2.8 Installing Oracle IRM Desktop in a Citrix Environment

This document describes how to deploy Oracle IRM Desktop for users of Citrix environments. It also provides guidance on how to control rights synchronization for Citrix users.

This installation allows in-application sealing of documents (that is, sealing within Microsoft Word, Excel, and PowerPoint).

Installing the Oracle IRM Desktop Software

In a Citrix environment, you need to install the Oracle IRM Desktop software on each Citrix server. You need to use the Windows Add/Remove Programs dialog rather than simply run the installation directly, as follows:

  1. Obtain the Oracle IRM Desktop installation executable, and save it to a location accessible from the Citrix server, but do not run it.

  2. Use the Windows Add Or Remove Programs application to install the Oracle IRM Desktop installation executable on the Citrix server.

Having installed the Oracle IRM Desktop software on each Citrix server, it is possible for Citrix users to start working with sealed documents according to their rights. However, Oracle recommends that you set up login and logout scripts to control rights synchronization in a non-standard way.


If users are allowed to use non-Citrix systems as well as a Citrix system, you need to use device limits to ensure that rights are available on both types of system. For example, users might have laptops for mobile use as well as access to a Citrix system. By default, a user's rights can only be cached on one system at a time. An administrator can raise the device limit (which will apply to all users) as required. See Oracle Fusion Middleware Administrator's Guide for Oracle IRM Server.

Controlling Rights Synchronization for Citrix Users

We recommend that you use scripts to control rights synchronization for Citrix users. This is the simplest way to ensure that rights will be available regardless of which Citrix server hosts a given session. Without such scripts, a user's rights might be cached on one server when the user is using another.

This guidance presumes that Citrix users are using Windows authentication to access sealed documents.

You might use the following HTML application (HTA) at the start of a user's Citrix session:

<script type=text/javascript> 
function done(){ 
<body onLoad="done()"> 
<script type=text/javascript>  
<OBJECT CLASSID="clsid:18CEFFD2-A724-11D3-B647-86BD54000000" TYPE="application/login-softseal" TITLE="Retrieve Rights" WIDTH=150 HEIGHT=150 id=SealedMedia_Unsealer_Plugin1> 
<PARAM NAME=server VALUE="https://servername:443/irm_desktop"> 
<PARAM NAME=refreshall VALUE="true"> 

The first <PARAM> tag specifies the address of your rights server. The second <PARAM> tag specifies the operation that you want to occur: refreshall. This synchronizes the user's rights so that they are available for the session.

A similar script with the releaseall parameter would run at the end of a session.