Solved

Allow read-only access to Thumb Drives via Program Neighborhood and Web Client in Citrix?

Posted on 2010-09-09
6
513 Views
Last Modified: 2012-05-10
We are trying to lock down our Citrix environment. We have users with thumb drives that copy data up to servers via Citrix. We are fine with that. However, we want to prevent them from copying company data back down to the thumb drives. Is there any way to lock this down in Citrix? As far as I can tell, all local drives and thumb drives just show up as mapped drives with no way to define things as read only within Citrix. I'm sure there must be a solution!
0
Comment
Question by:Tanders1
  • 3
  • 2
6 Comments
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33641081
0
 

Author Comment

by:Tanders1
ID: 33645540
Unfortunately, this will prevent our sites from deleting data from their Thumb drives. If, for example they are using a camera card, they still need to be able to delete photos that might be on the card and not allow them to copy new data to the card...
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33646092
if you give the application service read/write permissions,  your application should be able to remove files

 i believe read only permissions will only apply to your user.

is company data different than images?

put all workers that should not have access to company data into a group and use ntfs permissions to deny access to the group


0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:Tanders1
ID: 33646160
They all have access to company data. We have sites where the managers need to take photos of apartments and upload them to the servers. We still need them to be able to remove those photos from the card. However, we do not want them copying data from the server back to that same thumb drive.
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33650055
use ntfs file permissions to block access to the company data

put all workers that should not have access to company data into a group and use ntfs permissions to deny access to the group
0
 
LVL 6

Accepted Solution

by:
TreyBcool earned 500 total points
ID: 33665096
Actually this is very possible. Its a registry setting on your XA servers. You can also set the clipboard to read only.
----------------------------------------------------------------------------------------------------------------      
      POLICY "Secure Client Drive Mapping"
                  EXPLAIN "Allows client drive mapping but does not allow users to save data back down the ICA channel. Users can open files from thier client mapped drives only. If a user tries to write to or save to a client mapped drive, they will get an error."
                  KEYNAME "SYSTEM\CurrentControlSet\Services\Cdm\Parameters"
                  PART "Enabled" CHECKBOX
                  VALUENAME "ReadOnlyMappedDrive"
                  VALUEON NUMERIC 1
                  VALUEOFF NUMERIC 0
                  END PART
            END POLICY
            POLICY "Secure Client Clipboard Mapping"
                  EXPLAIN "Allows clipboard mapping but does not allow saving or transfering of clipboard data outside the XenApp sever. Users can copy from their local PC and past into a XenApp session but can not copy from a ICA session and past to a local application."
                  KEYNAME "SYSTEM\CurrentControlSet\Control\Citrix\wfshell\Virtual Clipboard"
                  PART "Enabled" CHECKBOX
                  VALUENAME "ReadOnly"
                  VALUEON NUMERIC 1
                  VALUEOFF NUMERIC 0
                  END PART
            END POLICY
      END CATEGORY; ICA control
  END CATEGORY; XenApp
END CATEGORY; Citrix
0

Featured Post

New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenDesktop 7.6 Citrix Policies Audio
Lets start to have a small explanation what is VAAI(vStorage API for Array Integration ) and what are the benefits using it. VAAI is an API framework in VMware that enable some Storage tasks. It first presented in ESXi 4.1, but only after 5.x sup…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now