5.1
Table Of Contents
- ThinApp Package.ini Parameters Reference Guide
- Contents
- About This Guide
- Configuring Package Parameters
- Package.ini File Structure
- Package.ini or ##Attributes.ini Files That Override Package.ini Settings
- Configuring the ThinApp Runtime
- Configuring Isolation
- Configuring File and Protocol Associations
- Configuring Build Output
- Configuring Permissions
- Configuring Objects and DLL Files
- ExternalCOMObjects Parameter
- ExternalDLLs Parameter
- ForcedVirtualLoadPaths Parameter
- IsolatedMemoryObjects Parameter
- IsolatedSynchronizationObjects Parameter
- NotificationDLLs Parameter
- NotificationDLLSignature Parameter
- ObjectTypes Parameter
- SandboxCOMObjects Parameter
- VirtualizeExternalOutOfProcessCOM Parameter
- Configuring File Storage
- Configuring Processes and Services
- Configuring Sizes
- Configuring Logging
- Configuring Versions
- Configuring Locales
- Configuring Individual Applications
- Configuring Dependent Applications Using the Application Utility
- Configuring Application Updates with the Application Sync Utility
- Configuring MSI Files
- Configuring Sandbox Storage and Inventory Names
- Other Configuration Parameters
- DisableCutPaste Parameter
- LoadDotNetFromSystem Parameter
- PermittedComputers Parameter
- Services Parameter
- StatusbarDisplayName Parameter
- DisableTransactionRegistry Parameter
- PreventDLLInjection
- ProcessExternalNameBehavior Parameter
- PreventDllInjectionExceptions Parameter
- LargeAddressAware Parameter
- PermittedComputers Parameter
- PermittedComputersAccessDeniedMsg Parameter
- PermittedComputersOfflineAccess Parameter
- IgnoreDDEMessages Parameter
- Locating the ThinApp Sandbox
- Controlling the Sandbox Location
- Sandbox Structure
- Creating ThinApp Snapshots and Projects from the Command Line
- Index
Configuring Permissions 9
You can modify parameters for security tasks that define user access to packages and change Data Execution
Prevention (DEP) protection.
Permissions parameters are generally specified under the [build options] section.
This chapter includes the following topics:
n
“AccessDeniedMsg Parameter,” on page 29
n
“PermittedGroups Parameter,” on page 29
n
“UACRequestedPrivilegesLevel Parameter,” on page 30
n
“UACRequestedPrivilegesUIAccess Parameter,” on page 31
AccessDeniedMsg Parameter
The AccessDeniedMsg parameter contains an error message to display to users who do not have permission
to run a package.
ThinApp sets an default message that notifies the user to contact the administrator.
Example: Adding a Contact Number
You can modify the AccessDeniedMsg parameter to add a technical support number.
[BuildOptions]
PermittedGroups=Administrator;OfficeUsers
AccessDeniedMsg=You do not have permission to execute this application, please call support
@1-800-822-2992
PermittedGroups Parameter
The PermittedGroups parameter restricts a package to a specific set of Active Directory users.
You can specify group names, SID strings, or a mix of group names and SID strings in the same line of the
PermittedGroups parameter. If you use a domain-based group name, you must connect to that domain when
you build the application package. If you add a SID in the parameter value, you are not required to connect
to the domain where the SID is defined.
Active Directory Domain Services define security groups and distribution groups. This parameter only
supports nested security groups. For example, if a user is a member of security group A, and security group
A is a member of security group B, ThinApp can detect the user as a member of security group A and
security group B.
VMware, Inc.
29