kam_uk
asked on
Blocking access to Server drive in Citrix
Hi All
I have just installed my first Citrix 4.5 app - Notepad.
All working fine, however when I try to save the file, I am able to browse the drives on the server that the app is published...anyone know how to stop this?
Secondly, is there a 4.5 equivalent of the Citrix Connection Tool in 4.0?
Thanks
I have just installed my first Citrix 4.5 app - Notepad.
All working fine, however when I try to save the file, I am able to browse the drives on the server that the app is published...anyone know how to stop this?
Secondly, is there a 4.5 equivalent of the Citrix Connection Tool in 4.0?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
PS: method #1 just hides the drive letters so users can still type "C:\" in the save box and get to it if they know to try that. If you want to lock it down, you need to use NTFS for that. Method #1 prevents most people from saving stuff on the server drives, but does not really lock anything down if they know what to look for.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Guys
Thanks..
For the moment, we are just in testing so will look at GPO's soon.
Regarding the NTFS permissions - I'm a little bit confused....I don't want them to be able to browse the C: drive at all...is this possible?
Thanks..
For the moment, we are just in testing so will look at GPO's soon.
Regarding the NTFS permissions - I'm a little bit confused....I don't want them to be able to browse the C: drive at all...is this possible?
NO - if you do that they will not even be able to run the programs installed on the server's C drive. Been there, done that and got the 3rd degree burns to prove it.
ASKER
Ok - no worries.
So the only option is GPO - there is nothing within Citrix to hide server drives?
Also - I see the Citrix Connection Tool (not Citrix Connection Test Tool) has disappeared in 4.5 - do you know where you set config for client drive mapping etc on the server?
So the only option is GPO - there is nothing within Citrix to hide server drives?
Also - I see the Citrix Connection Tool (not Citrix Connection Test Tool) has disappeared in 4.5 - do you know where you set config for client drive mapping etc on the server?
There is nothing native to Citrix to hide server drives.
Citrix Best Practice is to use a Citrix Policy to set you client drive mappings.
Citrix Best Practice is to use a Citrix Policy to set you client drive mappings.
ASKER
Ok - so just to confirm...
Citrix Policy for client drive mappings
GPO for server mappings
That's the best way to go?
Citrix Policy for client drive mappings
GPO for server mappings
That's the best way to go?
Yes - Best practice on both counts
Also, take a look at this cool utility:
http://www.petri.co.il/gpdrivesoptions.htm
Also, take a look at this cool utility:
http://www.petri.co.il/gpdrivesoptions.htm
You can alternatively use a GPO specified TS login script to do the drive mappings especially if they are based on AD groups (for example, if they are in this AD group then they get these drive mapping, etc).
And although you certainly would not want to lock people out of the entire C drive, you definatelty can definately use NTFS permissions to lock users out of specific program execuatbles and/or directories to ensure you comply with your licensing restrictions.
And although you certainly would not want to lock people out of the entire C drive, you definatelty can definately use NTFS permissions to lock users out of specific program execuatbles and/or directories to ensure you comply with your licensing restrictions.