Two user authorization modes for Winflector server access have been implemented. One of the two modes is used depending on the server configuration.
Authorization using Winflector server user accounts
The initial configuration requires that accounts (user/password) be created on Winflector server for all users authorized to share applications. Those accounts are independent from the Windows user accounts. To execute a shared application the user starting Winflector client program must provide a valid user name and password. Applications are executed within one Windows user account, the one which is used to run the Winflector server program.
This authorization mode is straightforward and does not use the Windows authorization procedures.
Authorization using Windows user accounts
The second authorization mode enables sharing of applications within existing local or domain wide Windows user accounts. The application is executed using the environment and permissions of the selected Windows user. Additionally, it is possible to define names of Windows user groups, with groups members authorized to access applications.
The advantage of this authorization mode is that it gives a better control over user permissions. It allows centralized (Active Directory) administration of user permissions to execute applications shared by the Winflector server.