We go to the CAG, it asks for credentials, we then go to our Web interface URL rather than the default gateway portal.... Once in the WI, they click on their applications and launch a VPN connected Citrix app. I must be missing something. _____ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Pitsch Sent: Wednesday, August 02, 2006 3:43 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Access Gateway 4.2 Oh so we aren't talking about the VPN connection. If you are going direct to WI and not authenticating to the CAG before hand then this would be as expected. Jeff Pitsch Microsoft MVP - Terminal Server Forums not enough? Get support from the experts at your business http://jeffpitschconsulting.com <http://jeffpitschconsulting.com/> On 8/2/06, Schneider, Chad M <CMSchneider@xxxxxxxxx <mailto:CMSchneider@xxxxxxxxx> > wrote: I created 2 groups, in the CAG. Each is working fine, however, ALL users in the AD domain are able to get through it and into it as well. We have it set to go directly to our Web Interface page... _____ From: thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx> [mailto:thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx> ] On Behalf Of Jeff Pitsch Sent: Wednesday, August 02, 2006 3:12 PM To: thin@xxxxxxxxxxxxx <mailto:thin@xxxxxxxxxxxxx> Subject: [THIN] Re: Access Gateway 4.2 Is this simply the CAG? You can setup groups in the CAG that would allow you to define who has access. Jeff Pitsch Microsoft MVP - Terminal Server Forums not enough? Get support from the experts at your business http://jeffpitschconsulting.com <http://jeffpitschconsulting.com/> On 8/2/06, Schneider, Chad M < CMSchneider@xxxxxxxxx <mailto:CMSchneider@xxxxxxxxx> > wrote: I have it configured for LDAP, working great...well...sort of... I want it to only allow the users/groups I grant rights to, the ability to use this...not the ENTIRE LDAP directory... Can anyone assist? Chad Schneider Technology Analyst/Citrix Admin. Bemis Company, Inc. 920-303-7609