"Session Manager terminates session launches when the Group Policy evaluation fails. This is to prevent user access to resources that are restricted through Group Policy. The following user-implemented fix provides a registry toggle for administrators to dismiss the enforcement, which helps end users to connect to sessions even if the Group Policy evaluation fails:"
Can anyone help us out with understanding what this means in practical terms, what are the security implications of having this disabled?
Question
Sam Taylor
Hi All,
We had a recent incident which broke many of our Virtual Desktops, the below message was being received:
Upon contacting Citrix, they asked us to set the below key's value to 0 to remediate:
HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Ica\GroupPolicy Name: EnforceUserPolicyEvaluationSuccess Type: REG_DWORD Value: 0
I've had a look through some of the Citrix documentation which describes setting the key's value to 0:
Known issues | Citrix Virtual Apps and Desktops 7 2203 LTSR
Fixed issues | Citrix Virtual Apps and Desktops 7 2203 LTSR
One of the above states:
"Session Manager terminates session launches when the Group Policy evaluation fails. This is to prevent user access to resources that are restricted through Group Policy. The following user-implemented fix provides a registry toggle for administrators to dismiss the enforcement, which helps end users to connect to sessions even if the Group Policy evaluation fails:"
Can anyone help us out with understanding what this means in practical terms, what are the security implications of having this disabled?
Link to comment
1 answer to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now