close
Logo

Learn WCF in 2 days

From Citrix Knowledgebase article CTX135438  After installation, Receiver will launch and ask you to add an account.

For Receiver 4.4, FTU will be displayed only if store is not configured. If store is already configured via command line, GPO, DDC then FTU screen will not be available after installation. Otherwise, FTU can be suppressed by doing one of the following:  💡�

  • Rename CitrixReceiver.exe to CitrixReceiverWeb.exe.
  • Set the registry value: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Citrix\EnableFTU=dword:00000000 (or ) and install using a command line switch: CitrixReceiver.exe /ALLOWADDSTORE=N
  • Change Registry values post installation to suppress the Add Account window. Under HKLM\Software\Wow6432Node\Citrix\Dazzle, set AllowAddStore value to N.
  • Set the registry value: HKEY_LOCAL_MACHINE\Software\Citrix\Receiver\ (REG_SZ) = true  💡�

CitrixReceiver.exe Command line switches are detailed at at docs.citrix.com. Common Command line switches include the following:

  • /silent
  • /includeSSON – enables pass-through authentication. GPO configuration is also required as detailed below. CitrixReceiver.exe /includeSSON
  • /ALLOWADDSTORE=A – by default, only SSL (HTTPS) stores are accepted. To allow non-SSL stores: CitrixReceiver.exe /ALLOWADDSTORE=A
  • /STORE0 – To add a store from the installation command line: CitrixReceiver.exe /STORE0="AppStore;Store"

To enable , set:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client ForegroundProgressBar = 1 (DWORD)

For , set:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Configuration\Advanced\Modules\ClientDrive NativeDriveMapping=”TRUE”

To fix , set:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Virtual Channels\Keyboard KeyboardTimer=”10”

To prevent message, set ( and newer):

  • HKLM\SOFTWARE\Citrix\ICA Client\GenericUSB (same path for 32-bit and 64-bit, create the keys) DisableInternalDeviceCtlDispatchHook (DWORD) = 0x1

To override the devices that are mapped using optimized channels instead of generic USB, see Citrix CTX123015 –

In a client-side GPO, add the GPO ADM template for Receiver (C:\Program Files\Citrix\ICA Client\Configuration\icaclient.adm). In GPO Editor, go to Computer Configuration | Administrative Templates | Classic Administrative Templates | Citrix Components | Citrix Receiver.

  • To enable pass-through authentication: go to | User Authentication |. Local Username and Password – Check the top two boxes. Also in Internet Explorer.
  • To add a store, go to | StoreFront | StoreFront Accounts List – see the help text
  • To enable Local App Access, go to | User Experience | Local App Access Settings
  • To disable the Self-Service interface, go to | SelfService | Set Manage SelfServiceMode to Disabled. Enable Manage App Shortcut and configure it as desired. Enable Control when Receiver attempts to reconnect to existing sessions. If this is a VDA published desktop, set it to . Otherwise configure it as desired.

  • Enable the setting Create Client Selective Trust Keys.
  • Configure the FileSecurityPermission setting in one or more of the regions.
  • Configure the MicrophoneAndWebcamSecurityPermission setting in one or more of the regions.

Citrix CTX203658  – Windows 8 and newer  💡�

  • Computer Configuration | Policies | Administrative Templates | Windows Components | File Explorer Allow the use of remote paths in file shortcut icons = enabled

To deploy Receiver using Active Directory, configure a GPO with a computer startup script that runs the Receiver installer executable. Citrix has provided sample scripts on the XenDesktop 7.6 ISO in the \Citrix Receiver and Plug-ins\Windows\Receiver\Startup_Logon_Scripts folder. You can also download these scripts from the  download page by expanding Admin Tools. An enhanced version of the installation script can be found in .

Receiver Group Policy ADMX Template

Many of the Receiver configuration settings must be configured in group policy. These Receiver settings are only available after installing the GPO templates.

    Find the .admx and .adml files in the C:\Program Files (x86)\Citrix\ICA Client\Configuration The most important files are receiver.admx and receiver.adml. You can also download the ADMX files from the  download page by expanding Admin Tools. Go to your domain’s SYSVOL share and in the Policies folder look for a PolicyDefinitions folder. If one exists, paste the .admx file directly into the PolicyDefinitions folder. If this folder doesn’t exist in SYSVOL, instead copy the .admx file to C:\Windows\PolicyDefinitions. Open the PolicyDefinitions folder and paste the .adml file into the en-US folder. The GPO settings can then be found at Computer Configuration > Policies > Administrative Templates > Citrix Components > Citrix Receiver. For example, you can disable Customer Experience Improvement Program (CEIP) from here.

Pass-through Authentication

Citrix blog post –

From Citrix Knowledgebase article : To enable Single Sign-on with StoreFront, you must install CitrixReceiver.exe using the /includeSSON switch. This will only be successful for administrators.

