Citrix ADC Deprecated Classic Policy Based Features and Functionalities FAQs

Q. Which all Classic policy based features and functionalities are being removed from Citrix ADC? Answer: All the features and functionalities mentioned in “Feature Description” column in Table 1 below are being removed from Citrix ADC. These features were deprecated in 12.0 builds and will be...

SF3.8 | Default domain service not running on 2012 R2 StoreFront server

Default domain services not running on 2012 R2 StoreFront servers Users are unable to connect to StoreFront...

How to create rewrite policy for Security Headers

This article explains how to create rewrite policy for content security headers, XSS protection, HSTS, X-Content-Type-Options & Content-Security-Policy ADC appliances support HTTP strict transport security HSTS as an inbuilt option in SSL profiles and SSL virtual servers...

PVS targets using MAK Licensing intermittently fail to reactivate

PVS targets using a vdisk that has the radio button set to MAK licensing will intermittently fail to reactivate after rebooting. PVS CDF traces may also show an error that the device does not exist in the VAMT database. "Device: 10.10.10.10 not found in Vamt database."...

The Recent Apps in the Start Menu are Not Displayed by the Citrix Receiver

The recent apps in the start menu are not displayed by the Citrix Receiver. Only the recent apps from a local app or shortcuts from GPO’s are shown. The registry key values are saved but are not displayed. If the users have icons in the start menu from a second worker group, the keys are created ...

Installing updates or third party software on the ELM

As a general rule, you should not install software on your ELM. While there are some circumstances where it will work fine, it is likely to cause software dependency problems that will block App Layering updates. App Layering is very particular about the Linux software packages and versions...

How Big is the 4.x User Layer Disk, and How Can You Change That?

...

Secure Mail - Use Safari as the Default Browser - No Browser Installed

From Secure Mail on the iOS devices you could receive this error message "No Browser Installed. Please install Secure Web or another web browser to open this link" when try to open a hyperlink or a url from an email message. The iOS device has the standard Safari browser installed...

App Layering / Unidesk - Finding the KMS server

...

Elastic Layering Logs

...

Using SNMP with App Layering and Unidesk appliances

A number of customers want to have some kind of external monitoring system for our appliances. SNMP is a fine choice, except that we do not enable it by default on our appliances, and we do not have a custom MIB. However, the SNMP daemon is installed, so if the customer knows what they're doing,...

Kernel panic error is seen when trying to deploy the OVA file for XenMobile Server on VMware

You receive an error similar to the following one when trying to deploy the OVA file for XenMobile Server installation on to VMware: VFS: Cannot open root device "sda3" or unknown-block0,0: error -6Please append a correct "root=" boot option: here are the available partitions:Kernel panic - not...

Space not freed up after force-canceling a task

When editing a layer or publishing an image, you see extra space consumed in the "Layering Service" Local Storage normally. You attempt to cancel the operation, but the task does not cancel. Eventually after 60 minutes the cancel operation gets to the Stalled state, allowing you to force-cancel t...

After I upgrade Windows 10 on my OS layer, what do I do about the C:\Windows.old folder?

When you upgrade Windows 10 from one major version to another 1703 to 1709, for instance, the previous Windows installation is left in a C:\Windows.old folder. In App Layering, you must not delete this folder. Our software needs to copy our drivers and other files from Windows.old to Windows once...

Receiver (4.9|4.10|4.11) installation stuck at setintegritylevel.exe while installing it through Non interactive desktop of a Admin user.

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. The Symptoms observed are as follows: 1. During installation of RecfWin 4.9/4.10/4.11 from the Non...

CVE-2013-4786 for LOM vulnerability

Mitigation recommendations for vulnerability CVE-2013-4786: 1. Setup SSL on the LOM port to encrypt credentials during login. 2. Follow the Secure Deployment Guide for Citrix ADC to isolate all management ports including the BMC management port on a management VLAN as is industry best practice...

FAQ: Citrix Insight Services (CIS)

Citrix Endpoint Management, using technology formerly called XenMobile This article contains answers to frequently asked questions aboutCitrix Insight Services formerly known as TaaS. Contents General Citrix Insight Services Plug-ins Security Considerations File Uploading Analysis Feedback Genera...

How to Upload Data to Citrix Insight Services (CIS)

Citrix Endpoint Management, using technology formerly called XenMobile Auto Support is a part ofCitrix Insight Services formerly known as TaaS, a Citrix initiative to simplify information gathering from customer environments, and also to provide automatic analysis of that data for common problems...

Unable to open PVS Console after upgrade to 7.17

Unable to open PVS Console after upgrade to PVS 7.17 with error An unhandled exception occurred and the application will exit. Please report the information below. Press Ctrl-C to copy the data to the clipboard. Method not found: '!!0 System.Array.Empty'. Stack Trace: at...

NetScaler Kerberos WIKI - Troubleshooting

Troubleshooting details for Kerberos Constrained Delegation and Authentication related issues on NetScaler...

Error: "This Operation Cannot be Performed Because a VDI is in Use by Some Other Operation"

Starting vm fail unable to find the disk OR Unable to start a VM error : "this operation cannot be performed because a VDI is in use by some other operation" OR Unable to start a VM , error : "The SR failed to complete the operation" OR Unable to start the VM , error : "This operation cannot be...

NetScaler SD-WAN Best Practices

Purpose and Scope The intention of this article is to provide the best practices when NetScaler SD-WAN solution is designed, planned, and executed in the your network. Network Infrastructure Design and Configuration Verifying ISP Link Health For new deployments, prior to SD-WAN deployment and/or...

How to Determine the IP Addresses of Active Connections to a Virtual Server of a NetScaler

This article describes how to determine the IP addresses of active connections to a virtual server of a NetScaler. Background To troubleshoot a web application issue, you might need to determine the IP address actively connected to a virtual server of NetScaler. For example, certain percentage of...

MDX Toolkit - error when wrapping android app - APKTool Error

MDX Toolkit version: 10.8.5 on-prem and cloud. -This article explains how to fix the issue on the on-prem version- When MDX Toolkit is trying to re-compile it shows the following error: "Re-compile the app using APKTool 2.3.1 and it fails" Complete log of the error is shown below: De-Compiling th...

Bluefin (Ingenico) IPP320 failing to communicate with Sage Exchange Desktop via ICA Channel Serial COM Port

Serial COM port redirected device Bluefin Ingenico IPP320 with encryption, fails to complete the communication with the Sage Payment Solutions...

SSO PassThrough is not working in Microsoft Edge Browser.

SSO Pass-through is not working in Microsoft Edge Browser...

How to change the customized icon for published apps in Citrix Cloud using Remote PowerShell SDK

In On-prem environment the icon of a published application can be replaced through the Application properties GUI. However in Citrix Cloud customized icon replacement is not possible from the GUI. We can use Remote PowerShell SDK to get it changed...

Citrix XenServer 7.2 Multiple Security Updates

Description of Problem A number of security issues have been identified within Citrix XenServer 7.2 which could, if exploited, allow a malicious man-in-the-middle MiTM attacker on the management network to decrypt management traffic. Collectively, this has been rated as a medium severity...

How to Generate and Install an SSL Certificate on a StoreFront Server for HTTPS connections

This article explains how to generate and install an SSL certificate on a StoreFront server for HTTPS connections. If you have already generated an SSL certificate on one of your StoreFront servers in the StoreFront server group, you can just export the existing SSL certificate and import the...

How to restrict users to access device settings on Samsung devices in KIOSK mode

Restrict users to access device settings in Samsung KIOSK mode...

XenMobile: 500 Server Internal Error (exid:16200BC6AC0-503E3024D00ABC1E4C352FFA2DAD6AC0) when we click on Manage > User

When you click Users tab on XenMobile server receiving error - 500 Server Internal Error exid:16200BC6AC0-503E3024D00ABC1E4C352FFA2DAD6AC0...

XenMobile OnPremise: Push Required apps in XenMobile by enabling the server property

Push Required apps in XenMobile by enabling the server property. Note: This article refers to XenMobile MDM OnPremise instance only...

Use of Microsoft Authenticator App to as 2-factor authentication for O365 access using XenMobile

Question - Can we use the Microsoft Authenticator app as a means of 2-factor authentication to secure access to XenMobile integrated O365 environment? Answer - Currently use of Microsoft Authenticator as a means to provide 2-factor authentication is only possible for O365 apps. The security featu...

PVS Targets experience slow boot

Scenario 1 : After PVS software is upgraded ​ Provisioning Services Target Devices, that are using a BOOT.ISO to boot, experience an unusually slow boot time. The Targets can take anywhere from five to twenty minutes to boot. After the Target Device finally boots and it reaches the Windows Login...

iOS: Certain Public Apps cannot be installed

When adding a public app store XenMobile server, it fails to install through the Secure Hub store on the end user's devices. No installation prompt is presented to the user and no mention of the application can be seen in XCode logs...

Error: "500 Internal Server" when Clicking on 'Edit' for a Device on XenMobile

When selecting a device under Manage r Devices and clicking on Edit. Customer is receiving the Error: 500 Server Internal Error exid:16C0...

Application Security rules might not be enforced properly when multiple users simultaneously log on to the same server OS machine

When multiple session support is enabled on a Windows server OS machine, Workspace Environment Management WEM application security rules of previously logged on users are replaced by rules of a more recently logged on user. For example, if a rule is assigned to user1 but not to user2, when user2...

How to clone a XenMobile over Hyper - V 2016?

Clone a XenMobile node over Hyper - V 2016...

The DB user's privilege on XenMobile server

Question: What kind of privilege is required for admin which requires when XenMobile DB configuration is done. Answer: Account needs to have the below privileges or else XenMobile cannot do certain action without the permission on the DB. db owner db creator public...

App Layering: Failed to Reattach Disks to the Desktop that were Temporarily Attached to the CachePoint Appliance

The error appears when rebuilding a desktop...

XenMobile Server - Netscaler Gateway Credential certificates (PKI) do not auto renew within the 60 days renewal time set

Question : XenMobile Server - Netscaler Gateway Credential certificates PKI do not auto renew within the 60 days renewal time set ? Answer : The NetScaler Gateway Credentials certificates are the user certificates which are directly bound from the Credential Provider to the NetScaler Gateway. Hen...

What is the difference between Basic DEP and Authorized DEP?

What is the difference between Basic DEP and Authorized DEP?...

How to attach files in Secure Mail keeping the policy restricted

In Secure Mail/WorxMail versions 10.3.5 and later, Android users can't attach images directly from the Gallery app when the Inbound document exchange Open-in policy is set to Restricted. If you want to keep this policy set to Restricted but still allow users to add photos from the Gallery, follow...

Native Receiver Access to Internal and External Store with Always-on NetScaler Gateway VPN Fails

User is connected to LAN and Receiver is accessing StoreFront directly or via LB. When moveing from LAN to Internet, Always-on VPN gets connected automatically. Now trying to launch an app results in error "There was a problem connecting: Store name". Trying to refresh the Receiver results in err...

XenMobile FAQ: Shared Devices for iOS DEP

Q: Does XenMobile support shared devices for iOS when the devices are enrolled in Apple DEP? A: Yes Q:What is the difference between Basic DEP and Authorized DEP? A: Basic DEP: During the setup assistant, the initial enroller is the default DEP user. Then, it is the final user after MAM...

How to configure, deploy, and troubleshoot StoreFront-based assigned application actions in Workspace Environment Management (WEM)

Feature Overview From WEM version 4.6, assigned Applications actions can be applications published from a XenApp & XenDesktop Site. This feature addresses a common customer request to have WEM include the ability to provide published application shortcuts in desktop sessions and through the WEM...

Enterprise Applications are not Auto Updated

Application marked as "Required" are not updating automatically on the device. User is required to update the application from Secure Hub...

How to Monitor XenMobile Servers through SCOM

Citrix added IT infrastructure monitoring through SNMP in XenMobile Server 10.8. For details, see SNMP monitoring. You can use various monitoring applications that support SNMP monitoring. This section discusses how to use SCOM for monitoring your XenMobile Server nodes. SCOM is a part of the...

Citrix XenServer Multiple Security Updates

Description of Problem A number of vulnerabilities have been identified within Citrix XenServer that could, if exploited, allow a malicious administrator of a guest VM to crash the host and, for some XenServer versions, allow a remote attacker to compromise the host. The following vulnerabilities...

What are Hung Threads and why is the StreamProcess terminating?

On PVS Servers StreamProcess Hung Threads can lead to poor performance, constant target re-connections and even full outages. These Hung Threads are usually detected by looking at the Windows Application Event logs. The following Events will be recorded: Level| Source| Id| Text ---|---|---|---...