Jump to content
Welcome to our new Citrix community!

Best way to allow a certain set of users to access the citrix desktop if on a managed machine and not using receiver/workspace


Recommended Posts

I have my virtual gateway but I want to only allow a certain set of users access if they have a managed laptop and that they are using the browser and not citrix receiver to log in. The reason for this is to stop a user picking their iphone up and logging into the citrix desktop. However I have other users that are allowed to get access no matter what they choose to use.

 

I had debated a responder policy so

HTTP.REQ.USER.IS_Member_OF("MyADGroup") && REQ.HTTP.HEADER User-Agent CONTAINS Win

 

which i think will work or just have the responder policy bound to the AAA group MyADGroup with REQ.HTTP.HEADER User-Agent CONTAINS Win. I was looking at EPA as a way to find out if it was a managed computer or if that was required. I havent set up EPA before but I am still reading the possibility of setting up a post-authentication bound to the AAA group.

 

I am hoping someone might have set this up before and I wasnt sure if EPA was the way to go as its for a small set of users and I am guessing that the EPA software will needed downloaded to everyone and just to a specific AD group.

 

I hope I explained that well enough

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...