Risks with allowing users 'Create Global Objects' right in Local Policy
Posted on 2008-11-18
I have been having an issue with users accessing an Oracle based application within a Citrix enivironment. After much research, i discovered that if I go to the Local Security Settings>User Rights Assignment>Create global objects policy and add those users to that right, the application launches properly and is able to establish a db connection. My question is, what are the ramifications or risks with providing non-admin users this access? Am I opening up my Citrix servers to abuse by giving too much power to these users? I have done some research and cannot find any real substantial case for or against allowing this right other than "only give to right to trusted users". Any insight would be greatly appreciated.