4.3 Control Access to Settings and Controls

You can restrict access to almost any of the Reflection settings or controls. For example, you can prevent users from changing the host address that a session connects to, or from running a macro. This allows you to simplify support requirements and resolve security concerns.

Restricting Access to Settings

As shown below, the restricted settings are grayed out. The security shield and the Change currently disabled settings link indicate administrative access is required to change them. Users cannot change these options unless they elevate their access level to administrator.

The security shield and the Change currently disabled settings link indicate that settings are disabled and administrative access is required to enable them.

NOTE:The customized files that include these settings can be bundled in a companion installer package (.msi) and deployed with the installation or later.

Restricting Access to Controls

You can prevent the user from using a particular control by restricting access to the control. In the following example, the security shield over the Auto Complete icon indicates that the "action" associated with this option is "restricted".

Tools for Restricting Access

You can restrict access to Reflection controls and settings with the Permissions Manager tool or through Microsoft Windows Group Policy settings.

  • Control Access to Settings and Controls with Reflection Administrative Tools. The Permissions Manager tool is a Reflection administrative tool that is automatically installed on your administrative installation point when you create an administrative install image. It can be accessed through the Installation Customization Tool or independently. With this tool, you can create and deploy .access files that restrict access to controls or settings.

  • Control Access to Settings and Controls with Microsoft Group Policy. Microsoft Group Policy provides another method for restricting access that is supported by Attachmate. If you are using Group Policy, you can import the Reflection ADM or ADMX files into your environment and modify the settings in the Group Policy Editor. (See Restrict Access with Group Policy in Chapter 6.)