When using Terminal Services (maybe with or maybe without Citrix add-ons), can the physical location of the user be identified?
The client workstation h/w is a mixture - sometimes a Windows pc, other times a thin client unit (eg Wyse, etc).
Our app needs to vary the business functionality based, essentially, on the location of the user. For instance, compliance with different state laws, or cash handling (a cash drawer can be used by any workstation at a branch or store, but can't be accessed from other branches or stores).
Also can't depend on a user's logon to identify their location - while most users will only be working at one location, some users do travel from one location to another. Having different logons for each location is not an option, for security and audit reasons.
Other than asking the user where they are (a problematic solution, for sure), are there any APIs, systemic support or techniques for addressing this type of need?
Thanks!
On the Remote Desktop server, you can identify the approximate physical location of the user based on their IP address. You can obtain the remote IP address associated with a session using the Win32 API function WinStationQueryInformationW with the information class WinStationRemoteAddress. If you are using a .NET language, you can use the Cassia library -- the remote IP endpoint is exposed as ITerminalServicesSession.RemoteEndPoint. Do not confuse the remote IP address with the client-reported IP address available from the RDS API -- the client-reported IP will not return the client's public IP if the client is, for example, behind a NAT router -- it will return a private IP address instead.
Once you have the client's IP address, you can use an API like GeoIP to look up the physical location of the client.