Solved

Allow read-only access to Thumb Drives via Program Neighborhood and Web Client in Citrix?

Posted on 2010-09-09
6
516 Views
Last Modified: 2012-05-10
We are trying to lock down our Citrix environment. We have users with thumb drives that copy data up to servers via Citrix. We are fine with that. However, we want to prevent them from copying company data back down to the thumb drives. Is there any way to lock this down in Citrix? As far as I can tell, all local drives and thumb drives just show up as mapped drives with no way to define things as read only within Citrix. I'm sure there must be a solution!
0
Comment
Question by:Tanders1
  • 3
  • 2
6 Comments
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33641081
0
 

Author Comment

by:Tanders1
ID: 33645540
Unfortunately, this will prevent our sites from deleting data from their Thumb drives. If, for example they are using a camera card, they still need to be able to delete photos that might be on the card and not allow them to copy new data to the card...
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33646092
if you give the application service read/write permissions,  your application should be able to remove files

 i believe read only permissions will only apply to your user.

is company data different than images?

put all workers that should not have access to company data into a group and use ntfs permissions to deny access to the group


0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:Tanders1
ID: 33646160
They all have access to company data. We have sites where the managers need to take photos of apartments and upload them to the servers. We still need them to be able to remove those photos from the card. However, we do not want them copying data from the server back to that same thumb drive.
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33650055
use ntfs file permissions to block access to the company data

put all workers that should not have access to company data into a group and use ntfs permissions to deny access to the group
0
 
LVL 6

Accepted Solution

by:
TreyBcool earned 500 total points
ID: 33665096
Actually this is very possible. Its a registry setting on your XA servers. You can also set the clipboard to read only.
----------------------------------------------------------------------------------------------------------------      
      POLICY "Secure Client Drive Mapping"
                  EXPLAIN "Allows client drive mapping but does not allow users to save data back down the ICA channel. Users can open files from thier client mapped drives only. If a user tries to write to or save to a client mapped drive, they will get an error."
                  KEYNAME "SYSTEM\CurrentControlSet\Services\Cdm\Parameters"
                  PART "Enabled" CHECKBOX
                  VALUENAME "ReadOnlyMappedDrive"
                  VALUEON NUMERIC 1
                  VALUEOFF NUMERIC 0
                  END PART
            END POLICY
            POLICY "Secure Client Clipboard Mapping"
                  EXPLAIN "Allows clipboard mapping but does not allow saving or transfering of clipboard data outside the XenApp sever. Users can copy from their local PC and past into a XenApp session but can not copy from a ICA session and past to a local application."
                  KEYNAME "SYSTEM\CurrentControlSet\Control\Citrix\wfshell\Virtual Clipboard"
                  PART "Enabled" CHECKBOX
                  VALUENAME "ReadOnly"
                  VALUEON NUMERIC 1
                  VALUEOFF NUMERIC 0
                  END PART
            END POLICY
      END CATEGORY; ICA control
  END CATEGORY; XenApp
END CATEGORY; Citrix
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question