Open tlcarpenter opened 5 years ago
You can run a script for that http://mutonufoai.github.io/pgina/documentation/plugins/scripting.html#event_notification_change_password Let it run in event notification stage as system on logoff net localgroup administrators "%u" /delete
Is there a way to remove LDAP users previously added to local groups? I used a rule in the Gateway phase of the LDAP plugin to add members of an LDAP group to the local Administrators group. As suggested in the documentation for the LDAP plugin
http://mutonufoai.github.io/pgina/documentation/plugins/ldap.html
I enabled "Scramble password after logout" in the LocalMachine plugin. That does prevent an LDAP user that's been removed from the LDAP group in my LDAP plugin rule from being able to log in, but I'd prefer to remove the entry for the user from the list of users in the local Administrator's group.