Citrix

How to Prevent Users from Changing Client Device Access Settings for 12.x Plug-in and later versions of Receiver for Windows Using Client Selective Trust

  • CTX128792
  • Created onMar 26, 2014
  • Updated onApr 16, 2014
Article Topic Connectivity

Objective

This article provides information on how to prevent users from changing Client Device Access Settings for 12.x Plug-in and later versions of Receiver for Windows using Client Selective Trust. Note: By default, all client device access are set to 0 (no access), users can still access the connection center and change Client Device Access values.

Background

For newer releases refer to CTX133565 - How to Configure Default Device Access Behavior of Receiver, XenDesktop and XenApp

With Online Plug-in 12.x, client device access in ICA sessions formerly configured with the webica.ini file is now done with the registry key Client Selective Trust (HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\ICA Client\Client Selective Trust) as described in CTX124921 – Citrix Online Plug-in 12.0 Ignores Webica.ini Settings.

Instructions

In addition to specifying 0 for no access for all categories (File Security, MicrophoneAndWebcamSecurityPermission, PdaSecurityPermission, ScannerAndDigitalCameraSecurityPermission) in all zones (oidInternetRegionIcaAuthorizationDecision, oidIntranetRegionIcaAuthorizationDecision, oidRestrictedSitesRegionIcaAuthorizationDecision, oidTrustedSitesRegionIcaAuthorizationDecision), set the following value to False:

oidPredefinedSecurityPolicySettings\InstantiatedSecurityPolicyEditable\default

As a result, all fields in the connection center will be unavailable and users cannot change the security settings predefined by an administrator.

Registry Editor

Applicable Products

Automatic translation

Important: This article was translated by an automatic translation system (also referred to as Machine Translation, or MT) and has not been translated or reviewed by people. Citrix offers a machine translated version of this article to allow for greater access to the support content. However, automatic translation is not always perfect and may contain errors of vocabulary, syntax or grammar. Citrix is not responsible for inconsistencies, errors or damage incurred as a result of the use of MT articles from our customers.Thank you.
Click here to see the English version of this article.
Languages
Was this helpful?
Thank you for your feedback

Share your comments or find out more about this topic

Citrix Forums