Hi,
Hopefully someone can help, I have a quick question.
Can you assign thinapps by user groups defined in Active Directory? At the moment we are assigning by pool or individual users depending on their needs. I ask because we have come across a situation where a user has lost their vdi desktop and are re-assigned a new one with a totally different desktop name, unfortunutely they lose whatever thinapp is assigned to them unless it has been assigned by pool because it's been assigned to desktop and not a specific user.
Regards,
Ross
Create application security groups in your AD. Example:
ThinApp_AdobeReader
ThinApp_Office2010
Create these security groups and when you build the package you add the groups when prompted for specific groups that can access this program. Assign groups or users to the applications security groups that want to use it. You can then use View's ThinApp repository (like you are doing now) and it will assign the package to a pool but only people in the security group can actually run it. Another way to do it is run a script using ThinReg.exe and it will look at the security group and only give access to the program if the user is in the appropriate application security group. It also will register the applications to the correct files on the virtual desktop.
Example of script:
Set WSHShell = WScript.CreateObject("WScript.Shell")
WSHShell.Exec("""%logonserver%\netlogon\thinreg.exe"" /q ""\\servername\thinapp repo\*.exe""")
Create application security groups in your AD. Example:
ThinApp_AdobeReader
ThinApp_Office2010
Create these security groups and when you build the package you add the groups when prompted for specific groups that can access this program. Assign groups or users to the applications security groups that want to use it. You can then use View's ThinApp repository (like you are doing now) and it will assign the package to a pool but only people in the security group can actually run it. Another way to do it is run a script using ThinReg.exe and it will look at the security group and only give access to the program if the user is in the appropriate application security group. It also will register the applications to the correct files on the virtual desktop.
Example of script:
Set WSHShell = WScript.CreateObject("WScript.Shell")
WSHShell.Exec("""%logonserver%\netlogon\thinreg.exe"" /q ""\\servername\thinapp repo\*.exe""")
Hi,
You can make an application captured with default settings to be launched only for user group say "domain users" and for an existing domain "dmn" by
If a user launches thinapp on a machine which does not belong to a domain
or
A user not belonging to a domain launches the thinappaed application
then
He will not be able to launch the thinapped application and would be prompted with the set "Access Denied message".
GURU
Thanks for both of the replies, both have explained how I can implement what I need to do, it's just unfortunute I need to stream it to the whole pool no matter what. I don't really need to restrict access but more make sure the people who do need the thinapped application have it no matter what vdi desktop they are assigned.
Thanks again for the replies.
Regards,
Ross
If you use ThinReg.exe you don't have to join it to a pool at all. That is what you want to do. Use the script and only those allowed to see the application will get it.
Watch this:
