This was very useful to use towards application access via my VPN, so I decided to play and created a published Notepad on one FR3 server and assigned a load evaluator that was configured to allow access from a range of w.x.20.1 to w.x.20.9. I can run the app from an IP in that range, but I can also run the app from an address of w.x.23.1. Something isn't right, anyone shed some light? -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of Eric S. Perkins Sent: Sunday, February 15, 2004 11:38 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Published app access inside or out! I created multiple instances of the published apps in question and used the load evaluator method, so far so good! So users allowed access from anywhere get a published app with no load evaluator limiting the IP range, and users that are limited get a published app with the limitation! Thanks for the Help Ron. -Eric S. Perkins "performance is our passion" esp@xxxxxxxxxxxxxx Headquarters: 847.647.2430 Visit us Online: http://performance.ws =20 =20 =20 -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Ron Oglesby Sent: Thursday, February 12, 2004 07:28 To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Published app access inside or out! I am holding off on sending scripts for the moment. I would be happy to advise, tell you what to put in it, or what exe's to use, but lately a small company who's Admin used a vb script I wrote, and because he didn't know how to use it unpublished and deleted every frickin' app in their. Now while I don't see this is a big problem, and it will be dealt with soon, At the moment I am not sending out any scripts. Gimme a week. BUT I can say, it could look something like this: Begin Script Launch clntinfo.exe =3D20 write its output to a txt file in the user's home dir IF MEMBER statement.=3D20 Poll for the group membership of outside sales group If they are a member delete the text file you just wrote to the home dir ELSE Read the IP (in kix a readprofilestring) of the client Maybe at this point do a substring of that variable (like if your network is 10. substr for the first three places, if you are 172. substr for four.) Compare the results of the SUBSTR, IF it doesn't match (nested IF) then call logoff.exe Else=3D20 Goto the :launch section of the script. :launch C:\Program files\apps\application.exe Or something like this. Ron Oglesby Senior Technical Architect Microsoft MVP, Windows Server=3D20 =3D20 RapidApp Office 312.372.7188 Mobile 815.325.7618 email roglesby@xxxxxxxxxxxx =3D20 -----Original Message----- From: Jeremy Saunders [mailto:Jeremy.Saunders@xxxxxxxxxxxxxxxx]=3D20 Sent: Wednesday, February 11, 2004 10:25 PM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Re: Published app access inside or out! Hi Ron, Could you possibly forward me a copy of this script? I had a similar idea, as I didn't want to change the load evaluators. One of my clients wants to make sure that their Payroll app is not available outside the local LAN. Cheers, Jeremy. -----Original Message----- From: Ron Oglesby [mailto:roglesby@xxxxxxxxxxxx]=3D20 Sent: Thursday, February 12, 2004 9:55 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Published app access inside or out! Well Citrix now has load evaluators that have IP address range restrictions. This will return an error to the user when they launch the app from outside the address range.=3D3D20 I had some failures with this early on and found that it often returned an IO error to the user and not an informational message like "hey, your external don't try it". Instead it returns an IO error which is the same error you get it all your servers have hit maximum load (10000 load index) and none are available to service that app. Anyway I use the clntinfo.exe to read the client IP address, then based on the IP kick off the app or not. This is a simple script and I only use it on apps that require limited access based on IP Ron Oglesby Senior Technical Architect Microsoft MVP, Windows Server=3D3D20 =3D3D20 RapidApp Office 312.372.7188 Mobile 815.325.7618 email roglesby@xxxxxxxxxxxx =3D3D20 -----Original Message----- From: Eric S. Perkins [mailto:esp@xxxxxxxxxxxxxx]=3D3D20 Sent: Wednesday, February 11, 2004 7:43 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Published app access inside or out! Hi all, I know this topic has been beaten to death in the past, but I wanted to revisit it with newer operating systems and newer versions of Citrix. How do you limit published apps so they are only accessible on the LAN for certain users and others are accessible from Inside or Outside the LAN. Is everyone still creating multiple ICA connectors with different IP's? I have another MetaFrame install that certain users will need access from everywhere (including a time clock software package) and obviously most user can not access this app from say home! I have done this in the past, I was just wondering if anyone has a better way. TIA, -Eric S. Perkins "performance is our passion" esp@xxxxxxxxxxxxxx Headquarters: 847.647.2430 Visit us Online: http://performance.ws =3D3D3D20 =3D3D3D20 =3D3D3D20 ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=3D3D3D147 ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or=3D3D20 set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=3D3D147 ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or=3D20 set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=3D3D147 ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or=3D20 set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=3D147 ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or=20 set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This weeks sponsor Vizioncore, Inc. --> vc-iMonitor - Performance Monitoring, Control & Reporting --> vc-iControl - Desktop & Start Menu Management & Reporting --> vc-iMapper - Drive, Printer & COM Management & Reporting http://vizioncore.com/products.html ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This weeks sponsor Vizioncore, Inc. --> vc-iMonitor - Performance Monitoring, Control & Reporting --> vc-iControl - Desktop & Start Menu Management & Reporting --> vc-iMapper - Drive, Printer & COM Management & Reporting http://vizioncore.com/products.html ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm