[THIN] Re: PS4 + Appsense
- From: "Rick Mack" <Rick.Mack@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Sun, 23 Jul 2006 07:38:49 +1000
Hi,
The best answer for the first question is probably to quote the Appsense
knowledgebase:
---------------------------
Printing on Windows 2003 Citrix Server & Application Manager.
(Ctx_SmaUser)
Ref # AP10319
Symptoms
Printing problems may occur when Appsense Application Manager is
installed on a Windows 2003 Server with Citrix Presentation Server 4.
Some auto-created printers, which are installed at user logon, may fail
to print. When the Application Manager Service agent is stopped or
disabled then printing is fine.
Filemon shows a buffer overflow triggered by the Appsense agent process
when reading c:\windows\system32\spool\drivers\\w32x86\3\hpoemui.dll.
This is known to occur with a HP LaserJet 8100 PCL 6 printer.
This issue does not occur on a Windows 2000 Citrix Server.
Cause
The Ctx_SmaUser account (which the Citrix Print Manager Service
(cpsvc.exe) uses to logon) is not recognized as a Trusted Owner in
Application Manager and is thus prevented from accessing the Citrix PS4
Server.
Solution
The following changes within Application Manager should resolve this
issue:
1. Add the Ctx_SmaUser local account to the Trusted Owners list in
Application Manager
2. Create a User rule for %Computername%\CTX_SMA_USER with High Security
and Trusted Ownership checking enabled.
3. Add C:\temp to the Accessible Items for User Rule created in step 2
A (less secure) alternative would be:
1. Add CTX_SMA_USER as a Trusted Owner
2. Create a user exception with NO SECURITY
Although there are no known exploits with the second alternative,
Appsense always recommends maintaining maximum security throughout your
network wherever possible.
----------------------
I'd add that the HP Color LaserJet 4650 has the same issue. So if you
don't want Appsense to sometimes break your printing, the above stuff
will need to be part of your build process.
As far as the second question goes, I'm still a bit ambivalent about the
Environment Manager.
Functionally it's brilliant and a really neat product but when you've
spent half your life scripting stuff and using flex profiles, having to
do it all via a point and click GUI is almost kind of painful.
So do I think the hybrid profile stuff is good, I guess the answer is
yes. Do I like it? Not yet ;-)
But being to do stuff like getting rid of group policies for remote
users with no more slow logins due to slow policy loads etc is kind of
attractive.
Regards,
Rick
Ulrich Mack
Volante Systems
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of M
Sent: Saturday, 22 July 2006 6:11 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: PS4 + Appsense
Hello Rick,
How have you handled Appsense Application Manager and the Ctx_SmaUser
account ? Trusted owner and excluded settings from applying ?
Have you had a look at the Environment manager yet ? Any thoughts on the
Hybrid Profile element ?
M
----- Original Message -----
From: Rick Mack <mailto:Rick.Mack@xxxxxxxxxxxxxx>
To: thin@xxxxxxxxxxxxx
Sent: Friday, July 21, 2006 12:59 AM
Subject: RE: [THIN] PS4 + Appsense
HI,
That sounds like a leading question, but I guess I'm game ;-)
Yes.
Problems?
regards,
Rick
Ulrich Mack
Volante Systems
_____
From: thin-bounce@xxxxxxxxxxxxx on behalf of M
Sent: Fri 21/07/2006 8:37
To: Thin@xxxxxxxxxxxxx
Subject: [THIN] PS4 + Appsense
Hello there,
Is anyone using Appsense (Application Manager) with PS4 ?
M
########################################################################
#############
This e-mail, including all attachments, may be confidential or
privileged. Confidentiality or privilege is not waived or lost because
this e-mail has been sent to you in error. If you are not the intended
recipient any use, disclosure or copying of this e-mail is prohibited.
If you have received it in error please notify the sender immediately by
reply e-mail and destroy all copies of this e-mail and any attachments.
All liability for direct and indirect loss arising from this e-mail and
any attachments is hereby disclaimed to the extent permitted by law.
########################################################################
#############
#####################################################################################
This e-mail, including all attachments, may be confidential or privileged.
Confidentiality or privilege is not waived or lost because this e-mail has been
sent to you in error. If you are not the intended recipient any use,
disclosure or copying of this e-mail is prohibited. If you have received it in
error please notify the sender immediately by reply e-mail and destroy all
copies of this e-mail and any attachments. All liability for direct and
indirect loss arising from this e-mail and any attachments is hereby disclaimed
to the extent permitted by law.
#####################################################################################
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
Other related posts:
