4.7.3
Table Of Contents
- ThinApp Package.ini Parameters Reference Guide
- Contents
- About This Guide
- Configuring Package Parameters
- Package.ini File Structure
- Package.ini or ##Attributes.ini Files That Override Package.ini Settings
- Configuring the ThinApp Runtime
- Configuring Isolation
- Configuring File and Protocol Associations
- Configuring Build Output
- Configuring Permissions
- Configuring Objects and DLL Files
- ExternalCOMObjects Parameter
- ExternalDLLs Parameter
- ForcedVirtualLoadPaths Parameter
- IsolatedMemoryObjects Parameter
- IsolatedSynchronizationObjects Parameter
- NotificationDLLs Parameter
- NotificationDLLSignature Parameter
- ObjectTypes Parameter
- SandboxCOMObjects Parameter
- VirtualizeExternalOutOfProcessCOM Parameter
- Configuring File Storage
- Configuring Processes and Services
- Configuring Sizes
- Configuring Logging
- Configuring Versions
- Configuring Locales
- Configuring Individual Applications
- Configuring Dependent Applications Using the Application Utility
- Configuring Application Updates with the Application Sync Utility
- Configuring MSI Files
- Configuring Sandbox Storage and Inventory Names
- Other Configuration Parameters
- Locating the ThinApp Sandbox
- Controlling the Sandbox Location
- Sandbox Structure
- Creating ThinApp Snapshots and Projects from the Command Line
- Index
The AddPageExecutePermission parameter instructs ThinApp to add execution permission to pages that an
application allocates. The application can then run on machines that have DEP protection enabled, without
modifying the opt-out list.
ThinApp sets an initial value for the AddPageExecutePermission parameter that prevents any change to the
DEP protections.
Example: Adding Execution Permission
You can modify the AddPageExecutePermission parameter to add execution permission to pages that an
application allocates. ThinApp executes code from memory pages that the application specifies. This is useful
for applications that combine a program and its data into a single area of memory
[BuildOptions]
;Disable some Data Execution protections for this particular application
AddPageExecutionPermission=1
PermittedGroups Parameter
The PermittedGroups parameter restricts a package to a specific set of Active Directory users.
You can specify group names, SID strings, or a mix of group names and SID strings in the same line of the
PermittedGroups parameter. If you use a domain-based group name, you must connect to that domain when
you build the application package. If you add a SID in the parameter value, you are not required to connect to
the domain where the SID is defined.
Active Directory Domain Services define security groups and distribution groups. This parameter only
supports nested security groups. For example, if a user is a member of security group A, and security group
A is a member of security group B, ThinApp can detect the user as a member of security group A and security
group B.
When ThinApp builds an application, ThinApp assumes that any specified group names are valid and converts
the names to SID values. ThinApp can resolve group ownership at runtime using cached credentials. You can
continue to authenticate laptop users even when they are offline. If the user does not have access to run the
package, you can customize the AccessDeniedMsg parameter to instruct the user.
You can place the PermittedGroups parameter under the [BuildOptions] heading to affect the package, or
under the [<application>.exe] heading to affect a specific application. The [<application>.exe] value
overrides the default [BuildOptions] value for the specific application.
Example: Specifying a List of Active Directory Members
You can modify the PermittedGroups parameter to specify a list of Active Directory user group names,
separated by semicolons. The parameters in the [BuildOptions] section set global settings for the entire project.
[BuildOptions]
PermittedGroups=Administrator;OfficeUsers
AccessDeniedMsg=You do not have permission to execute this application, please call support @
1-800-822-2992
Example: Overwriting Global PermittedGroups Setting
You can specify a user group setting for a specific application that overwrites the global PermittedGroups
setting.
[App1.exe]
PermittedGroups=Guest
AccessDeniedMsg=You do not have permission to execute this application, please call support @
1-800-822-2992
ThinApp Package.ini Parameters Reference Guide
30 VMware, Inc.