Configuring Operating System Policies
When you create a session or preauthentication policy, you can configure client security strings to determine whether or not the user device is running a particular operating system when users log on. You can also configure the expression to check for a particular service pack or hotfix.
The values for Windows and Macintosh are:
|Mac OS X||macos|
|Windows Server 2008||win2008|
|Windows Server 2003||win2003|
|Windows 2000 Server||win2000|
|Windows 64-bit platform||win64|
To configure an operating system policy
- In the configuration utility, in the navigation pane, do one of the following:
- In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway > Policies and then click Session.
- In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway > Policies > Authentication/Authorization, and then click Pre-Authentication EPA.
- In the details pane, on the Policies tab, click Add.
- In Name, type a name for the policy.
- Next to Match Any Expression, click Add.
- In the Add Expression dialog box, in Expression Type, select Client Security.
- Configure the settings for the following:
- In Component, select Operating System.
- In Name, type the name of the operating system.
- In Qualifier, do one of the following:
- Leave blank.
- Select Service Pack.
- Select Hotfix.
- Select Version for Mac OS X only.
- Depending on your selection in Step C, in Operator, do one of the following:
- If Qualifier is blank, in Operator, select EQUAL (= =), NOTEQUAL (!=), EXISTS or NOTEXISTS.
- If you selected Service Pack or Hotfix, select the operator and in Value, type the value.
- Click Create and then click Close.
If you are configuring a service pack, such as client.os (winxp).sp, if a number is not in the Value field, Citrix Gateway returns an error message because the expression is invalid.
If the operating system has service packs present, such as Service Pack 3 and Service Pack 4, you can configure a check just for Service Pack 4, because the presence of Service Pack 4 automatically indicates that previous service packs are present.