Jump to content
Welcome to our new Citrix community!
  • 0

Restrict administrator to AD groups or limit visibility


Question

Hey,

 

is there a way to restrict administrators that way so they only can search for people in a specific AD group?

 

This is our situation:

 

We have only one delivery group for every terminal server type like: 1 group for servers with windows server 2016, one for windows server 2012R2 and so on.

But all users using the same delivery group.

 

Now we will give some employees the permission to kill a hanging process of a user oder log them off when there is a bigger issue.

Problem is that there are multiple branches which have there own structures what means that a user of branche A dont should be able to see a user of branche B.

 

And this is so because they can see all applications launched and which name it has. So when someone is on the internet and looking for some new shoes everybody can see it in the director.

 

1. Solution could be that branche A administrator can only see branche A employees (based on AD group it will be easy to configure)

2. There will be a new role which only show the administrator buttons/tabs like "Log Off", "Shadow", Reset Profile", "Processes". So that there is no "Applications" Tab, or "Details".

 

I know that there is a way to create new roles but it looks like we have not the right license to do it. So I cant check if it "theoretically" could work with own created roles.

 

So....any ideas?

 

Thanks.

Link to comment

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...