Hi,
when we try to run the powershell script found at
https://solidcp.com/kb/configuration/active-directory-advanced-ou-segregation/
We recive the folowing error
dSHeuristics has already been set to 001
Checking Authenticated Users are part of "Pre-Windows 2000 Compatible Access" group
.. It has already been removed
Going through the Hosted Orgs
Cannot index into a null array.
At dSHeuristics.ps1:62 char:33
+ Foreach ($SubOU in $SubOUs[1..$($SubOUs.count)]){
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : NullArray
If we remowe the List Content & List Object from authenticade users then remote desktop users cannot login.
Any help on how make this work so that RDS users can only browse there OU would be apriciated.
Hello,
Did you assign your RDS Gateway servers to the "Privileged Services" group in AD?
Regards,
Trevor
Trevor, yes tried both the Privileged services and Privileged servers. I recive error message that the user is not memeber off a group that can access the gateway. If i give authinticated user List Content & List Object rights the user beloning to the OU that we remowed List Content & List Object right from authnicated users are able to login trugh the RDS gateway. Any idees on how to fix this?
Hello,
Can you confirmed the machine was rebooted once added to the group? The group permissions only apply after a reboot of the machine or if a user account once logged out and back in.
Regards,
Trevor
