Citrix XenApp 6.5 printer redirection - strange behavior
Posted on 2014-11-18
We're having a weird problem in our XenApp 6.5 Server desktop environment when users are coming back in via the NetScaler Access Gateway. We’re using Web Interface 18.104.22.168
In our environment, we have Citrix policies configured to automatically create client printers for users accessing XenApp through the Netscaler Access Gateway.
When the client printer is created, the resultant permissions normally mean that only that one user can print to it. E.g. if Jane and Joe log onto the same XenApp server, and Jane has a autocreated printer called Laserjet 4000, Joe cannot print to Laserjet 4000.
The problem is, we have had three reports (months apart) regarding users printing to client printers that have been created through another user’s session. In one instance someone complained that another user was accidentally sending jobs to the printer in her home. More seriously, we had an incident where an employee was working from a third party’s premises and this resulted in a confidential document printing on an MFD belonging to another organisation.
Administrators can see network printers from other locations but, end users cannot.
The printer policies we have in place are;
Auto Create Client Printers (ICA\Printing\Client Printers) – Auto Create all client printers
Client Printer Redirection (ICA\Printing) – Allowed (We also have a filter in this to only apply to clients with a name of WI_*. This allows us to know when a client is coming in via the Netscaler)
Default Printer (ICA\Printing) – Do not adjust the users default printer
We have seen support article CTX668903 but it does not seem to be relevant.
Can anyone help with this?