One of the highlights of the upcoming minor version 2.6 is the ability to control Active Directory permissions for virtual applications.

So I’d like to share with you the configuration screen for this new version, which will be part of the Package Editor:

Active Directory permissions

The first part deals with white-listed domain name(s).

The second part allows you to white-list / black-list user groups, either by name or by SID.

These first two sections are “AND”ed, meaning that if you fill both, they will both have to match in order for the application to launch (or you can enter just one or another: domain name or user groups).

The third section deals with cases where the user is offline. Indeed, the two Active Directory verification sections discussed above require connectivity to the domain server. But what happens if the user is out on a business trip or a just working from somewhere outside the organization without VPN? This section solves this use-case and lets you configure a grace period during which Active Directory authentication won’t be required.

The bottom section “Messages” is self explanatory.

Another functionality that will be coupled with this one is called “RepoSync”. It will synchronize and create shortcuts on the user’s desktop for applications, from a network share. Users will only get the apps they are allowed to, according to this Active Directory dialog. And inversely, apps to which they are no longer entitled will be removed from their desktop.

Any volunteers for Beta testings, please contact cameyo at

The Active Directory features will be available in Cameyo’s Enterprise edition.