Changes between Version 1 and Version 2 of Ticket #1383, comment 1
- Timestamp:
- 02/05/21 19:10:11 (3 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #1383, comment 1
v1 v2 1 Nested groups in on premise AD has been tested in the past and does work: like user is in a Domain local group named "Developers" which in turn is a member of the local "OpenVPN Administrators" group. This could be managed using GPO. I haven't personally tested this with Azure, but see https://community.openvpn.net/openvpn/ticket/810for a related discussion where others have reported success with Azure AD.1 Nested groups in on premise AD has been tested in the past and does work: like user is in a Domain local group named "Developers" which in turn is a member of the local "OpenVPN Administrators" group. This could be managed using GPO. I haven't personally tested this with Azure, but see #810 https://community.openvpn.net/openvpn/ticket/810#comment25 (comment 25 onwards) for a related discussion where others have reported success with Azure AD. 2 2 3 3 Does {{{whoami /groups /fo list}}} show the "machine-name\OpenVPN Administrtaors" in the list of groups? Note that the user may have to re-login to the domain after any change in group membership for the process token to reflect it.