Solved

Cannot see any sessions in my shadow taskbar

Posted on 2008-10-06
7
1,980 Views
Last Modified: 2012-05-05
Hi there!

I have a user that must be allowed to shadow other user sessions.
I have created a policy for him but when i open the shadow taskbar, only 3 of ca. 15 sessions are shown.
I know that there are over 15 sessions logged in.
If i log in as administrator i see all sessions, but I don`t want to give him any administrator rights.
I`m running PS 4.5 on a W2K3 server.

Hope someone have a solution =)
0
Comment
Question by:SOK_Norway
  • 3
  • 3
7 Comments
 
LVL 2

Expert Comment

by:Ron9909
ID: 22655331
The user can only shadow sessions to which the policy applies - have you checked to see that all the other users belong to a filter that means the policy applies to them?  You can check by using the 'Search' option which is a bit like AD Resultant Set of Policy.
0
 

Author Comment

by:SOK_Norway
ID: 22656895
Thanks. Yeah, I have applied the policy to a big group of users. And I know everyone on the server is a member of this group.

I followed this description:

Login to PSC (Presentation Server Console) --> Policies --> Create Policy --> Create a Policy e,g shadow --> Right click on new created Policy --> go to Propertes --> User Workspaces --> Shadowing -1.   Under 'Configuration' enable it
2.   Under 'Permission' tab --> select 'Enable' --> then 'Configure' to select the users (Shadow administrator).

Now click ok and save Policy --> Again Right click on it and select 'Apply this Policy to' --> select 'Users' --> select the Users/Group to whom you want to shadow (Shadow User).
0
 

Author Comment

by:SOK_Norway
ID: 22656936
I set the user to be an administrator in Citrix Access Management Console. The Shadow Taskbar still was showing about 3 of 15 sessions. But if I made him a Domain Admin in my AD, could he see all the 15 sessions.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 2

Expert Comment

by:Ron9909
ID: 22659070
Interesting problem.  I'd like to ask a fw more questions if thats ok -
Do the users all belong to the same domain or are there trusts in place?

Are the users 3 users always logged on to the same server (s)?  I'm wondering if there is something about the servers themselves e.g.  permissions on the ICA listener

The user account that needs to shadow - have you looked at its group membership to see if it happens to belong to the same groups being shadowed, (perhaps through group nesting)?  

If you add a user to the policy explicitly, can it be shadowed?

Does the shadowing user have the shadow policy applied to him if you run the resultant policy (Search) feature?
0
 

Author Comment

by:SOK_Norway
ID: 22668845
Sure, no problem.
All users belong to the same domain.

We have 2 terminal servers which is based on load balanse. Therefor can the user be connected to either server. It looks like the 3 users I see are on one server and the others are on the other server. But it`s 2 more users on the same server that I can`t see.
And I found one more thing. Right now I have 10 users logged in. 6 users on the first server and 4 users on the other server. With administrator i can see all 6 on the first server and 2 users on the other server. With the other user I can`t see anyone on the first server but I can see the 2 users i could not see with administrator.

Yes, the user are member in the group that can be shadowed.

No, I removed the group and applied the policy specificly to 2 users that I knew was logged in.
I could not see them, but i could still see the 2 users that I always have seen. Is there any other places that permissions can be set? Because 2 users that I saw did not have the policy applied to them.

Yes, I gave the users permission under User Workspaces --> Shadowing --> Permission
0
 
LVL 2

Accepted Solution

by:
Ron9909 earned 125 total points
ID: 22693712
Quote: "No, I removed the group and applied the policy specificly to 2 users that I knew was logged in."

If you apply a policy to users that are already logged in, it wont take effect, as they would have to log in again.  However, from what you've described, it seems like the shadow policy feature is the source of your problem.

Let me explain - there are a lot of reasons why you can have problems with shadowing, e.g. if the display properties are not matched (sessions being shadowed have greater res or colour depth), with permissions on the ICA listener, or even with DCOM permissions, but I think the problem here is policy related.  

When you configure a shadow policy, all users that you want to be able to shadow must be added to the policy i.e. whatever users are configured under the 'apply this policy to' setting can only be shadowed by users added to that policy.  

I've noticed on other occasions, that this seems to affect even full Citrix admins (but not had a satisfactory explanation yet as to why).  The way to test if this is your problem here is firstly, disable the policy and test using new sessions, and secondly, re-enable the policy then add your citrix administrators to the policy.  Can you try this and let me know what happens?
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

Citrix XenDesktop, gold image, VMware, vSphere.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now