Hi all,
We have plans to provide VDI to multiple organisations in the same Active Directory, separated by Organisational Units. As nothing stops users to install LDAP tools we would like to hide all containers which are not supposed to see. To do so I enabled "List Object" mode with dSHeuristics value 007.
So far everything fine but... when I untick "List contents" on a root of domain.local for Authenticated Users, Remote Desktop does not work for non-admin users anymore. Nothing in logs and all I get is "Access is Denied" when I RDP to Remote Desktop Server.
As it is my test environment I tried the following:
- Set Read for Authenticated Users on System container, as well with inheritance
- Set Full control except List contents on domain.local applied to this object only
No luck and it works only when List contents is ticked.
Please help.
Matt
Celox Group - Cloud Provider
