Enable credential-based access to user stores 编辑

By default, Citrix Profile Management impersonates the current user to access user stores. Therefore, it requires the current user to have permission to directly access the user stores. Enable this feature if you do not want Profile Management to impersonate the current user when accessing user stores. You can put user stores in storage repositories (for example, Azure Files) that the current user has no permission to access.

The Enable credential-based access to user stores policy in the Local Group Policy Editor

To ensure that Profile Management can access user stores, save the profile storage server’s credentials in Workspace Environment Management (WEM) or Windows Credential Manager. We recommend that you use Workspace Environment Management to eliminate the need of configuring the same credentials for each machine where Profile Management runs. If you use Windows Credential Manager, use the Local System account to securely save the credentials.

Note:

To ensure that NTFS permissions are retained, you must put the entire profile in a profile container.

  • To save your profile storage server’s credentials in WEM, complete the following steps:

    1. In the administration console, navigate to Policies and Profiles > Citrix Profile Management Settings > User Store Credentials.

    2. On the User Store Credentials tab, select the Enable credential-based access to user store check box.

      Selecting the Enable credential-based access to user store check box in WEM

    3. Click Add. The New Credential dialog box appears.

      The New Credential dialog box in WEM

    4. Type the FQDN or IP address of your profile storage server and its credentials.
    5. Click OK to save your settings.
  • To save your profile storage server’s credentials in Windows Credential Manager, complete the following steps on each machine where Profile Management runs:

    1. Download PsExec from the Sysinternals website and unzip files to C:\PSTools.
    2. Locate Command Prompt from the Start menu. Right-click the Command Prompt option and choose Run as administrator. A command shell starts.

      Run Command Prompt as an administrator

    3. Run the C:\PSTools\PsExec -s -i cmd command. Another command shell starts.

      New command shell after you run the C:\PSTools\PsExec -s -i cmd command

    4. In the new command shell, run the rundll32.exe keymgr.dll, KRShowKeyMgr command. The Stored User Names and Passwords dialog box appears.

      Run the rundll32.exe keymgr.dll, KRShowKeyMgr command

    5. In the Stored User Names and Passwords dialog box, click Add.

      The Stored User Names and Passwords dialog box

    6. Type the FQDN or IP address of your profile storage server and its credentials. Use the default credential type. Click OK.

      Type the FQDN or IP address of your profile storage server

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:30 次

字数:4851

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文