[THIN] Re: App only works from server console
- From: "Jeremy Saunders" <Jeremy.Saunders@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 9 Mar 2010 11:38:43 +1100
This is the problem I had a few months ago, so I wrote an article to explain it
correctly. It might be the same as your issue.
“YourApp” would not run as a User or even Power Users on the Citrix servers.
Only an Administrator would work. I was unable to track down specific file
system (using filemon) or registry (using regmon) permission issues, so I
enabled the logging of privilege and object usage failures in the Audit Policy.
This then showed a privilege failure due to the user not having the
SeCreateGlobalPrivilege user right. To be able to run “YourApp” users require
the ability to do "CreateFileMapping" in the "Global\" namespace under Windows
2003 with a non-admin user logged in to a terminal service session. This fails
since creating a file mapping object in the global Terminal Services sessions
namespace (from a session other than session zero) requires the
SeCreateGlobalPrivilege privilege. This privilege is enabled by default for
administrators, services, and the local system account. So all “YourApp” users
need the "Create Global Objects" User Right (SeCreateGlobalPrivilege). Added
the "MYDOMAIN\YourApp Users" to the "Create global objects" User Rights
Assignment in the Citrix Server Group Policy Object. You could also do this
locally on each server using the NTRights.exe Resource Kit Utility. The command
would be...
ntrights.exe -u " MYDOMAIN\YourApp Users " +r SeCreateGlobalPrivilege
So easily resolved and explained in the end with some good old debugging.
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
Magnus Hjorleifsson
Sent: Tuesday, 9 March 2010 8:14 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: App only works from server console
If it works with rdp then you have to look at mfhook. There are a few ctx
articles related to disabling that for certain applications
Sent from my iPhone
On Mar 8, 2010, at 16:44, Berny Stapleton <berny@xxxxxxxxxxxxxxxxx> wrote:
Does it work via rdp?
On Mar 8, 2010 9:02 PM, "Angela Smith"
<angela_smith9@xxxxxxxxxxx> wrote:
Hi
I have a inhouse developed application that works fine from the
Server console but refuses to work via an ICA Session. The App starts then
closes when run as a Published App. I installed the app via change user
/install. Any ideas on the best way to troubleshoot this? I tried using
Regmon/Filemon but could not find anything unusual..
Thanks
Anglea
________________________________
Sign up for SEEK Jobmail. Get the latest jobs delivered.
<http://clk.atdmt.com/NMN/go/157639755/direct/01/>
#####################################################################################
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information
contained in the pages is confidential and contains legally privileged
information. If you are not the addressee indicated in this message (or
responsible for delivery of the message to such person), you may not copy or
deliver this message to anyone, and you should destroy this message and kindly
notify the sender by reply email. Confidentiality and legal privilege are not
waived or lost by reason of mistaken delivery to you.
#####################################################################################
Other related posts:
