My existing dashboard has been using Azure AD for the login method. I’m adding new pages that I want restricted to our help desk. I’ve created an authorization policy and applied it to the first restricted page. It successfully keeps the page from showing up, but for everyone, regardless of group membership. When I type the URL in to the page after login, I can see the page navbar and footer, but no content
So far I’ve validated my test users are showing in the group in Azure AD and the objectID of the group is correct in my script. I’ve also been using the troubleshooting tips from this post on GitHub:
I still haven’t figured out how to get the tokeb to parse it out. I tried the .NET object in PowerShell, but it didn’t recognize it. Trying to debug in PS returned a ‘cannot debug default runspace’ error (I’m sure I’m doing it wrong).
When I login in IE 11 with the debugger on and the ‘Wait-Debugger’, I do see a very long hash returned, but it’s so fast I can’t screenshot it. It returns to a blank screen after login.
I’m using version 2.1.0 Enterprise on IIS 10
my script:
$authPolicy = New-UDAuthorizationPolicy -Name “techs” -Endpoint {
param($User)
Wait-Debugger #when troubleshooting
$User.HasClaim(“groups”, “3be93384-fce8-43bd-8e42-8dbdd41d750e”)
}
$loginPage = New-UDLoginPage -AuthenticationMethod $Method -Logo $Logo `
-PageBackgroundColor ‘#000000’ -WelcomeText ‘MULTI PASS’ `
-LoginFormBackgroundColor ‘#000000’ -LoginFormFontColor “#000000” -AuthorizationPolicy $authPolicy
Start-UDDashboard -Dashboard $login -Wait -AutoReload -PublishedFolder $folder -Endpoint $endpoint -Certificate $cert
