We are running a Citrix 4.5 environment with Server 2003 SP2, recently upgraded from Citrix 4.0. The problem we are having is that the group policy isn't applying to any user or admin properly for Internet Explorer Security. All other policy objects are applying. I browsed the Citrix forums and found a few solutions, but to no avail.
We have 2 policies enforced, 1 is the default domain policy where the settings are defined, and the other is the Citrix Presentation Server policy. This only happens when in Citrix - we can remote desktop to any server and the policy is applied properly. The policy is also applied properly from standalone machines since they aren't in that OU.
I have tried setting the Citrix policy to not be enforced with no luck, but there are no settings defined in that policy for IE security anyway. We have run gpresult and it does show that the policies are applied properly for the user and the computer. I have also checked the local group policy on the machine which is actually disabled on our testing machine. And yes we have run gpupdate /force many times - this has been ongoing for a couple months.
We do have OU's setup and the 4.5 Citrix servers are in their own OU where the Citrix policy is applied. Citrix is used as a desktop, so IE isn't it's own separate published application. We run on terminals with XP embedded, so each user gets a full desktop screen. We also use RES Powerfuse but we haven't determined that to be an issue. We created a published app that runs without powerfuse, but with Citrix to a server, and the same thing happened - IE shows the default security settings that comes with Server 2003.
Does anyone have any suggestions?