On-prem and on-cloud

Category archive


Desktop As A Service (DaaS) applications used in various enterprise and hosted service provider environments.

Citrix in-session watermark

in Citrix Cloud/Receiver/XenApp/XenDesktop by

The fact in VDI security designs is that people are the weakest links in your protection chain. How can you prevent insiders from simply taking the screen and leaking your most brilliant ideas to external sources? How can you trace a leak back to when it first happened?

Citrix In-session Watermark offers a solution for you. It adds traceable information on top of the VDI screen. This provides a deterrent to prevent people from stealing the screen. To take this one step further, even if the information is leaked, you can still easily trace back to follow the identity on the screenshot.

While XenApp & XenDesktop provides a great barrier to information theft for outside attackers, In-session Watermark is provides an additional layer of security against theft from inside users. To clarify, watermarks are primarily a deterrent to inside users – for trustworthy users, yes, who sometimes need a reminder to be honest, and also for malicious insiders who are working to steal intellectual property. Since users control their endpoints running Citrix Receiver, there are security advantages to implementing server-side protections, and this is where we implemented In-session Watermark.

The watermark is added to the image before it is transferred to the endpoint. Compare the approach for implementing Citrix In-session Watermark on server side to other solutions and offerings on the market. The Citrix In-session Watermark cannot be removed without killing the session. If a watermark solution were implemented using a user space process to draw the watermark, the malicious users can kill that process to remove the watermark, which is clearly not a sufficient deterrent.

In the Citrix solution, the watermark is added deep inside the HDX engine and if the user were to kill the process that draws the watermark, it would also kill the user’s session, which is a much more effective deterrent.

The benefits of embedding this security into the HDX engine also include better screen coverage. The Windows 10 start menu and UWP apps will be covered properly with Citrix Watermark while a user mode process might leave some of the screen uncovered.

More details can be read in the original Citrix article at: https://www.citrix.com/blogs/2017/12/04/a-new-option-to-protect-your-workspace-in-session-watermark/

XenApp and XenDesktop 7.15 LTSR CU1 and 7.16 CR

in XenApp/XenDesktop by

XenApp and XenDesktop LTSR and CR latest releases are here!

You should always research release notes, known issues and fixes of the new releases under each of the two main XenApp/XenDesktop forks, LTSR and CR.

More details about the two new recently released versions can be found by following the Citrix links below:

XenApp and XenDesktop LTSR 7.15 CU1


XenApp and XenDesktop CR 7.16


Citrix Receiver users prompted to download, run, open launch.ica file, instead of launching connection

in DaaS/Receiver by

Citrix Receiver launch.ica file

Applicable Products

  • Citrix Receiver for Windows

Symptoms or Error

When launching an application from the Internet browser, users are prompted to save or download the launch.ica file. The prompt Do you want to Open, Save, or Cancel the launch.ica connection file is displayed.The application does not launch immediately. Also, some but not all the users report that they are unable to connect.

For solution and more detailed analysis, see original Citrix Support article at: https://support.citrix.com/article/CTX804493

NetScaler SD-WAN service now available to all CSPs

in NetScaler SD-WAN by

With the success of some initial Citrix partners, Citrix is excited to make this program available to all CSPs, giving them a solution to improve the quality and reliability of the applications they offer to their customers and allowing them to expand into offering managed network services.

Whether the applications are hosted in a data center, co-lo or the cloud, NetScaler SD-WAN creates a reliable connection from the CSP’s customer to the application, aggregating multiple network connections into a single, software-defined virtual path, selecting the best route for each individual application, and immediately moving traffic off of poor performing links. CSPs using NetScaler SD-WAN can make sure that their customer never lose connection to the application.

More details can be found in the original Citrix article at: https://www.citrix.com/blogs/2017/09/27/citrix-csps-are-flocking-to-netscaler-sd-wan/

Citrix Support Fix List

in Citrix certifications/Monitoring and operations by

Citrix Support Fix List

George Spiers from the Citrix Community has created an awesome page which acts as a collection of Citrix most recent software fixes for all Citrix products.

This is a list containing the majority of Citrix support articles collated to make this page a one stop place for you to search for and find information regarding any issues you have with the main Citrix products and their related dependencies.

The page is updated daily with new support articles and information. Articles will change from time and if information here is outdated or incorrect please let me know using the comments. Links may also expire or change so if you find broken links, please let me know. For each issue, the author records known product versions affected however that does not mean products versions that are not in the list are not affected.

Each product table has a search box that you can type in to if looking for a specific fault. For example if you have an error code or message, use that to perform a search. You can also use your browsers search feature which will perform a search against the whole page based on the words you enter.

The full article can be found at: http://www.jgspiers.com/citrix-support-fix-list/ . The Citrix Support fix list includes the following products:

  • App Layering
  • AppDNA
  • Azure, Citrix XenApp Essentials and XenDesktop Essentials
  • Citrix Cloud
  • Desktop Lock
  • Director
  • Federated Authentication Service
  • Internet Explorer/Firefox/Chrome
  • Licensing
  • Machine Creation Services
  • NetScaler
  • NetScaler Management and Analytics System
  • Profile Management
  • Provisioning Services
  • Receiver for Android
  • Receiver for HTML5
  • Receiver for iOS
  • Receiver for Linux
  • Receiver for Mac
  • Receiver for Windows
  • SCOM Management Pack
  • ShareFile
  • Skype for Business
  • StoreFront & Receiver for Web
  • System Center Configuration Manager
  • Universal Print Driver & Server, General Printing
  • VMware ESX
  • Windows 10
  • Windows Server 2016
  • Workspace Environment Management
  • XenApp & XenDesktop (excluding Machine Creation Services)
  • XenMobile
  • XenServer

XenApp/XenDesktop 7.15 LTSR lab on a single machine

in Hyper-V/XenApp/XenDesktop by

Having built a powerful Windows desktop with the following configuration, I would like to share the requirements and high level deployment process for a single machine XenDesktop 7.15 LTSR lab.

Host machine configuration: 

  1. Windows Server 2016 Standard evaluation with Hyper-V server role and management tools
  2. RAM and SSD storage will be much appreciated of course, the more the better.
  3. All virtual machines have single vNIC, minimum 2 GB RAM (Hyper-V dynamic), 2vCores CPU as well as basic 40GB dynamic Hyper-V disk. The following virtual machines pre-created based on sysprepped Windows 2016 Standard template:
    1. DC01. Includes Active Directory domain services, DNS, file server (for Citrix UPM), certificate services (for Storefront SSL certificate) and DHCP (for PVS).
    2. CTX01. Includes Citrix XenDesktop 7.15 LTSR Delivery Controller, Citrix Licenser server and Citrix Storefront 3.12. Initially a demo 30-day license can be used (included by Citrix) or a new trial license can be issued from MyCitrix account website. The Citrix server roles can be consolidated except for XenDesktop VDA.
    3. VDA01. Includes Citrix XenDesktop 7.15 LTSR VDA (session machine), which can be a server or desktop OS VDA.
    4. SCVMM01. Includes System Center Virtual  Machine Manager (for use of Citrix MCS provisioning technology)
    5. PVS01. Includes Citrix PVS server (for use of Citrix PVS provisioning technology), running also PXE and TFTP services.
    6. Master01. This used as the master image for creating PVS vdisk.
    7. (Optionally) Netscaler VPX Express can be used for evaluating HDX proxy with Netscaler Gateway.

Citrix lab high level deployment process: This is based upon guidance from Citrix CTP Carl Stalhood: http://www.carlstalhood.com/xaxd/xenappxendesktop-7-15-ltsr/ 


What’s new in XenApp and XenDesktop LTSR 7.15

in XenApp/XenDesktop by

XenApp and XenDesktop 7.15 LTSR is essentially a field-proven, hardened version of XenApp and XenDesktop 2017 releases, with a variety of fixes and updates based on internal testing and customer feedback. It also includes broad OS platform support from Server 2008R2 to 2016 and Windows 7 to 10. Unlike the first LTSR, which was retroactively declared, this LTSR and future LTSRs will use a dedicated version number and LTSR designation. This makes it easier to identify LTSR sites over time. However, this LTSR should be adopted by all customers including those of you who are on the Current Release path given that this 7.15 LTSR contains fixes and updates for the 7.14 CR as well.

As mentioned above, the three main focus areas for XenApp and XenDesktop are security, flexibility, and user experience. Let us now delve into the plot further by covering the key points for each below which have culminated from the past few 7.x releases into this 7.15 LTSR.

More details can be found at Citrix blog post: https://www.citrix.com/blogs/2017/08/15/xenapp-xendesktop-7-15-ltsr-the-blockbuster-release-of-the-summer/ 

Also a great collection of articles can be found in the following Citrix XenApp and XenDesktop 7.15 LTSR FAQ: https://www.citrix.com/blogs/2017/09/07/xenapp-and-xendesktop-q3-2017-faq-from-the-whats-new-webinar/

and https://support.citrix.com/article/CTX205549

What’s Changed with this LTSR?

There are a few additional, notable updates that Citrix provides on its blog:

  • For the first time ever, Citrix Cloud will support LTSR benefits by combining the XenApp and XenDesktop Service with on-premises 7.15 LTSR VDAs.
  • The product lifecycle for all XenApp and XenDesktop Current Releases and LTSRs have been updated. Please review the latest information on the Citrix Product Lifecycle Support Policy and related pages.
  • With the retirement of Subscription Advantage, LTSR benefits are an entitlement of Customer Success Services only.


Citrix Receiver

in XenApp/XenDesktop by

A tedious but important task for any Citrix admin is to keep track of their customer’s Citrix Receiver client versions. You can grab the latest CR version from https://receiver.citrix.com and http://docs.citrix.com/en-us/receiver.html for all supported devices. The latest LTSR version can be found at https://www.citrix.com/downloads/citrix-receiver/windows-ltsr/ .

You can make use of Citrix Receiver Group Policy scripts for automatic mass deployment/upgrades in an Active Directory domain.

Always test before deploying in production, The known issues and fixed issues for each version of Citrix Receiver must always be checked thoroughly in the release notes section of Citrix Docs.

