Using an "or" instead of "and" gives me the same results: "access denied" :-/ On Wed, Jul 13, 2011 at 1:05 AM, FreeLists Mailing List Manager < ecartis@xxxxxxxxxxxxx> wrote: > racktables-users Digest Tue, 12 Jul 2011 Volume: 05 Issue: 126 > > In This Issue: > [racktables-users] AD Auth Works, but Group Permissions caus > [racktables-users] Re: AD Auth Works, but Group Permissions > > ---------------------------------------------------------------------- > > Date: Tue, 12 Jul 2011 08:14:05 -0400 > Subject: [racktables-users] AD Auth Works, but Group Permissions cause me > probl > From: Jason Hamilton <jason@xxxxxxxxxxxxxxxxxx> > > Hey all, > After Denis' post about testing AD, I figured I would give it another shot. > > What I'm seeing right now is that auth against AD seems to work, but my > group access seems to be breaking my access. > When I try to login through a member of the Domain Admins group I get > "Access Denied" from Racktables: > > access denied User given tags: Target given tags: Effective explicit > tags: Effective > implicit tags: Automatic tags:$username_JasonH, $lgcn_ESX Admins, > $lgcn_Domain Admins Requested page:indexRequested tab:defaultClick here to > logout. > > > > My Rackcode looks like this: > allow {$userid_1} and {$lgcn_Domain Admins} and {$tab_default} > > Let me know what I'm doing wrong please. > > -- > > -- Jason > > > > ------------------------------ > > From: Denis Ovsienko <infrastation@xxxxxxxxx> > Subject: [racktables-users] Re: AD Auth Works, but Group Permissions cause > me p > Date: Tue, 12 Jul 2011 16:46:30 +0400 > > [...] > > Automatic tags: $username_JasonH, $lgcn_ESX Admins, $lgcn_Domain Admins > > Requested page: index > > Requested tab: default > > Clickšherešto logout. > > > > My Rackcode looks like this: > > šallow {$userid_1} and {$lgcn_Domain Admins} and {$tab_default} > > Let me know what I'm doing wrong please. > > This rackcode blocks access unless every condition is met (which is a > possible, but very narrow case). You probably mean, that any of the > conditions should permit access: > > allow {$userid_1} or {$lgcn_Domain Admins} or {$tab_default} > > -- > Denis Ovsienko > > ------------------------------ > > End of racktables-users Digest V5 #126 > ************************************** > > -- -- Jason