Effective immediately, the PackageStoreAccessControl (PSAC) feature that was introduced in Microsoft Application Virtualization (App-V) 5.0 Service Pack 2 (SP2) is being deprecated in both single-user and multi-user environments.
The PSAC feature has been unsupported in multi-user environments since the first hotfix package for App-V 5.0 SP2, however PSAC deployment in single-user environments has been supported until now. If you have deployed PSAC to single-user environments, remove the configuration option from any deployments
The scope of application entitlement enforcement in App-V will be reviewed and addressed as appropriate in a future release.
To address App-V application entitlement concerns, you can leverage the following features available today in App-V 5.0 SP2:
- By default, the location in Windows where App-V stores applications, %ProgramData%, is a hidden folder that most users will not understand how to browse. You can use this hidden folder with the “Pending Unpublish” feature in App-V 5.0 SP2 to alleviate some of the entitlement concerns.
- To prevent your end users from copying shortcuts and executables from the Program Data folder, consider the following:
- User-copied shortcuts cannot be used to launch an App-V application if the user is not entitled to the package.
- Copying executables from Program Data won’t allow users to run the application outside of an App-V environment, except for simple applications without any subsystems or integration.
The App-V 5.0 Team
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/