Issues with JEA setup

Welcome Forums General PowerShell Q&A Issues with JEA setup

This topic contains 0 replies, has 1 voice, and was last updated by  Scott Heath 6 months, 2 weeks ago.

  • Author
    Posts
  • #138669

    Participant
    Topics: 2
    Replies: 1
    Points: -8
    Rank: Member

     

    From the documentation it seems that when I register my PSSC it should configure the session configuration's security based on the RequiredGroups setting.  When I am registering my PSSC it adds security for the groups in my configuration file, but it doesn't say AccessAllowed, it shows AccessAllowedCallback.  Here is my PSSC file:

     

    @{
    # Version number of the schema used for this document
    SchemaVersion = '2.0.0.0'
    
    # ID used to uniquely identify this document
    GUID = 'ba4fb5c9-4874-4d29-baf2-0e0b84ce462c'
    
    # Author of this document
    Author = 'Scott Heath'
    
    # Company associated with this document
    CompanyName = 'Company'
    
    # Copyright statement for this document
    Copyright = '(c) 2019 Company. All rights reserved.'
    
    # Session type defaults to apply for this session configuration. Can be 'RestrictedRemoteServer' (recommended), 'Empty', or 'Default'
    SessionType = 'RestrictedRemoteServer'
    
    # Creates a 'User' PSDrive in the session for use with Copy-Item when File System provider is not visible.
    MountUserDrive = $true
    
    # User roles (security groups), and the role capabilities that should be applied to them when applied to a session
    # RoleDefinitions = @{ 'CONTOSO\SqlAdmins' = @{ RoleCapabilities = 'SqlAdministration' }; 'CONTOSO\SqlManaged' = @{ RoleCapabilityFiles = 'C:\RoleCapability\SqlManaged.psrc' }; 'CONTOSO\ServerMonitors' = @{ VisibleCmdlets = 'Get-Process' } }
    RoleDefinitions = @{
    'Company\GS-JEA-SqlDbMgmt'=@{ RoleCapabilities='SQLServerJEA' }
    }
    
    # Group accounts for which membership is required to use the session.
    # RequiredGroups = @{ And = @{ Or = 'CONTOSO\SmartCard-Logon1', 'CONTOSO\SmartCard-Logon2' }, 'Administrators' }
    RequiredGroups = @{ Or = 'Company\GS-JEA-SqlDbMgmt','Administrators' }
    
    # Language mode to apply when applied to a session. Can be 'NoLanguage' (recommended), 'RestrictedLanguage', 'ConstrainedLanguage', or 'FullLanguage'
    LanguageMode = 'NoLanguage'
    
    # Execution policy to apply when applied to a session
    ExecutionPolicy = 'RemoteSigned'
    }

     

The topic ‘Issues with JEA setup’ is closed to new replies.