ThinApp can use Active Directory groups to authorize access to the virtual application. You can restrict access to an application to ensure that users do not pass it to unauthorized users.

Active Directory Domain Services define security groups and distribution groups. ThinApp can only support nested security groups.


  1. In the Groups window, limit the user access to the application.
    1. Select Only the following Active Directory groups.
    2. Click Add to specify Active Directory object and location information.
    Option Description
    Object Types Specifies objects.
    Locations Specifies a location in the forest.
    Check Names Verify object names.
    Advanced Locates user names in the Active Directory forest.
    Common Queries (under Advanced) Searches for groups according to names, descriptions, disabled accounts, passwords, and days since last login.
  2. Change the message that appears for users who ThinApp cannot authorize.

What to do next

Define isolation modes for the physical file system.