Perhaps you just need to Silo the applications that are delivered externally. Joe -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Adam.Baum@xxxxxxxxxxxxxx Sent: Monday, November 07, 2005 1:04 PM To: thin@xxxxxxxxxxxxx Cc: thin@xxxxxxxxxxxxx; thin-bounce@xxxxxxxxxxxxx Subject: [THIN] Re: Restricting users from applications Correct. I have to prevent the "restricted" apps from being accessed by any means (explorer navigation, embedded links, creating new files with .doc, .xls and then clicking on them, etc). Basically, MS is now charging an extra $100+ for every telecommuter to access Office via a terminal session. That's ontop of the Windows CAL and the TS CAL. Doesn't matter if the user has a legit copy of Office on his home PC and has Office on his work PC. adam Jeff Pitsch <jepitsch@xxxxxxx om> To Sent by: thin@xxxxxxxxxxxxx thin-bounce@freel cc ists.org Subject [THIN] Re: Restricting users from 11/07/2005 12:35 applications PM Please respond to thin@xxxxxxxxxxxx g Unfortunately he wants to make sure that the user can't start the programs even from another. At least that's how I understand it. for example, if you have outlook open, you can't open a word attachment because word is restricted if your coming in over the internet. Jeff Pitsch On 11/7/05, Walter, Chris <christopher.walter@xxxxxxx > wrote: Setup a load evaluator based on IP range and deny them access if they are using a specific IP range. Chris -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto: thin-bounce@xxxxxxxxxxxxx] On Behalf Of Adam.Baum@xxxxxxxxxxxxxx Sent: Monday, November 07, 2005 12:21 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Restricting users from applications HI All, As we move more and more into a thinclient solution here, I have been asked if there is a way to keep someone from accessing certain applications when telecommuting. Here some background info: While using a City supplied pc (mainly internal users), access to Microsoft applications are covered under our EA. When using the same servers from home, the access to apps are not covered under the EA. So..I need to find a way to prevent users coming through MSAM from accessing Microsoft applications. Internally, we use PNAgent/WI. My intial thought was to not publish the apps through MSAM. Then I thought about embedded links. Even if the app isn't published, clicking on an embedded document (or link to a .doc, xls, etc) will launch the app. Is there a way to set publishing/access rules based on your connection (MSAM vs PNagent)? Any other methods accomplishing this task? adam ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************ ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************ ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************ ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************