Hi Tristan,
Thank you for your information, I will sure use it in my R&I .
We use AppSense Performance Manager somewhere else, and I have been told
that it is very expensive and unfortunately I am not in that luxurious
position.
Cheers!
John
"Tristan" <tlyonnet_@_free.fr> wrote in message
news:Xns93D1392DEFB3CSimmy78@140.99.99.130...
> "John" <(E-Mail Removed)> wrote in
> news:3f321273$0$49106$(E-Mail Removed):
>
> > Hi all,
> > I have this problem that I can not find any sollution for, maybe you
> > know how to solve this?
> >
> > I have a published application on citrix metaframe 1.8.
> > I do not want users to access the local drives, so I disabled access
> > to local drives in the policy. This works well....
> > Now I want users to have some space on the server for storing and
> > working with Office files, but that is not possible, because I
> > disabled access to local drives. Now to me it seems that the only
> > sollution is to enable it again. But that causes trouble, because
> > users are then able to access the drives and parts of the drives where
> > they do not belong, which I do not want to happen.
> > So the problem is that I want them to be able to acess a part of the
> > drive but I do not want them to be able to access the whole drive. I
> > have already used drive mapping to a network share, but that does not
> > work. I also played with user rights on file-level, but that is not
> > good enough, because the users also must be able to access the files
> > in the application path to start the application of course....
> > There is also a problem that users can manually specify a location in
> > the published application and when users are smart enough they can
> > specify the drive that is not visible in "my computer", when
> > local-drive access is enabled.
> >
> > If anyone knows how to deal with this I would be very pleased.
> >
> > Cheers,
> > John
> >
> >
> >
>
> Their is a policy that disable access to specified drives. Use it and
> users will not be able to access again drives: this allow them to click
> shortcut but doen't allow them to browse specified drive even their are
> or not hidden.
> Create another partition to store application data.
> Redirect every default path of application to this partition: a lot of
> application already use "My Documents" (redirect via GPO or potch the
> user registry), for others, edit registry (ex: WinZip) or make
> application compatibility script like existing scripts.
>
> If you don't disable access to drives, any user will be able to access
> any drives or run any system EXE like CMD.EXE ......: Running write.exe
> is suffisant to start any EXE of any drive.
>
> The most difficult is to scan every published application to find
> possibilities to open a browser on default system drive.
>
> Another solution: Use AppSense Application Manager.
>
> Tristan
|
Similar Threads
