At some companies, an administrator might integrate Unified Access Gateway with the third-party OPSWAT MetaAccess application. This integration, which is typically used on unmanaged devices in corporate bring-your-own-device (BYOD) environments, enables organizations to define device acceptance policies for Horizon Client devices.
For example, an administrator might define a device acceptance policy that requires client devices to be password protected or have a minimum operating system version. Client devices that comply with the device acceptance policy can access remote desktops and published applications through Unified Access Gateway. Unified Access Gateway denies access to remote resources from client devices that do not comply with the device acceptance policy.
Normally, applications downloaded from Unified Access Gateway are run on the client in the context of the user. This behaviour can be changed by setting a flag on Unified Access Gateway as documented below. The default flag is RUN_AS_USER.
| Flag | Description | |
|---|---|---|
| User has admin Rights | User does not have admin Rights | |
| RUN_AS_USER | Run in the user context. Do not copy code to the client install path. | Run in the user context. Do not copy code to the client install path. |
| RUN_AS_USER_IF_ADMIN | Run in the user context. Do not copy code to the client install path. | Do not run. |
| RUN_AS_USER_IF_NON_ADMIN | Do not run. | Run in the user context. Do not copy code to the client install path. |
| RUN_AS_SYSTEM | Run in the system context, including copying code to the client install path. | Run in the system context, including copying code to the client install path. |
| RUN_AS_SYSTEM_IF_ADMIN | Run in the system context, including copying code to the client install path. | Do not run. |
For more information, see the Deploying and Configuring VMware Unified Access Gateway document.
