We're HealthCare, we don't do things the easy way... :-) or should I say they don't let us. We use Desktop Authority for most all security on the workstations, things like no registry editing, no app installation, no drive access, no visible icons, etc. On the other hand I use the PNAgent to populate the desktop and start menu with whatever Citrix apps that user has access to. So we hit a conflict here and Desktop Authority wins, PNAgent puts the icons on the desktop and DA comes right behind it and removes them. It then grabs a custom menu assigned to that user from sysvol/scripts and puts it on the start menu. It's locked down enough that the general user cannot get to anything else. The machines I'm working with right now are Win2K Pro that autologon a generic account and sit there logged on for days, sometimes weeks at a time. The Radiologists are used to simply walking up, hitting the start button and what they want is there. Since I don't have an MD behind my name getting process changes approved is like pulling your own teeth while hanging upside down behind a bull. Actually after posting the question here I found 2 solutions, one the SSon settings in the ICA file, another that works is copying the .PNAGENT file from a published app to the custom menu. I know it's convaluted, but with all the government requirments, admin requirments and stopping the user from shotting their own foot we have to come up with some "unique" solutions. George Taylor Systems Programmer Regional Health Inc. _____ From: Joe Shonk [mailto:joe.shonk@xxxxxxxxx] Sent: Thursday, February 15, 2007 2:36 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: passthru authentication via ICA file. Are there not easier ways to deliver a blank desktop and PNAgent ICON on the Desktop as well? Joe From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Taylor, George Sent: Thursday, February 15, 2007 2:05 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: passthru authentication via ICA file. I don't want to have to specify a username and password in the ICA file. Basically we lock down generic machines using ScriptLogic's Desktop Authority. We hide all desktop icons and redirect the Start Menu to a custom menu. By hiding the desktop icons it also gets rid of any icons put there by the PNAgent. My solution was to simply put an ICA file in the custom start menu, it works but it stops at a windows login for the server, thats too complicated for a radiologist or doctor. The icons published by the PNAgent work great, it passes the current username and password to the server and all they have to enter is the actual application username. Is there a way to get the ICA file to passthru the current windows username and password to the Citrix servers? Thanks, George _____ From: Joe Shonk [mailto:joe.shonk@xxxxxxxxx] Sent: Thursday, February 15, 2007 1:56 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: passthru authentication via ICA file. Yup... Add Username= Domain= Password= To the .ica file. Joe From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Taylor, George Sent: Thursday, February 15, 2007 1:48 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] passthru authentication via ICA file. Is there any way to pass the Windows username and password to the server when launching a published application via an ICA file? Thanks, George ***Note: The information contained in this message, including any attachments, may be privileged, confidential, and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the Sender immediately by a "reply to sender only" message and destroy all electronic or paper copies of the communication, including any attachments. ***Note: The information contained in this message, including any attachments, may be privileged, confidential, and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the Sender immediately by a "reply to sender only" message and destroy all electronic or paper copies of the communication, including any attachments.