• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 609
  • Last Modified:

XenApp 6 and UnderStanding how policies Are applied

I'm settings up a new XenAPP 6 farm and have the following. I have created a new OU and placed all of my new XenAPP server in the OU which is then assigned to a WorkerGroup. This ou only contain the XenAPP server and no user accounts.

My user account resides in another ou. Here is my question. When I log into XenAPP using the Windows Reciver 3.0 on my workstation are Group Polices applied to my account that I logged into the Windows Receiver 3.0 with? Even though my user account is not in the same OU as my Citrix server will any of the GP applied to this OU which are enforced be applied.

I trying to figure out the best way to deploy customer hotkey settings for the PNAgent and Web Interface.
0
compdigit44
Asked:
compdigit44
1 Solution
 
Carl WebsterCommented:
TS/RDS/XA GPOs should use the Loopback functionality to ensure a consistent application to all users on all servers.

Policies are applied in this order:

Microsoft local policies
Citrix IMA local policies
Site GPOs
Domain GPOs
OU GPOs

Precedence is in reverse order:

OU GPOs have precedence over Domain GPOs which have precedence over Site GPOs which have precedence over Citrix IMA policies which have precedence over Microsoft local policies.
0
 
compdigit44Author Commented:
IN a nutshell if I use loopback processing and my servers and users are inseperate OU I can have user specific settings take effect on a user that is not part of the same OU as the servers?

Very Confusing
0
 
Carl WebsterCommented:
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Mike KlineCommented:
Loopback can definitely be confusing, see this writeup Darren (GP MVP) did on loopback

http://www.sdmsoftware.com/general-stuff/please-explain-loopback-processing/

If you want to go under the weeds my friends at CB5 did a really good in-depth series on loopback

http://www.grouppolicy.biz/tag/loopback/

Thanks

Mike
0
 
compdigit44Author Commented:
I have such unique keybord mappings that I may end up. pushing out a custom appsrv.ini file.
0
 
compdigit44Author Commented:
What is the best way to push out custom setting in the appsrv.ini to workstation that are both 32 & 64 bit :-(
0
 
Carl WebsterCommented:
Where are you placing the custom appsrv.ini?
0
 
compdigit44Author Commented:
Well the default directory for the appsrv.ini is C:\Program Files\Citrix\ICA Client or C:\Program Files(x86)\Citrix\ICA Client
0
 
Carl WebsterCommented:
On my Windows 7 x64 system, my appsrv.ini is in:

C:\Users\cwebster\AppData\Roaming\ICAClient

You could use the UserProfile environment variable.

0
 
Carl WebsterCommented:
There are these two env variables:

ProgramFiles=C:\Program Files
ProgramFiles(x86)=C:\Program Files (x86)

I would think on a 32-bit computer, the ProgramFiles(x86)=C:\Program Files (x86) should not exist.

Use a logon script to copy the appsrv.ini file to the right place.
0
 
mwadminCommented:
When configuring the GPO are you configring it under user settings or computer settings?
0
 
compdigit44Author Commented:
How do I know which APPSV.ini location to edit?
0
 
compdigit44Author Commented:
How do I update my 5.4 web interface to have the hotkey settings as well
0
 
Carl WebsterCommented:
If ProgramFiles(x86) env var exists, you are on a 64-bit system.
0
 
compdigit44Author Commented:
I have both 32 and 64 workstation in my enviroment
0
 
Carl WebsterCommented:
Check for the existance of appsrv.ini in both locations and replace the one that exists with your updated copy.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now