I’m running into the same issues as above. I’m stumped I’m using my login as test here and have taken myself out of the groups in my claims for the time being. But I’m still able to load both dashboards. I know the login page is working because I get the Sign Out button when I load the webpage. So it has to be the claims not taking effect. Unfortunately when I attempt to Enable-UDLogging IIS won’t start. Is there a certain place that needs to be called in the dashboard.ps1? If it helps my current running version of UD is 2.2.1.
I’ve configured IIS for Windows Authentication per - https://github.com/adamdriscoll/universal-dashboard-documentation/blob/master/security/authentication/windows.md
My Claims are setup like so:
$SupportPolicy = New-UDAuthorizationPolicy -Name "Support" -Endpoint{
param($ClaimsPrincipal)
$ClaimPrincipal.HasClaim("http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", "S-1-5-21-48200957-2212589444-2584372378-1151")
}
$AdminPolicy = NewUDAuthorizationPolicy -Name "Admin" -Endpoint{
param($ClaimsPrincipal)
$ClaimPrincipal.HasClaim("http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", "S-1-5-21-48200957-2212589444-2584372378-20173")
}
Login Page:
$Auth = New-UDAuthenticationMethod -Windows
$LoginPage = New-UDLoginPage -AuthenticationMethod $Auth -PassThru -AuthorizationPolicy
@($SupportPolicy, $AdminPolicy)
Support Page:
New-UDPage -Name "Support-Tools" -AuthorizationPolicy @("Admin", "Support") -Icon user -Content{...
Admin (Dev) Page:
New-UDPage -Name "Dev-Board" -AuthorizationPolicy "Admin" -Icon user -Content{...
Any idea how to fix logging and or why the claims aren’t processing correctly?