Document ID: CTX111046, Created on: Sep 21, 2006, Updated: Sep 22, 2006
Products: Citrix EdgeSight 4.1 for Endpoints, Citrix EdgeSight 4.1 for Presentation Server, Citrix EdgeSight 4.2 for Endpoints, Citrix EdgeSight 4.2 for Presentation Server
Symptoms
While using the Remote reports (for example, running the Real Time > Remote > Processes report), you receive the following error message:
“Access denied: You do not have permission to access this resource”
-And-
If you run the Real Time > Remote > Summary report, you receive the following error message:
“ Error occurred connecting to <devicename>
Error: -2147217843 Access denied: You do not have permission to access this resource”
Cause
The remote connection is being rejected by design and is caused by a default setting on the remote EdgeSight agent you are trying to connect to.
The RemoteSecurity setting defines who can and cannot use the Real Time reports in order to connect to the agent.
The default setting is one (1), which ONLY allows a local administrator of the device to connect. Most EdgeSight users are not a local administrator on all of the devices they are trying to connect to.
The RemoteSecurity setting is configurable and can be set at the agent installation time.
Resolution
WARNING! Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.
For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Make sure you back up the registry before you edit it. If you are running Windows NT, also update your Emergency Repair Disk (ERD).
You must edit the RemoteSecurity registry key. Its location may differ slightly based upon the version of the agent you are running.
For the 4.2 agent:
Change the following registry key’s value from 1 to 0:
These settings take effect immediately after you change them and no process restart is required. If you have multiple machines that require this change, you may want to distribute an automated job or policy to change it on all your devices.
More Information
The following screen shot shows the most secure setting (with the value data of the RemoteSecurity key set to 1) on a 4.2 agent machine. This setting is the default and most likely results in an “Access Denied” error message for your EdgeSight users when trying to use the Real Time Remote reports.
The following screen shot shows the least secure setting on a 4.1 agent machine (the value data of the RemoteSecurity key set to 0). This setting should allow all your users to use the Real Time Remote reports.
Also, see Chapter 3 in the EdgeSight Installation Guide for more complete details regarding the use of all the remote security settings (RemoteSecurity, RemoteSecurityGroup) as well as how to set them correctly at installation time through the msiexec command.
None of this has anything to do with us, someone else is responsible for the entire thing, and we have no idea who or why. We do not know anything about it. It may be alien life forms for all we know: we haven't a clue. You cannot blame us for anything that may result from your visit. That was entirely your own personal choice, made by you of your own volition, and without our knowledge. We do not, after all, have any control over you and cannot by any stretch of the imagination be expected to accept or acknowledge, be it legally or morally, any accountability for decisions made by you on an independent basis, utilizing your own free will, and without our intervention. We are therefore in no way, shape, or form answerable to anyone for any consequences arising from the aforementioned or indeed any other actions, similar or otherwise, because it was not us that did, or did not do anything. It is not even remotely our fault, and we are in no way prepared or willing to accept any liability, not even slightly, ever. We are, in fact completely and utterly blameless, in that it is definitely not our concern, and no blame can possibly be laid at our doorstep, even if we had one, the possession of which we hereby reserve as being entirely our own free choice. The onus is not on us at all, and furthermore, never has been. The entire matter is wholly beyond our control, and completely out of our hands, each of which are washed scrupulously clean of the whole business. We are not accountable for anything at all, and we hereby categorically deny all responsibility for all that has ever, or will ever happen. Our innocence is therefore wholly beyond doubt and absolutely unimpeachable, and so cannot, under even the remotest or unlikeliest circumstances, be brought into question. By clicking either on a link on this site, clicking on a link that leads to this site, or by arriving at this site by natural or supernatural means, you are in effect accepting responsibility for the fact that it is all entirely your own fault, down to the most miniscule detail, and that you are wholly accountable for whatever outcome may arise as a consequence of the aforementioned action or actions insofar as they were undertaken personally by you on an entirely voluntary basis and without any persuasion, coercion or influence from any party or parties other than yourself. Don't come sniveling to us, we are only figments of your imagination. I also agree that if I am ever with a contributor to this website during mealtimes I agree to pay for any super-sizing of their meal, or at least a nice dessert or one of those foo-foo drinks with an umbrella or a monkey. By admitting to have seen the worthless spineless drivel on this website (also known as content)
I Agree Wholeheartedly and Without Reservation to the above. (Except maybe for that part about the monkey.)
All Your Base Are Belong To Us.
Soylent Green Is People!
Never make a bet with a Sicilian when Death is on the Line!
CTX111046 - EdgeSight Remote Report Error: Access denied: You do not have permission to access this
