The role of Active Directory Group Policies
In the world of IT, Active Directory Group Policies are the law of the land. Many people are not particularly fond of them because of the added complexity that they bring about in large enterprise environments. Like them or not, however, GPOs are absolutely indispensable for every serious IT organization and they play a huge role in combining compliance with end user experience.
It is very typical for Active Directory GPOs to accompany Citrix policies by applying settings to the same user or computer objects. In the context of highly secure environments, often times XenApp sessions are completely locked down. In the example of hosted shared desktops where every user interaction with an operating system can affect others, I have personally on many occasions recommended that a desktop experience be restricted to only what is needed for users to do their jobs. Any Administrative Tools, such as Control Panel and Command Prompt, should be blocked to...
