Trusted Member
Joined: 8 years ago

Hi,

when we try to run the powershell script found at

https://solidcp.com/kb/configuration/active-directory-advanced-ou-segregation/

We recive the folowing error

dSHeuristics has already been set to 001
Checking Authenticated Users are part of "Pre-Windows 2000 Compatible Access" group
.. It has already been removed
Going through the Hosted Orgs
Cannot index into a null array.
At dSHeuristics.ps1:62 char:33
+ Foreach ($SubOU in $SubOUs[1..$($SubOUs.count)]){
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : NullArray

If we remowe the List Content & List Object from authenticade users then remote desktop users cannot login.

Any help on how make this work so that RDS users can only browse there OU would be apriciated.

3 Replies
Posts: 1509
Admin
(@trobinson)
Noble Member
Joined: 9 years ago

Hello,

Did you assign your RDS Gateway servers to the "Privileged Services" group in AD?

Regards,

Trevor

Reply
Posts: 42
Topic starter
(@gflex)
Trusted Member
Joined: 8 years ago

Trevor, yes tried both the Privileged  services and Privileged  servers. I recive error message that the user is not memeber off a group that can access the gateway. If i give authinticated user List Content & List Object rights the user beloning to the OU that we remowed List Content & List Object right from authnicated users are able to login trugh the RDS gateway. Any idees on how to fix this?

Reply
Posts: 1509
Admin
(@trobinson)
Noble Member
Joined: 9 years ago

Hello,

Can you confirmed the machine was rebooted once added to the group? The group permissions only apply after a reboot of the machine or if a user account once logged out and back in.

Regards,

Trevor

Reply
Share: