kam_uk
asked on
RDP access via Citrix
Hi All,
We are running Citrix 4.0 Enterprise.
On our Web Interface we have published a Remote Desktop. This is mainly for servers admins to utilse so they can then RDP from that one to another server they may need to administer.
Some users now want to be able to access their PC's from home via Citrix. Am I correct in thinking that we only need to add their account to the Remote Desktop Users group on their local workstation? There is no need to open any extra ports - as long as the RDP port (not sure which port this is?) is open between the Presentation Server that has the Published Desktop and the workstations? In effect, they are RDP'ing from that PS to their workstation, Citrix/ICA is not involved once they initially connect to the desktop on that PS?
Hope I'm making myself clear :)
We are running Citrix 4.0 Enterprise.
On our Web Interface we have published a Remote Desktop. This is mainly for servers admins to utilse so they can then RDP from that one to another server they may need to administer.
Some users now want to be able to access their PC's from home via Citrix. Am I correct in thinking that we only need to add their account to the Remote Desktop Users group on their local workstation? There is no need to open any extra ports - as long as the RDP port (not sure which port this is?) is open between the Presentation Server that has the Published Desktop and the workstations? In effect, they are RDP'ing from that PS to their workstation, Citrix/ICA is not involved once they initially connect to the desktop on that PS?
Hope I'm making myself clear :)
TCP Port 3389 is the RDP port.
I don't think that this will work as you have planed. RDP is only the protocol used by client to access resources on the FARM not on their own PCs. You can create customized mstsc.exe shortcut for EVERY user that will be provided access to his PC.
ICA protocol is MUCH faster than RDP, so I think that you do not need RDP protocol at all. And yes, it's dedicated port is 3389.
ICA protocol is MUCH faster than RDP, so I think that you do not need RDP protocol at all. And yes, it's dedicated port is 3389.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks guys...
Out of interest, why would they need the "Bypass Traverse Checking" enabled?
Out of interest, why would they need the "Bypass Traverse Checking" enabled?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yep thats correct, thanx Zoubi77.
Right, so did you try with the settings that I highlighted to you? lets me know if thats work, I run a citrix environment and i encounter similar issues that you on about.
Keep me updated on that and let us know if anything else is needed :)
Right, so did you try with the settings that I highlighted to you? lets me know if thats work, I run a citrix environment and i encounter similar issues that you on about.
Keep me updated on that and let us know if anything else is needed :)
ASKER
Thanks guys, but I'm still unclear *why* users would need "Bypass Traverse Checking"? Why would they want to do this?
Because sometimes you want user to access some subfolder but not folder higher up. For ex. we have folder structure - share\map\goodies you want to grant access to user only on goodies. But if he wants to get to that folder, he must first click on share than on map and finaly to goodies. If has no NTFS rights on share or map folder, he will be automaticly denied access and will not be even able to get (traverse) to goodies folder.
not so complicated as it may look at first sight
;)
not so complicated as it may look at first sight
;)