From the documentation it seems that when I register my PSSC it should configure the session configuration’s security based on the RequiredGroups setting. When I am registering my PSSC it adds security for the groups in my configuration file, but it doesn’t say AccessAllowed, it shows AccessAllowedCallback. Here is my PSSC file:
@{
# Version number of the schema used for this document
SchemaVersion = '2.0.0.0'
# ID used to uniquely identify this document
GUID = 'ba4fb5c9-4874-4d29-baf2-0e0b84ce462c'
# Author of this document
Author = 'Scott Heath'
# Company associated with this document
CompanyName = 'Company'
# Copyright statement for this document
Copyright = '(c) 2019 Company. All rights reserved.'
# Session type defaults to apply for this session configuration. Can be 'RestrictedRemoteServer' (recommended), 'Empty', or 'Default'
SessionType = 'RestrictedRemoteServer'
# Creates a 'User' PSDrive in the session for use with Copy-Item when File System provider is not visible.
MountUserDrive = $true
# User roles (security groups), and the role capabilities that should be applied to them when applied to a session
# RoleDefinitions = @{ 'CONTOSO\SqlAdmins' = @{ RoleCapabilities = 'SqlAdministration' }; 'CONTOSO\SqlManaged' = @{ RoleCapabilityFiles = 'C:\RoleCapability\SqlManaged.psrc' }; 'CONTOSO\ServerMonitors' = @{ VisibleCmdlets = 'Get-Process' } }
RoleDefinitions = @{
'Company\GS-JEA-SqlDbMgmt'=@{ RoleCapabilities='SQLServerJEA' }
}
# Group accounts for which membership is required to use the session.
# RequiredGroups = @{ And = @{ Or = 'CONTOSO\SmartCard-Logon1', 'CONTOSO\SmartCard-Logon2' }, 'Administrators' }
RequiredGroups = @{ Or = 'Company\GS-JEA-SqlDbMgmt','Administrators' }
# Language mode to apply when applied to a session. Can be 'NoLanguage' (recommended), 'RestrictedLanguage', 'ConstrainedLanguage', or 'FullLanguage'
LanguageMode = 'NoLanguage'
# Execution policy to apply when applied to a session
ExecutionPolicy = 'RemoteSigned'
}