SOK_Norway
asked on
Cannot see any sessions in my shadow taskbar
Hi there!
I have a user that must be allowed to shadow other user sessions.
I have created a policy for him but when i open the shadow taskbar, only 3 of ca. 15 sessions are shown.
I know that there are over 15 sessions logged in.
If i log in as administrator i see all sessions, but I don`t want to give him any administrator rights.
I`m running PS 4.5 on a W2K3 server.
Hope someone have a solution =)
I have a user that must be allowed to shadow other user sessions.
I have created a policy for him but when i open the shadow taskbar, only 3 of ca. 15 sessions are shown.
I know that there are over 15 sessions logged in.
If i log in as administrator i see all sessions, but I don`t want to give him any administrator rights.
I`m running PS 4.5 on a W2K3 server.
Hope someone have a solution =)
The user can only shadow sessions to which the policy applies - have you checked to see that all the other users belong to a filter that means the policy applies to them? You can check by using the 'Search' option which is a bit like AD Resultant Set of Policy.
ASKER
Thanks. Yeah, I have applied the policy to a big group of users. And I know everyone on the server is a member of this group.
I followed this description:
Login to PSC (Presentation Server Console) --> Policies --> Create Policy --> Create a Policy e,g shadow --> Right click on new created Policy --> go to Propertes --> User Workspaces --> Shadowing -1. Under 'Configuration' enable it
2. Under 'Permission' tab --> select 'Enable' --> then 'Configure' to select the users (Shadow administrator).
Now click ok and save Policy --> Again Right click on it and select 'Apply this Policy to' --> select 'Users' --> select the Users/Group to whom you want to shadow (Shadow User).
I followed this description:
Login to PSC (Presentation Server Console) --> Policies --> Create Policy --> Create a Policy e,g shadow --> Right click on new created Policy --> go to Propertes --> User Workspaces --> Shadowing -1. Under 'Configuration' enable it
2. Under 'Permission' tab --> select 'Enable' --> then 'Configure' to select the users (Shadow administrator).
Now click ok and save Policy --> Again Right click on it and select 'Apply this Policy to' --> select 'Users' --> select the Users/Group to whom you want to shadow (Shadow User).
ASKER
I set the user to be an administrator in Citrix Access Management Console. The Shadow Taskbar still was showing about 3 of 15 sessions. But if I made him a Domain Admin in my AD, could he see all the 15 sessions.
Interesting problem. I'd like to ask a fw more questions if thats ok -
Do the users all belong to the same domain or are there trusts in place?
Are the users 3 users always logged on to the same server (s)? I'm wondering if there is something about the servers themselves e.g. permissions on the ICA listener
The user account that needs to shadow - have you looked at its group membership to see if it happens to belong to the same groups being shadowed, (perhaps through group nesting)?
If you add a user to the policy explicitly, can it be shadowed?
Does the shadowing user have the shadow policy applied to him if you run the resultant policy (Search) feature?
Do the users all belong to the same domain or are there trusts in place?
Are the users 3 users always logged on to the same server (s)? I'm wondering if there is something about the servers themselves e.g. permissions on the ICA listener
The user account that needs to shadow - have you looked at its group membership to see if it happens to belong to the same groups being shadowed, (perhaps through group nesting)?
If you add a user to the policy explicitly, can it be shadowed?
Does the shadowing user have the shadow policy applied to him if you run the resultant policy (Search) feature?
ASKER
Sure, no problem.
All users belong to the same domain.
We have 2 terminal servers which is based on load balanse. Therefor can the user be connected to either server. It looks like the 3 users I see are on one server and the others are on the other server. But it`s 2 more users on the same server that I can`t see.
And I found one more thing. Right now I have 10 users logged in. 6 users on the first server and 4 users on the other server. With administrator i can see all 6 on the first server and 2 users on the other server. With the other user I can`t see anyone on the first server but I can see the 2 users i could not see with administrator.
Yes, the user are member in the group that can be shadowed.
No, I removed the group and applied the policy specificly to 2 users that I knew was logged in.
I could not see them, but i could still see the 2 users that I always have seen. Is there any other places that permissions can be set? Because 2 users that I saw did not have the policy applied to them.
Yes, I gave the users permission under User Workspaces --> Shadowing --> Permission
All users belong to the same domain.
We have 2 terminal servers which is based on load balanse. Therefor can the user be connected to either server. It looks like the 3 users I see are on one server and the others are on the other server. But it`s 2 more users on the same server that I can`t see.
And I found one more thing. Right now I have 10 users logged in. 6 users on the first server and 4 users on the other server. With administrator i can see all 6 on the first server and 2 users on the other server. With the other user I can`t see anyone on the first server but I can see the 2 users i could not see with administrator.
Yes, the user are member in the group that can be shadowed.
No, I removed the group and applied the policy specificly to 2 users that I knew was logged in.
I could not see them, but i could still see the 2 users that I always have seen. Is there any other places that permissions can be set? Because 2 users that I saw did not have the policy applied to them.
Yes, I gave the users permission under User Workspaces --> Shadowing --> Permission
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.