The Application Launcher components, authentication methods, and file system access used when managing user-associated applications differ from a Windows 98 operating system to a Windows 2000/XP operating system, as explained in the following sections.
The following table lists the components, authentication method, and file system access used by Application Launcher when managing a user-associated application on a Windows 98 workstation.
| Event | Responsible Component | eDirectory Authentication | Workstation File System Access | NetWare Server File System Access | Windows Server File System Access |
|---|---|---|---|---|---|
| Distribution | Application Launcher |
eDirectory user (User object) |
Windows user 1 |
Folder and file rights assigned to eDirectory user 2 |
Permissions assigned to Active Directory user 3 |
| Launch (normal) | Application Launcher |
eDirectory user (User object) |
Windows user |
Folder and file rights assigned to eDirectory user |
Permissions assigned to Active Directory user |
| Launch (force run 4) | Same as normal launch |
||||
| Caching | Application Launcher |
eDirectory user (User object) |
Windows user |
Folder and file rights assigned to eDirectory user |
Permissions assigned to Active Directory user |
| Uninstall | Application Launcher |
eDirectory user (User object) |
Windows user |
Not applicable |
Not applicable |
1 The Windows 98 operating system, unlike Windows 2000/XP, does not provide file system security for individual users. Each Windows 98 user account has full access to the local file system, which means that Application Launcher has all the file system access it requires.
2 NetWare server file rights can be assigned through the Application object (Common tab > File Rights page). Any object that is associated with the Application object receives these rights. You can also directly assign rights to users through their User objects (Rights to Files and Folder tab > Trustee File System Rights page) or some other method, such as adding them to a group that has been assigned the appropriate rights.
3 Windows server file permissions must be assigned through the user's Active Directory account, which must have the same username and password as the user's eDirectory account. The user, workstation, Middle Tier Server (if used), and Windows server must be members of the same Windows domain. For information about using Novell DirXML to synchronize user account information between eDirectory and Active Directory, see "Installing DirXML" in "Installing in a Windows Network Environment" in the Novell ZENworks 6.5 Desktop Management Installation Guide.
4 The Force Run setting causes the application to automatically distribute after it becomes available. For information about configuring an application as Force Run, see Associations Page.
The following table lists the components, authentication method, and file system access used by Application Launcher when managing a user-associated application on a Windows 2000/XP workstation.
| Event | Responsible Component | eDirectory Authentication | Workstation File System Access | NetWare Server File System Access | Windows Server File System Access |
|---|---|---|---|---|---|
| Distribution | NAL Service |
eDirectory user |
Windows System user 1 |
Folder and file rights assigned to eDirectory user 2 |
Permissions assigned to Active Directory user 3 |
| Launch (normal) | Application Launcher or NAL Service (when run as secure/unsecure System user 4) |
eDirectory user |
Windows user or Windows System user (when run as secure/unsecure System user) |
Folder and file rights assigned to eDirectory user |
Permissions assigned to Active Directory user |
| Launch (force run 5) | Same as normal launch |
||||
| Caching | NAL Service |
eDirectory user |
Windows System user |
Folder and file rights assigned to eDirectory user |
Permissions assigned to Active Directory user |
| Uninstall | NAL Service |
eDirectory user |
Windows System user |
Not applicable |
Not applicable |
1 For Application Launcher and its associated programs (NAL Service and Workstation Helper) to work properly, the Windows System user account must have full rights to all areas of the workstation. By default, this access is granted to the System user as a member of the Administrators group. Do not limit the default rights given to the Administrators group or the System user account.
In addition, Application Launcher requires that the user's Windows account provide the following rights:
2 NetWare file system rights can be assigned through the Application object (Common tab > File Rights page). Any user who is associated with the Application object receives these rights. You can also directly assign rights to users through their User objects (Rights to Files and Folder tab > Trustee File System Rights page) or some other method, such as adding them to a group that has been assigned the appropriate rights.
3 Windows server file permissions must be assigned through the user's Active Directory account, which must have the same username and password as the user's eDirectory account. The user, workstation, Middle Tier Server (if used), and Windows server must be members of the same Windows domain. For information about using Novell DirXML to synchronize user account information between eDirectory and Active Directory, see "Installing DirXML" in "Installing in a Windows Network Environment" in the Novell ZENworks 6.5 Desktop Management Installation Guide.
4 The Secure System User and Unsecure System User settings apply to applications running on Windows 2000/XP only. These settings cause the application to run in the "system" space as the Windows System user rather than in the "user" space as the logged-in user. These settings are intended to ensure that users can run the application even if they have limited access rights to the workstation's file system. For more information, see Environment Page.
5 The Force Run setting causes the application to automatically distribute after it becomes available. For information about configuring an application as Force Run, see Associations Page.