Problem with Java bypassing Windows security in CITRIX deployments
Hi,
I have a problem in our CITRIX deployment, where the GPOs that we have applied to the AD do not get followed by the Java Console.
We have the local windows server drives hidden by windows policy, but when an Application gets executed through CITRIX, it regains access to the hidden drives when using the "save as form".
If Java cannot be forced to follow GPO's, does anyone know how to take off access to drives from the Java console?.
Thanks.
I have a problem in our CITRIX deployment, where the GPOs that we have applied to the AD do not get followed by the Java Console.
We have the local windows server drives hidden by windows policy, but when an Application gets executed through CITRIX, it regains access to the hidden drives when using the "save as form".
If Java cannot be forced to follow GPO's, does anyone know how to take off access to drives from the Java console?.
Thanks.
Sekar Chinnakannu
You want to hide the drives on xenapp server while users trying to save as right or client side?? Also may i know the xenapp version.
ASKER
Yes, that's the problem.
We have hidden the drives on windows server on the GPO's, but when using Oracle Forms application and trying to save a file, it opens up the java prompt "Save as..:" which shows all the server drives.
So users, go and save documents on the servers C: drive and then cannot open them from the explorer.
The XenApp is v7.6.
We have hidden the drives on windows server on the GPO's, but when using Oracle Forms application and trying to save a file, it opens up the java prompt "Save as..:" which shows all the server drives.
So users, go and save documents on the servers C: drive and then cannot open them from the explorer.
The XenApp is v7.6.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi,
We have tried it, but it hasn't worked. However the process is not trivial and there isn't an easy to follow documentation out there to do it.
There is one step-by-step in EE, but is old and contains deprecated URLs.
We have applied the Loopback user control in replace mode, if that helps.
What's the easiest way to test it? because the output from gpresult is far from nice.
We have tried it, but it hasn't worked. However the process is not trivial and there isn't an easy to follow documentation out there to do it.
There is one step-by-step in EE, but is old and contains deprecated URLs.
We have applied the Loopback user control in replace mode, if that helps.
What's the easiest way to test it? because the output from gpresult is far from nice.
ASKER
Thanks Sekar,
At the end we managed to use it effectively, but we had a few issues applying the right policies, etc.
There was some step by step solution links otherwise in EE, but the links are now obsolete.
Thanks again for the solution.
At the end we managed to use it effectively, but we had a few issues applying the right policies, etc.
There was some step by step solution links otherwise in EE, but the links are now obsolete.
Thanks again for the solution.