Hi, The best answer for the first question is probably to quote the Appsense knowledgebase: --------------------------- Printing on Windows 2003 Citrix Server & Application Manager. (Ctx_SmaUser) Ref # AP10319 Symptoms Printing problems may occur when Appsense Application Manager is installed on a Windows 2003 Server with Citrix Presentation Server 4. Some auto-created printers, which are installed at user logon, may fail to print. When the Application Manager Service agent is stopped or disabled then printing is fine. Filemon shows a buffer overflow triggered by the Appsense agent process when reading c:\windows\system32\spool\drivers\\w32x86\3\hpoemui.dll. This is known to occur with a HP LaserJet 8100 PCL 6 printer. This issue does not occur on a Windows 2000 Citrix Server. Cause The Ctx_SmaUser account (which the Citrix Print Manager Service (cpsvc.exe) uses to logon) is not recognized as a Trusted Owner in Application Manager and is thus prevented from accessing the Citrix PS4 Server. Solution The following changes within Application Manager should resolve this issue: 1. Add the Ctx_SmaUser local account to the Trusted Owners list in Application Manager 2. Create a User rule for %Computername%\CTX_SMA_USER with High Security and Trusted Ownership checking enabled. 3. Add C:\temp to the Accessible Items for User Rule created in step 2 A (less secure) alternative would be: 1. Add CTX_SMA_USER as a Trusted Owner 2. Create a user exception with NO SECURITY Although there are no known exploits with the second alternative, Appsense always recommends maintaining maximum security throughout your network wherever possible. ---------------------- I'd add that the HP Color LaserJet 4650 has the same issue. So if you don't want Appsense to sometimes break your printing, the above stuff will need to be part of your build process. As far as the second question goes, I'm still a bit ambivalent about the Environment Manager. Functionally it's brilliant and a really neat product but when you've spent half your life scripting stuff and using flex profiles, having to do it all via a point and click GUI is almost kind of painful. So do I think the hybrid profile stuff is good, I guess the answer is yes. Do I like it? Not yet ;-) But being to do stuff like getting rid of group policies for remote users with no more slow logins due to slow policy loads etc is kind of attractive. Regards, Rick Ulrich Mack Volante Systems -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of M Sent: Saturday, 22 July 2006 6:11 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: PS4 + Appsense Hello Rick, How have you handled Appsense Application Manager and the Ctx_SmaUser account ? Trusted owner and excluded settings from applying ? Have you had a look at the Environment manager yet ? Any thoughts on the Hybrid Profile element ? M ----- Original Message ----- From: Rick Mack <mailto:Rick.Mack@xxxxxxxxxxxxxx> To: thin@xxxxxxxxxxxxx Sent: Friday, July 21, 2006 12:59 AM Subject: RE: [THIN] PS4 + Appsense HI, That sounds like a leading question, but I guess I'm game ;-) Yes. Problems? regards, Rick Ulrich Mack Volante Systems _____ From: thin-bounce@xxxxxxxxxxxxx on behalf of M Sent: Fri 21/07/2006 8:37 To: Thin@xxxxxxxxxxxxx Subject: [THIN] PS4 + Appsense Hello there, Is anyone using Appsense (Application Manager) with PS4 ? M ######################################################################## ############# This e-mail, including all attachments, may be confidential or privileged. Confidentiality or privilege is not waived or lost because this e-mail has been sent to you in error. If you are not the intended recipient any use, disclosure or copying of this e-mail is prohibited. If you have received it in error please notify the sender immediately by reply e-mail and destroy all copies of this e-mail and any attachments. All liability for direct and indirect loss arising from this e-mail and any attachments is hereby disclaimed to the extent permitted by law. ######################################################################## ############# ##################################################################################### This e-mail, including all attachments, may be confidential or privileged. Confidentiality or privilege is not waived or lost because this e-mail has been sent to you in error. If you are not the intended recipient any use, disclosure or copying of this e-mail is prohibited. If you have received it in error please notify the sender immediately by reply e-mail and destroy all copies of this e-mail and any attachments. All liability for direct and indirect loss arising from this e-mail and any attachments is hereby disclaimed to the extent permitted by law. ##################################################################################### ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************