Native Windows Access control is pushed through group policy.
You can check if this is being used in the /etc/opt/quest/vgp/vgp.conf file.
If this is set it is in use:
ApplyWindowsHostAccess = true
Authentication Services access control consists of local files: /etc/opt/quest/vas/users.allow and users.deny.
There is also per service access control which is configured here: etc/opt/quest/vas/access.d/
Only one or the other can be used. Authentication Services always performs access control by checking local files unless you explicitly enable application of Windows access control policies on Unix hosts.
If the ApplyWindowsHostAccess option is set to true in the vgp.conf file, Authentication Services ignores local file-based access control. This means listing a user in the /etc/opt/quest/vas/users.allow or /etc/opt/quest/vas/users.deny file has no effect
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center