The webica.ini file is used by the
Citrix Windows client software for the purpose of providing more reliable security and user-configurable client drive file security.
Depending on the version of the client software used, Citrix policies applied to a user or from the Citrix Connection Center systray icon, the user will see:
Users can configure file access types to one of the following File Security settings:
- No Access
- Read Access
- Full Access
Also, users can configure whether or not a file security pop-up window appears when they access the same server again with the following options:
- Always ask me
- Never ask me again for this server
- Never ask me again
The Default answers are No Access and Always ask me.
Webica.ini file configuration:
The types of access you can set based on the settings in the INI file are described below.
405 is Full Access.
404 is Read Access.
403 is No Access.
-1 means no security setting is configured.
For example, type the following in the Webica.ini file if you do not want to show any ICA File Security pop-up windows to users, but your servers need full access to client computers.
[Access]
GlobalSecurityAccess=405
Citrix changed how this file is updated for end users starting with version 10.1 and later of their Windows clients. There are now only two ways to make changes to this file for end users:
manually edit the file on every computer
or
create a login script or use a batch file to push out the file to all users
In my lab environment, I have:
XP:
APPDATA = c:\documents and settings\username\application data
VISTA:
APPDATA = c:\users\username\AppData\Roaming
LOCALAPPDATA = c:\users\username\AppData\Local
You would append \ICAClient to the end and then copy your modified webica.ini file there.
For XP you could use something like:
copy \\server\share\icaclient\webica.ini "%APPDATA%\ICAClient" /y
For Vista you could use something like:
copy \\server\share\icaclient\webica.ini "%APPDATA%\ICAClient" /y
copy \\server\share\icaclient\webica.ini "%LOCALAPPDATA%\ICAClient" /y
The quotes are required because of the spaces in the folder path when the environment variable is expanded.
This was tested in my lab using XenApp 5 on Server 2003 and the version 11.000 clients.
Citrix articles referenced:
Article Tags