Morning all

We currently deploy applications to our desktops by adding users to groups which have applications associated with them.

Recently, we've started allowing users access to VDI PC's. These VDI PC's also have the ZENworks agent installed, and to all intents and purposes, function in exactly the same manner as our desktops.

At the moment, the ratio of users to VDI PC's is 1:1, but we'd like to increase this by allowing a pool of say 5 to 10 users, access to one VDI PC, but we'd like to restrict the set of applications which are available to them when they login.

I suppose we could go through all our current 740+ application objects one by one (unless someone knows a faster way) and put conditions in the availability tab to not show if the VM tools is installed or something, but just the thought of it is already setting off a tedium warning in my brain.

I wondered if we could have some of the apps, the ones we wish to make available, associated directly with the VDI workstation object, and then somehow either stop NAL from reading groups to prevent it displaying the user assigned ones. I'm aware there is the setting within the application launcher configuration to prevent reading of user groups, but that would obviously reduce their applications if they were to login to a conventional desktop. I'm thinking/hoping a reg key eg. DontReadUserGroups=1 which I could stick somewhere useful in the registry of the VDI PC's.

Any help much appreciated