Page 1 of 1

Require Security Group Membership Constraint

Posted: Fri Nov 18, 2016 1:57 pm
by FrankO
I am evaluating Cerberus FTP Server ver: running on Windows 2012 r2 using SFTP only. I am able to use AD users and associate them with a Cerberus group and use customize to assign the virtual directory and that all works as expected. I noticed that it appears any member of the AD can logon to the server. They don't get access to content but their login does not fail. To prevent this I setup a global security group to use with the Require Security Group Membership Constraint. When I enable this the test account that worked as outlined above fails the the login and logs, "AD user is not a direct member of required security group. Could not authenticate Native user 'xxxx' : Unable to find user 'xxxx' ." I have tried the simple group name and the canonical object name. Any suggestion?

Re: Require Security Group Membership Constraint

Posted: Sat Nov 26, 2016 11:49 pm
by Serin
Hello Frank,

Is the user a direct member of the AD security group?