No authorization policies or roles defined

cn9ne · April 14, 2020, 8:12pm

Hi All -

I give up trying to figure what went wrong with this. I have ClaimsPrincipal defined AuthorizationPolicy, checked in UD console it returned true as well as checking ADgroup belongs under my name. Any idea?

21:34:34 [Debug] AuthorizationService TryRunClaimsAuthorization
21:34:34 [Debug] AuthorizationService Session ID: b40d1768-796e-4b33-99eb-fe7562f100a2
21:34:34 [Debug] AuthorizationService No valid authorization policies for session.
21:34:34 [Debug] AuthorizationService No valid roles for session.
21:34:34 [Debug] AuthorizationService Setting access and ID token.
21:34:34 [Debug] AuthorizationService Checking page home.
21:34:34 [Debug] AuthorizationService No authorization policies or roles defined.
21:34:34 [Debug] AuthorizationService Page authorized.
21:34:34 [Debug] AuthorizationService Checking page add new user.
21:34:34 [Debug] AuthorizationService No authorization policies or roles defined.
21:34:34 [Debug] AuthorizationService Page authorized.
21:34:34 [Debug] AuthorizationService Checking page sanity check.
21:34:34 [Debug] AuthorizationService Authorization policy result: False
21:34:34 [Debug] AuthorizationService No authorization policies or roles defined.

$AdminPolicy = New-UDAuthorizationPolicy -Name ‘Admin’ -Endpoint {
param($ClaimsPrincipal)

$ClaimsPrincipal.HasCLaim("http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", "S-1-5-21-2763872571-2999947588-3099097816-21XX125")
}

PS UD:\>  $ClaimsPrincipal.HasCLaim("http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", "S-1-5-21-2763872571-2999947588-3099097816-21XX125")
Executing...
True

psDevUK · April 14, 2020, 9:38pm

Hey @cn9ne I use AD to authenticate on my dashboards, I have a login page here:-

github.com

psDevUK/psUniversalDashboard/blob/master/PagesGitHub/FormLogin.ps1

New-UDAuthenticationMethod -Endpoint {
    param([PSCredential]$Credentials)
    Function Test-Credential {
        [OutputType([Bool])]

        Param (
            [Parameter(
                Mandatory = $true,
                ValueFromPipeLine = $true,
                ValueFromPipelineByPropertyName = $true
            )]
            [Alias(
                'PSCredential'
            )]
            [ValidateNotNull()]
            [System.Management.Automation.PSCredential]
            [System.Management.Automation.Credential()]
            $Credential,

            [Parameter()]

This file has been truncated. show original

then if you look at https://github.com/psDevUK/psUniversalDashboard/blob/master/FleetManagementGitHub.ps1 you will see how I am calling it…I have only ever used this method as it worked, so haven’t tried anything else…I hope this helps

cn9ne · April 15, 2020, 2:52am

Hi @psDevUK -

Thank you for the feedback. The authentication is working fine on my dashboard with Authenticated Method Windows. However, I am interested to know why the Authorization Policy does not - no output from the Get-Authorization policy. I think what I did is correct. Any input is welcomed.

cn9ne · April 15, 2020, 7:44am

Found solution here.

Topic		Replies	Views
UD 2.7.0 - AuthorizationPolicy not Working - AD Authentication w/ Claims Universal Dashboard	2	506	December 20, 2019
Windows Claims AuthorizationPolicy Not Working Universal Dashboard Help	7	733	November 26, 2019
Authorization Policies With IIS Don't Work As Expected	14	1191	April 29, 2019
WS-Federation Confusion PowerShell Universal	10	391	March 14, 2023
Windows Policy Assignment Not Working PowerShell Universal	2	296	June 12, 2023

No authorization policies or roles defined

Related Topics