Sometimes users have not been granted admin rights to the workstation they are working on. The purpose is not to allow them to install anything on the workstation.
Few websites requires some plug-ins like java plug-in to be downloaded and installed on to the user’s workstation to work properly. In the absence of admin rights, Users can not install these plug-ins into their workstation and so they will not be able to work properly with the websites they require to work on.
One option to resolve this issue is for administrator to install the required plug-ins to the user’s workstation. This could be a problem as there may be many users working on different websites with different plug-ins. It would be difficult to manage those plug-ins in case of version upgrades.
Second option is that the XenApp administrator can run the required website on the XenApp for the first time to get all the required plug-ins downloaded and installed. Once the plug-ins will be installed successfully, administrator has to publish the required website from XenApp. To do so, Administrator needs to publish internet explorer executable with website url as its parameter as shown below for all the required users:
This will resolve the problem as all the processing will be done on XenApp and users do not have to have any rights to install the plug-ins.
Second option is recommended as it is easy to support and maintain all the plug-ins on some central XenApp machines but following points needs to be addressed before selecting this option:
- Many websites required different versions of plug-ins and sometimes two same plug-in having different versions could have some compatibility issues and should not be installed together. In short, all the plug-ins needs to be analyzed for their compatibility before installing to the XenApp. Incompatible plug-ins should not be installed on the same XenApp.
- As we are publishing the internet explorer executable for the users, we are giving them access to XenApp’s internet explorer and so they may use it to access any other website as well. This could lead to the security issue and could impact the XenApp and the network performance. For example, user can go to any site from the published iexplorer and can download anything or can ever watch the online videos. Since all the processing will be done on XenApp, this could eat-up the network bandwidth and XepApp CPU. To prohibit users to access any other website other then the one that is given as parameter to the published iexplorer, proper GPO’s (Global Policies) should be designed and applied for the users.