Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Allow read-only access to Thumb Drives via Program Neighborhood and Web Client in Citrix?

Posted on 2010-09-09
6
Medium Priority
?
522 Views
Last Modified: 2012-05-10
We are trying to lock down our Citrix environment. We have users with thumb drives that copy data up to servers via Citrix. We are fine with that. However, we want to prevent them from copying company data back down to the thumb drives. Is there any way to lock this down in Citrix? As far as I can tell, all local drives and thumb drives just show up as mapped drives with no way to define things as read only within Citrix. I'm sure there must be a solution!
0
Comment
Question by:Tanders1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33641081
0
 

Author Comment

by:Tanders1
ID: 33645540
Unfortunately, this will prevent our sites from deleting data from their Thumb drives. If, for example they are using a camera card, they still need to be able to delete photos that might be on the card and not allow them to copy new data to the card...
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33646092
if you give the application service read/write permissions,  your application should be able to remove files

 i believe read only permissions will only apply to your user.

is company data different than images?

put all workers that should not have access to company data into a group and use ntfs permissions to deny access to the group


0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:Tanders1
ID: 33646160
They all have access to company data. We have sites where the managers need to take photos of apartments and upload them to the servers. We still need them to be able to remove those photos from the card. However, we do not want them copying data from the server back to that same thumb drive.
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33650055
use ntfs file permissions to block access to the company data

put all workers that should not have access to company data into a group and use ntfs permissions to deny access to the group
0
 
LVL 6

Accepted Solution

by:
TreyBcool earned 2000 total points
ID: 33665096
Actually this is very possible. Its a registry setting on your XA servers. You can also set the clipboard to read only.
----------------------------------------------------------------------------------------------------------------      
      POLICY "Secure Client Drive Mapping"
                  EXPLAIN "Allows client drive mapping but does not allow users to save data back down the ICA channel. Users can open files from thier client mapped drives only. If a user tries to write to or save to a client mapped drive, they will get an error."
                  KEYNAME "SYSTEM\CurrentControlSet\Services\Cdm\Parameters"
                  PART "Enabled" CHECKBOX
                  VALUENAME "ReadOnlyMappedDrive"
                  VALUEON NUMERIC 1
                  VALUEOFF NUMERIC 0
                  END PART
            END POLICY
            POLICY "Secure Client Clipboard Mapping"
                  EXPLAIN "Allows clipboard mapping but does not allow saving or transfering of clipboard data outside the XenApp sever. Users can copy from their local PC and past into a XenApp session but can not copy from a ICA session and past to a local application."
                  KEYNAME "SYSTEM\CurrentControlSet\Control\Citrix\wfshell\Virtual Clipboard"
                  PART "Enabled" CHECKBOX
                  VALUENAME "ReadOnly"
                  VALUEON NUMERIC 1
                  VALUEOFF NUMERIC 0
                  END PART
            END POLICY
      END CATEGORY; ICA control
  END CATEGORY; XenApp
END CATEGORY; Citrix
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This video teaches viewers how to encrypt an external drive that requires a password to read and edit the drive. All tasks are done in Disk Utility. Plug in the external drive you wish to encrypt: Make sure all previous data on the drive has been …
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question