An exciting new feature is the auto-update feature in version 4.9. New Citrix Receiver for Windows 4.9 (LTSR) includes the Citrix Receiver updates capability, which enables updating it directly from Citrix, instead of manually downloading and installing it.

You can update to the new Citrix Receiver for Windows 4.9 (LTSR) automatically if you have installed Citrix Receiver for Windows 4.8 on your device, which has the capability to check for updates. In addition to the Citrix Receiver, you can get automatic updates to Real Time Media Engine for Skype for business (RTME) on your device, so now you can always be on the latest and greatest version of Citrix Receiver and RTME!

Citrix Connection Quality Indicator

in Monitoring and operations/XenApp/XenDesktop by

In complex environments, where distributed applications are deployed across the network utilizing numerous physical servers and workstations, connectivity can be reduced in general and/or per session basis. Citrix Connection Quality Indicator is a tool which provides feedback to the user when the network has been reduced to the point that the user’s experience is degraded. Displaying this information to the end user will improve overall user experience and reduce the number of calls to our customers’ help desks for network related user experience issues.

Sometimes end users complain that their Citrix applications or desktops are “slow today.” Citrix XenApp and XenDesktop are usually the first suspects when the user experience is not on par with expectations. This results in a higher than usual number of calls for the IT team, who then have to investigate Citrix environments, as well as their network, hardware, and so on. In most cases, the problem is caused by something other than Citrix.

Citrix Workspace Services – Supportability Team has introduced the end user-facing Citrix Connection Quality Indicator that gives users a better understanding of what is happening with their connection to a Citrix environment. As a result, they are able to adjust their expectations based on the notifications provided by the tool. Even when a device shows a strong network connection (e.g. all 5 bars on WiFi), that may not be a true representation of what is happening between the user’s device and the Citrix environment. The Connection Quality Indicator shows the correct indication of the connection strength to Citrix XenApp and XenDesktop.

The Connection Quality Indicator is an independent package that can be downloaded from Citrix Knowledge Base article CTX220774.
It needs to be installed on the Windows machine where the VDA is installed. The indicator shows notifications to the user when there is a change in the connection quality, for applications and desktops delivered by XenApp and XenDesktop.




Source: Citrix Blogs and Citrix Support pages

XenDesktop 7.13 is out

in DaaS/PVS/XenApp/XenDesktop by

This release marks a major milestone with significant enhancements to HDX. With new Adaptive Transport Technology, users benefit from faster, more responsive sessions across all functions by up to 10x — even over challenging network conditions. Furthermore, overall bandwidth consumption is reduced by up to 60% using the default graphics settings. Performance and scalability is improved when running on Intel graphics platforms and expanded USB tablet integration opens up new possibilities. Admins benefit with simplified setup of NetScaler Gateway, quick identification of inactive sessions and expanded Linux support. Also PVS now supports Linux desktop streaming.

More details can be found at:

XenApp and XenDesktop Director 7.12 features

in DaaS/Monitoring and operations/XenApp/XenDesktop by

As 2016 draws towards a close and people start planning for the holiday season, Citrix announced availability of Director 7.12 – a feature-packed release that will make a XenApp/XenDesktop administrator’s job simpler and less time-consuming. The list of new features and enhancements with this release includes the ability to mine the monitoring database with custom reporting, context-specific troubleshooting tips, a surprise gift for customers with Enterprises licenses, alerts via SNMP and more. Read on for details.

Director 7.12: A Citrix Holiday Gift to XenApp & XenDesktop Administrators


Citrix XenApp server reboot framework

in DaaS/XenApp/XenDesktop by

As the Citrix XenApp and XenDesktop FMA architecture does not include sophisticated reboot functionality by design, the use of a reboot script comes in very handy. There are two versions of the Citrix reboot framework, which introduce a great level of granularity when it comes to scheduling the reboot of Citrix session machines (workers).

The first version of the Citrix reboot framework can be found at: https://www.citrix.com/blogs/2015/10/16/xenapp-and-xendesktop-7-x-server-os-vda-staggered-reboot/

The first version of the Citrix reboot framework can be found at: https://www.citrix.com/blogs/2016/09/20/xenapp-and-xendesktop-7-x-server-os-vda-staggered-reboot-framework-v2/

Despite slightly different configuration parameters, the main difference between the first and the second version of the framework is the support of all provisioning methods offered by XenApp and XenDesktop. While the first version has no support for Machine Creation Services (MCS), the second version now has support for all provisioning methods including MCS.

XenApp and XenDesktop 7.12 is here!

in XenApp/XenDesktop by

XenApp and XenDesktop 7.12 ensures site accessibility with newly improved Local Host Cache technology, improved Azure integration, granular control for app and desktop publishing and intelligent server maintenance. Platinum Edition now contains enhanced monitoring with custom reporting and alert integration. It is the best platform to-date for app and desktop delivery – whether starting new, upgrading from a previous 7.x version or especially if migrating from XenApp 6.5.

A detailed matrix of the XenApp and XenDesktop 7.12 features can be found at:


A handy presentation of what’s new in XenApp and XenDesktop 7.12 can be found at:



1 2 3
Go to Top