Neil, thanks for your reply. Our servers are Windows 2003 SP1 PS 4 Rollup 1. I can see how your solution would work. However, it's way too much work for what is at the moment a non-critical request which may just fade away. -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Braebaum, Neil Sent: Thursday, June 14, 2007 10:27 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Webex and Citrix You don't mention the OS version of your Citrix servers. I haven't done any checking to see if there's much change in this for 2003 server, or whether the reg keys are overridden by HKCU settings... but here's what I had to do when deploying apps that used Active X controls (on NT4 TSE, and Windows 2000 TS). I initially set the registry values HKLM\Software\Microsoft\Windows\CurrentVersion\InternetSettings\ActiveXC ache to be H:\Windows\Downloaded Program Files. I made sure that the admin user I was running as had such a folder available (I probably used subst whilst logged in as an admin user). I then ran the app, and accessed the portion that used the ActiveX control. This did all the HKCR\CLSID stuff for creating the objects on the system. It also copied / cached the actual ActiveX object files to this folder. I saved these controls to a central location, and using a login script for the user, ensure that the same path (H:\Windows\Downloaded Program Files) was valid and existed for each user - then the control files were copied to their local folder. This was a signed ActiveX control, so I created the digital signature in users profile by writing the value in a login script (mandatory profiles). So when the user ran the app and accessed the bits using the ActiveX control, their profile had already been pre-populated with the digital cert signing the control, so accepted it. The OS new the control was already installed (due to the HKCR\CLSID stuff that had been created when I ran the app using an admin user), and the control files were in a folder that was writable by the user if they were updated. This meant they could use ActiveX for the app, but not install ActiveX controls generally. I had control over the version of the app, too - because I had to pre-empt the digital cert using a login script (mandatory profiles). I suspect where you might want to start is ensuring that the HKLM registry value above is set to an area that will exist for each user, and is writable (that latter part seemed to be significant, from memory, even if the control files were already present), before installing the control. Otherwise you're like going to have to set it anyway, and search HKCR\CLSID and probably change some values in InprocServer32 for the control(s) so that it points to the ActiveX cache area you want to use for your users. There may be other / better ways of doing this now I don't currently have to deploy any apps using ActiveX controls any more, but that's how I went about it then, going back a few OS versions, and bearing in mind I always used mandatory profiles. Neil > -----Original Message----- > From: thin-bounce@xxxxxxxxxxxxx > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of George Wasgatt > Sent: 14 June 2007 15:03 > To: thin@xxxxxxxxxxxxx > Subject: [THIN] Webex and Citrix > > We've been asked to load the Citrix client on our Citrix > servers. I found this tech note on the Webex site: > > Installing Citrix Metaframe and Webex Meeting Manager. > > Which walks your through installing Terminal Services, > Metaframe 1.8 then the two Webex executables (ATCLIENT and > Meeting Manager ATMCIE.MSI). These installs were done in > change user /install mode. According to the documentation > this should write everything to the proper registry keys. > > However, when I then load a Webex site using a > non-administrative ID the Active-X client tries to load > itself. Doing the installs as the administrator in install > mode was supposed to prevent this from happening. > We had Webex support on the phone o a while but they didn't > have much to say other than what was in the document. What > am I missing? **************************************************************************** * This email and its attachments are confidential and are intended for the above named recipient only. If this has come to you in error, please notify the sender immediately and delete this email from your system. You must take no action based on this, nor must you copy or disclose it or any part of its contents to any person or organisation. Statements and opinions contained in this email may not necessarily represent those of Littlewoods Shop Direct Group Limited or its subsidiaries. Please note that email communications may be monitored. The registered office of Littlewoods Shop Direct Group Limited is 1st Floor, Skyways House, Speke Road, Speke, Liverpool, L70 1AB, registered number 5059352 **************************************************************************** * This message has been scanned for viruses by BlackSpider MailControl - www.blackspider.com SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************ SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************