B
Brad Berson
I'm testing SRP on a Windows 2003 [Enterprise] Terminal Server (with
Citrix Metaframe XP 1.0).
I put the SRP into the Users branch of our Terminal Services GP, which
already has all the usual loopback stuff and other typical lockdown
items to keep the servers safe and sane.
I set the default SRP policy to restricted, then added path rules for
the few paths that weren't already covered by the default allows that
were in place.
The SRP appears to work, denying access to applications as designed
and issuing the expected error messages when that happens.
There is however no evidence in the server's event log, of SRP doing
anything either way. Everything I've read says system events should
be there.
I added the LogFileName key to log the SRP results to a file, and the
resulting log file records all the "unrestricted" events, but none of
the "disallowed" events.
Is this normal?
What am I missing or doing wrong? Anything?
We'd /really/ like to have a log of the denials!
-Brad
Citrix Metaframe XP 1.0).
I put the SRP into the Users branch of our Terminal Services GP, which
already has all the usual loopback stuff and other typical lockdown
items to keep the servers safe and sane.
I set the default SRP policy to restricted, then added path rules for
the few paths that weren't already covered by the default allows that
were in place.
The SRP appears to work, denying access to applications as designed
and issuing the expected error messages when that happens.
There is however no evidence in the server's event log, of SRP doing
anything either way. Everything I've read says system events should
be there.
I added the LogFileName key to log the SRP results to a file, and the
resulting log file records all the "unrestricted" events, but none of
the "disallowed" events.
Is this normal?
What am I missing or doing wrong? Anything?
We'd /really/ like to have a log of the denials!
-Brad