User with lowest session ID can perform actions as if they were on the console session
Hi We are running a Xenapp 6 farm on server 2008 R2 using SCCM to deploy applications and patches. What I have come to see is that any user who has the lowest session ID can perform actions as thought hey were on the console session. For example they have the ability to patch the server if there are pending patches. This is also possible through an ICA session so if the user starts any application on the server the patch window will appear locally on the client computer and the user can install the patches and reboot the server. We do not want any user to be able to install applications or to patch and reboot our servers. Is there any known way to fix this issue? edit: This is as far as I know only possible on 2008 R2 as they have removed the /console switch.
February 17th, 2011 9:15pm