Kevin Sullivan posted this great post about a potential work around that one of his customers in the education sector.
And for those who cannot wait for SoftGrid 4.5 to 'Machine Target' and/or the upcoming MSI Utility described in my blog entry below simply does not meet their requirements (maybe because you don't like the fact you lose on-demand streaming and such), here is one way to get this to target systems.
Coming off of a conversation on the WinHED mailing list, Steven Bornn-Gilman of Occidental College contributed the following workaround. Basically, you would still need to enable your sequenced applications and ensure that a general group of users in AD have access permissions to the app, but the below procedure can help you 'hide' the application from those machines you do not wish users to see and subsequently stream and run the application.
- Create a dependency in the OSD file for the application. You can create a dependency in the OSD file which will launch a script that will check whether or not the application should run on the system. The dependency inside the OSD would look something like this:
<SCRIPT TIMING="PRE" EVENT="STREAM" WAIT="TRUE" PROTECT="TRUE"
<HREF>c:\windows\system32\wscript.exe SGOUCheck.vbs NameOfApp</HREF>
- Create a script that determines the 'SUCCESSRESULT' (1) or ABORTRESULT (0) from above. The sample script below makes a determination based on the computer's current OU membership in AD:
Set args = wscript.arguments
SGApp = args(0)
Set objSysInfo = CreateObject("ADSystemInfo")
set pc = getObject("LDAP://" & objSysInfo.ComputerName) Set container = getObject(pc.parent) OUpath =container.adspath OU = Mid(container.name,4)
Select Case (SGApp)
If OU <> "NameOfOU" Then NotAuth ()
If OU <> "BioLab" Then NotAuth ()
If OU <> "MathLab" Then NotAuth ()
If instr(OUpath,"Library Labs") = 0 Then NotAuth ()
'OUpath lets you include a whole tree of OUs End Select
Public Sub NotAuth()
msgbox "The computer you are using in " & ucase(OU) & " is not authorized to run " & ucase(SGApp) & "." & vbCrlf & vbCrlf & "Please contact the ITS HelpDesk for assistance."
wscript.quit 0 'return exit code of 0, softgrid app doesn't launch End Sub
wscript.quit 1 'return exit code of 1, softgrid app launches
- Finally, use another method to publish the SoftGrid icons in order to not confuse end-users. So the above should do the trick but if you go ahead and use SoftGrid to publish the shortcuts, you will have users on 'non-authorized' machines with shortcuts that will error out when they try to launch. To fix this, you can simply configure SoftGrid to NOT publish the shortcuts and use some other means to copy them to the desired systems like via SMS, file copy, assemble an MSI package and roll that out, etc., etc.
I am traveling and am not able to confirm the above in my lab but the above seems straight forward enough. Again, credit Steven Bornn-Gilman of Occidental College for the above example as this is how he 'system targets' SoftGrid applications in his environment! Thanks for sharing, Steven!!!