Require Security Group Membership Constraint
Posted: Fri Nov 18, 2016 1:57 pm
I am evaluating Cerberus FTP Server ver: 126.96.36.199 running on Windows 2012 r2 using SFTP only. I am able to use AD users and associate them with a Cerberus group and use customize to assign the virtual directory and that all works as expected. I noticed that it appears any member of the AD can logon to the server. They don't get access to content but their login does not fail. To prevent this I setup a global security group to use with the Require Security Group Membership Constraint. When I enable this the test account that worked as outlined above fails the the login and logs, "AD user is not a direct member of required security group. Could not authenticate Native user 'xxxx' : Unable to find user 'xxxx' ." I have tried the simple group name and the canonical object name. Any suggestion?