&KDSWHU￿￿￿￿￿￿$GYDQFHG￿7RSLFV￿ ￿ ￿￿￿

The Aclcheck utility is used to display file and directory permissions that give excessive access to users and groups The Aclcheck utility can be used to verify the security of the MetaFrame server. See Appendix A, “MetaFrame Command Reference” for more information on using Aclcheck.

See the Windows Terminal Server documentation for information on using the Security Configuration utility.

8VLQJ￿WKH￿$SSOLFDWLRQ￿([HFXWLRQ￿6KHOO￿￿$SS￿

Many applications require write access to temporary files or directories to operate properly. Also, some applications use .INI files to define settings and preferences that are retained after the application terminates. Users may be able to change these preferences in undesired ways so that the next user who runs the application sees the settings left by the previous user instead of the standard settings.

One way to create a secure, standardized environment while allowing write access to files and directories is to use the Application Execution Shell utility (App). App lets you write execution scripts that copy standardized .INI files containing default settings to user directories before starting the application and that perform application-related cleanup after the application terminates.

App can also be used to create an execution script that is used in an .ICA file so that hackers cannot modify the execution parameters (for example, working directory or execution directory) because the parameters do not appear in the .ICA file, only the name of the App script file.

See Appendix A, “MetaFrame Command Reference” for more information on using App.

$XGLWLQJ￿/RJRQV

The auditlog utility is used to generate reports of logon and logoff activity.

Auditlog can also display logon failures and session duration.

Auditlog processes the Windows NT Event Log. To use auditlog, you must enable Windows NT logon/logoff event logging with User Manager for Domains. See your Windows NT documentation for information on event logging.

See Appendix A, “MetaFrame Command Reference” for more information on the auditlog utility.

Page 121
Image 121
Citrix Systems 1.8 manual 8VLQJWKH$SSOLFDWLRQHFXWLRQ6KHOO$SS, $Xglwlqj/Rjrqv