    Run the command Set-BrokerSite -TrustRequestsSentToTheXmlServicePort $True from a Windows PowerShell command prompt on a Controller. In XenApp 6.5, this is a Citrix Policy > Computer > . Login to the PC as an administrator. If installing   as an administrator, on the Enable Single Sign-on page, check the box next to Enable Single Sign-on. Then finish the installation. If installing an older version of Receiver: Go to the downloaded Citrix Receiver. Shift-right-click CitrixReceiver.exe and click Copy as path. Open a command prompt. Right-click to paste the path in the command prompt and then add /includeSSON to the end of the command. Press <Enter>. Click Install when prompted. To verify that SSON is installed, go to C:\Program Files (x86)\Citrix\ICA Client and look for the file ssonsvr.exe. And if you open regedit and go to HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order, you should see PnSson in the ProviderOrder. Install the (and .adml) template into PolicyDefinitions if

Enable the Manage App shortcut setting to control placement of shortcuts.

New in 4.2.100 and newer is the ability to configure (or disable) Workspace Control. Enable the setting Control when Receiver attempts to reconnect to existing sessions and configure it as desired.

Prelaunch

Staring with Receiver 4.2, prelaunch is automatically enabled if Receiver is installed with SSON enabled. Otherwise, set registry values to enable prelaunch. prevents the prelaunch icon from appearing on the Start Menu.

HKLM\Software\[Wow6432Node\]Citrix\Dazzle

  • Name: EnablePreLaunch REG_SZ: true or false

Additional customizations can be configured at:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Prelaunch

  • Name: State REG_SZ: 0 = disable, 1 = just-in-time pre-launch, 2 = scheduled pre-launch
  • Name: Schedule REG_SZ: HH:MM|M:T:W:TH:F:S:SU where HH and MM are hours and minutes. M:T:W:TH:F:S:SU are the days of the week. For example, to enable scheduled pre-launch on Monday, Wednesday, and Friday at 1:45 p.m., set Schedule as Schedule=13:45|1:0:1:0:1:0:0 . The session actually launches between 1:15 p.m. and 1:45 p.m.
  • Name: UserOverride REG_SZ: 0  = HKLM overrides HKCU, 1 = HKCU overrides HKLM

Device Access Behavior

When connecting to a XenApp/XenDesktop session, you might see the following:

To configure the default behavior, see the Citrix Knowledgebase article . Note: there is a bug fixed in  and newer.

    Download the ADM file from . Edit a GPO that applies to the endpoint devices. Under Computer Configuration, right-click Administrative Templates and click Add/Remove Templates. Browse to the downloaded ClientSelectiveTrustX64Full.ADM  template and open it. Expand Administrative Templates, expand Classic Administrative Templates, and click Citrix Client Selective Trust. Enable the setting Create Client Selective Trust Keys. Then expand the regions and configure the permission settings as desired.

Desktop Lock

External links:

  • Dale Scriven YouTube video – 
  • Trash Gibson and Andrew Morgan -
  • An alternative to Desktop Lock –

How to Script Receiver Self-Service

From Citrix Knowledgebase article : by default, Receiver Self-Service (SSP) activities are driven by user interaction. However, SSP exposes sufficient information for its activities to be scripted.

When SSP builds a shortcut, it builds it to a small stub application in a file %appdata%\Citrix\SelfService\app-name-with-spaces-removed.exe for each resource. These files allow SSP to create a fake ‘install’ record for Add/Remove Software. Running these .exe files causes the application to launch. Note: Receiver 4.3.100 and newer don’t create stubs by default. To enable, set HKLM\Software\Wow6432Node\Citrix\Dazzle\AlwaysUseStubs (REG_SZ) = true.  💡�

If you want to drive SSP directly for launch instead of through an .exe stub, look at the keys under HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall. There will be keys in there named farm-name@@server-farm-name.app-friendly-name. In these keys you’ll find a LaunchString value that shows the relevant parameters. These parameters are user-independent and can therefore be cloned from a reference user to a general case. You can copy and reuse these parameters without interpretation.

Running the command selfservice.exe –init –ipoll –exit starts SSP, performs a refresh (interactive poll) from the current provider, and forces a clean exit.

Additional command line parameters are detailed at .

Stan Czerno – : the script launches a browser, connects to StoreFront (or NetScaler Gateway), logs in, and launches an icon. This is a very well-written script that uses a .dll file from Citrix Receiver to display session information.

David Ott uses Internet Explorer to login to StoreFront and launch a resource. Sends email with the result. Uses wficalib.dll to get session information.

Troubleshooting – Duplicate Stores

Stores are sometimes duplicated in Receiver, especially if you are running Receiver inside a VDA. (h/t Dan High)

StoreFront URLs can be defined in several places:

    In Studio, go to Configuration > StoreFront and delete all URLs configured here. Look in GPOs for Computer Configuration > Administrative Templates > Policies > Classic Administrative Templates > Citrix Components > Citrix Receiver > StoreFront > StoreFront Accounts List. Remove any URLs configured here. In the client-side registry, at HKLM\Software\Wow6432Node\Citrix\Dazzle\Sites, you might see store addresses that were specified during a command line installation of Receiver. When Citrix Receiver switches between StoreFront servers in multiple datacenters, it’s possible for each datacenter to be treated as a separate Receiver site. This can be prevented by doing the following. From Juan Zevallos at : Match the BaseURL in all datacenters. Match the SRID in all datacenters – The SRID can be safely edited in the C:\inetpub\wwwroot\Citrix\Roaming\web.config. Make sure to propagate changes to other servers in the group. Match the Delivery Controller names under “Manage Delivery


endpoint security 5     gfi endpoint security 2013
Categories