I am trying to lock down Citrix sessions to where the user cannot shut down, but only log off their published desktop. So far, if they are not a domain admin, they cannot shut down but still have access to a start menu option called "Windows Security". It seems the user can shut down the server from within the windows security menu. I tried to remove this with a local computer policy but can't find the location that other sites said to go to.
Any ideas on the best way to go about this so all users do not see this in their start menu over a citrix session? (Screen shot attached)