I am setting up a Citrix XenApp 5 solution on Windows 2008 Server. I have the Web Interface running properly and the applications (Web Based and Locally installed) built and running and the Terminal Services Role in place. With my test (restricted/Users Group) user, I am able to get to the web based applications and use the links to get to the pages (Trusted Sites are defined) just fine, until I try to open a link to a .pdf, which requires the Acrobat plug-in to activate within the browser. This operation works fine for an administrative user, and also without Enhanced Security Configuration turned on. But I cannot find anything to allow the acrobat plug-in, and probably any other plug-in for that matter, for members of the User's Group. I think I can also do a "Save Target As" for the link, but want to avoid folks having to download and save and delete the files. Although the link to the .pdf is on a Trusted Site, when it opens a new window, the site is listed as Unknown. It opens the new window and sits there blank, without any error message. I think there is some guideance out there to turn off ESC for Terminal Services users, as they are already restricted to the point that they cannot execute any malicious code.
Is turning off ESC for Terminal Services users the latest and final word on this type of matter or is there a way to grant (restricted) users the ability to activate the acrobat plugins within IE with ESC turned on?
Is turning off ESC for Terminal Services users the latest and final word on this type of matter or is there a way to grant (restricted) users the ability to activate the acrobat plugins within IE with ESC turned on?
