Product Version: 5.5
Expires on: 365 days from publish date
Updated: May 28, 2013
This is general guidance to list ProfileUnity security requirements.
ProfileUnity is not functioning as designed.
- Regedit32.exe users permissions must be read/execute
- Regsvr32.exe users permissions must be read/execute
- Regedit must be able to execute silently
Description: It’s possible to prevent users from accessing registry tools but it should not be disabled from running silently.
Description: If "Access to registy editing tools is restricted" than regedit must be able to run silent for ProfileUnity to execute properly.
- File system scripting object must be enabled
- Execution of VBS scripting must be allowed
Description: VBS should not be blocked, check to make sure that this GPO setting is NOT in place.
- HKCU RunOnce must be allowed, must not be disabled in GPO
Description: Usually "RunOnce" is disabled by this GPO policy found here. Verify that it is set to "Not Configured"
Note: New Xenapp policies might reference disabling the runonce key for best practices but doing so will break certain ProfileUnity policies.
- If GPO is used to limit size of profile it should be set to 100 MB or more or disabled.
Description: This GPO setting is found here. Verify that it is set to "Not Configured"