[THIN] Re: Published app access inside or out!
- From: "Seitz, Linden" <L.Seitz@xxxxxxx>
- To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
- Date: Mon, 16 Feb 2004 12:57:41 -0600
This was very useful to use towards application access via my VPN, so I
decided to play and created a published Notepad on one FR3 server and
assigned a load evaluator that was configured to allow access from a range
of w.x.20.1 to w.x.20.9. I can run the app from an IP in that range, but I
can also run the app from an address of w.x.23.1. Something isn't right,
anyone shed some light?
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On
Behalf Of Eric S. Perkins
Sent: Sunday, February 15, 2004 11:38 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Published app access inside or out!
I created multiple instances of the published apps in question and used
the load evaluator method, so far so good! So users allowed access from
anywhere get a published app with no load evaluator limiting the IP
range, and users that are limited get a published app with the
limitation! Thanks for the Help Ron.
-Eric S. Perkins
"performance is our passion"
esp@xxxxxxxxxxxxxx
Headquarters: 847.647.2430
Visit us Online: http://performance.ws
=20
=20
=20
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Ron Oglesby
Sent: Thursday, February 12, 2004 07:28
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Published app access inside or out!
I am holding off on sending scripts for the moment. I would be happy to
advise, tell you what to put in it, or what exe's to use, but lately a
small company who's Admin used a vb script I wrote, and because he
didn't know how to use it unpublished and deleted every frickin' app in
their.
Now while I don't see this is a big problem, and it will be dealt with
soon, At the moment I am not sending out any scripts. Gimme a week.
BUT I can say, it could look something like this:
Begin Script
Launch clntinfo.exe =3D20
write its output to a txt file in the user's home dir
IF MEMBER statement.=3D20
Poll for the group membership of outside sales group
If they are a member delete the text file you just wrote to the home dir
ELSE
Read the IP (in kix a readprofilestring) of the client
Maybe at this point do a substring of that variable (like if your
network is 10. substr for the first three places, if you are 172. substr
for four.)
Compare the results of the SUBSTR,
IF it doesn't match (nested IF) then call logoff.exe
Else=3D20
Goto the :launch section of the script.
:launch
C:\Program files\apps\application.exe
Or something like this.
Ron Oglesby
Senior Technical Architect
Microsoft MVP, Windows Server=3D20
=3D20
RapidApp
Office 312.372.7188
Mobile 815.325.7618
email roglesby@xxxxxxxxxxxx
=3D20
-----Original Message-----
From: Jeremy Saunders [mailto:Jeremy.Saunders@xxxxxxxxxxxxxxxx]=3D20
Sent: Wednesday, February 11, 2004 10:25 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: Published app access inside or out!
Hi Ron,
Could you possibly forward me a copy of this script? I had a similar
idea,
as I didn't want to change the load evaluators. One of my clients wants
to
make sure that their Payroll app is not available outside the local LAN.
Cheers,
Jeremy.
-----Original Message-----
From: Ron Oglesby [mailto:roglesby@xxxxxxxxxxxx]=3D20
Sent: Thursday, February 12, 2004 9:55 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Published app access inside or out!
Well Citrix now has load evaluators that have IP address range
restrictions. This will return an error to the user when they launch the
app from outside the address range.=3D3D20
I had some failures with this early on and found that it often returned
an IO error to the user and not an informational message like "hey, your
external don't try it". Instead it returns an IO error which is the same
error you get it all your servers have hit maximum load (10000 load
index) and none are available to service that app.
Anyway I use the clntinfo.exe to read the client IP address, then based
on the IP kick off the app or not. This is a simple script and I only
use it on apps that require limited access based on IP
Ron Oglesby
Senior Technical Architect
Microsoft MVP, Windows Server=3D3D20
=3D3D20
RapidApp
Office 312.372.7188
Mobile 815.325.7618
email roglesby@xxxxxxxxxxxx
=3D3D20
-----Original Message-----
From: Eric S. Perkins [mailto:esp@xxxxxxxxxxxxxx]=3D3D20
Sent: Wednesday, February 11, 2004 7:43 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Published app access inside or out!
Hi all,
I know this topic has been beaten to death in the past, but I wanted to
revisit it with newer operating systems and newer versions of Citrix.
How do you limit published apps so they are only accessible on the LAN
for certain users and others are accessible from Inside or Outside the
LAN. Is everyone still creating multiple ICA connectors with different
IP's?
I have another MetaFrame install that certain users will need access
from everywhere (including a time clock software package) and obviously
most user can not access this app from say home!
I have done this in the past, I was just wondering if anyone has a
better way.
TIA,
-Eric S. Perkins
"performance is our passion"
esp@xxxxxxxxxxxxxx
Headquarters: 847.647.2430
Visit us Online: http://performance.ws
=3D3D3D20
=3D3D3D20
=3D3D3D20
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers.
http://www.rtosoft.com/Enter.asp?ID=3D3D3D147
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers.
http://www.rtosoft.com/Enter.asp?ID=3D3D147
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers.
http://www.rtosoft.com/Enter.asp?ID=3D3D147
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers.
http://www.rtosoft.com/Enter.asp?ID=3D147
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor Vizioncore, Inc.
--> vc-iMonitor - Performance Monitoring, Control & Reporting
--> vc-iControl - Desktop & Start Menu Management & Reporting
--> vc-iMapper - Drive, Printer & COM Management & Reporting
http://vizioncore.com/products.html
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor Vizioncore, Inc.
--> vc-iMonitor - Performance Monitoring, Control & Reporting
--> vc-iControl - Desktop & Start Menu Management & Reporting
--> vc-iMapper - Drive, Printer & COM Management & Reporting
http://vizioncore.com/products.html
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
