AD Security permissions that allow registry modification
Posted on 2009-04-01
I have an issue where our users are authenticating onto a Citrix Secure Access Gateway website to access a published application and receiving error messages pointing to SSL connection failures.
I have narrowed it down to the point where if the users are in the administrators AD member group this published app will load fine for them. However if they are not in this group (and obviously I do not want users in this group) then they receive the error messages when trying to launch the published app.
I am therefore creating a new AD member group and wish to isolate just the security permissions the administrators account uses to read/write to the registry as I believe this Citrix Access Gateway site writes a file to the registry.
Any suggestions would be greatly appreciated