From the documentation it seems that when I register my PSSC it should configure the session configuration’s security based on the RequiredGroups setting. When I am registering my PSSC it adds security for the groups in my configuration file, but it doesn’t say AccessAllowed, it shows AccessAllowedCallback. Here is my PSSC file:
@{ # Version number of the schema used for this document SchemaVersion = '2.0.0.0' # ID used to uniquely identify this document GUID = 'ba4fb5c9-4874-4d29-baf2-0e0b84ce462c' # Author of this document Author = 'Scott Heath' # Company associated with this document CompanyName = 'Company' # Copyright statement for this document Copyright = '(c) 2019 Company. All rights reserved.' # Session type defaults to apply for this session configuration. Can be 'RestrictedRemoteServer' (recommended), 'Empty', or 'Default' SessionType = 'RestrictedRemoteServer' # Creates a 'User' PSDrive in the session for use with Copy-Item when File System provider is not visible. MountUserDrive = $true # User roles (security groups), and the role capabilities that should be applied to them when applied to a session # RoleDefinitions = @{ 'CONTOSO\SqlAdmins' = @{ RoleCapabilities = 'SqlAdministration' }; 'CONTOSO\SqlManaged' = @{ RoleCapabilityFiles = 'C:\RoleCapability\SqlManaged.psrc' }; 'CONTOSO\ServerMonitors' = @{ VisibleCmdlets = 'Get-Process' } } RoleDefinitions = @{ 'Company\GS-JEA-SqlDbMgmt'=@{ RoleCapabilities='SQLServerJEA' } } # Group accounts for which membership is required to use the session. # RequiredGroups = @{ And = @{ Or = 'CONTOSO\SmartCard-Logon1', 'CONTOSO\SmartCard-Logon2' }, 'Administrators' } RequiredGroups = @{ Or = 'Company\GS-JEA-SqlDbMgmt','Administrators' } # Language mode to apply when applied to a session. Can be 'NoLanguage' (recommended), 'RestrictedLanguage', 'ConstrainedLanguage', or 'FullLanguage' LanguageMode = 'NoLanguage' # Execution policy to apply when applied to a session ExecutionPolicy = 'RemoteSigned' }