Jump to content
  • 0

Users are prompted to specify Internet browser when you click on a link in Outlook 2016


Brian Mooney1709157652

Question

Posted

I have having an issue with a brand new Citrix XenApp 7.6 environment where users are prompted to specify Internet browser when clicking on a link in Outlook 2016 emails. I have Google Chrome, Mozilla FireFox, and IE all installed on the golden image and hence are available to the users. I am quite sure that I have IE set as the default browser both by GPO and by setting it manually as the default program. It looks like the IE GPO's stop at version 9 for compatibility.

 

 

This is exactly what I get every time but the list shows all the available browsers.

 

https://support.microsoft.com/en-us/help/3094186/you-are-prompted-to-specify-internet-explorer-when-you-click-a-link-in-outlook-2010-or-outlook-2007

 

 

The closest alternative I have found is as follows but really? Have to create a custom XML file?

http://serverfault.com/questions/665420/windows-8-1-server-2012r2-setting-default-browser-vis-gpo

 

https://blogs.technet.microsoft.com/mrmlcgn/2013/02/26/windows-8-associate-a-file-type-or-protocol-with-a-specific-app-using-gpo-e-gdefault-mail-client-for-mailto-protocol/#pi86646=4

 

Is this the only way? Has anyone else ran into this issue?

 

Windows 8+ no longer allow these settings to be changed via registry to prevent applications from hijacking preferences. You now have to use specific GPO to set a defaults template, check this article: http://blogs.technet.com/b/mrmlcgn/archive/2013/02/26/windows-8-associate-a-file-type-or-protocol-with-a-specific-app-using-a-gpo-e-g-default-mail-client-for-mailto-protocol.aspx#pi86646=4

Basically you need to export settings from a template computer and then apply that XML using GPO. I was able to verify this works on Windows 8.1 and 10, also works to modify the XML to remove entries you don't want pushed.

 

Any ideas or hints are gratefully appreciated. I've been beating my head against my desk for a few days now!

 

post-12665074-0-83915100-1488817229_thumb.png

Recommended Posts

  • 0
Posted

If you want to set IE as default browser, you can edit the registry at:

HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications
and
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RegisteredApplications

 

Remove all the line about Chrome, FireFox, VMWare (Backup them first by exporting the key in case you want to reverse back).

 

The Citrix FTA value is for URL redirection, if you want when a link is clicked the url is opened on the client side, you need to keep that line and remove the IE line as well. If you really want to use IE as default browser on the server, remove the Citrix FTA value and leave the IE value alone

 

Good look

 

Thomas Tran

Free tools for Citrix & RDS

http://www.mqtechnologies.com

  • Like 1
  • 1
Posted

Sorry to necro-post this but we are having the exact same issue on 2012 R2 with full desktop.  The srd file isn't being created at all which I think has something to do with it.  The KB wasn't back ported so I"m stuck at the moment.  Any ideas?

  • Like 1
  • 0
Posted

Hi Brian,

 

I ran in to same issue sometime back and the solution was to create custom XML file and use GPO to use this file to apply FTA.  Are you using any method to preserve user personalization? in my case Appsense preserved some hashkey value in user registry and it was unable to get recognized when it came back when user logged on( due to changes in microsoft from win 8+)

  • Like 1
  • 0
Posted

Hi,

 

It looks like that your problem was solved, right? Do you still need the confirmation about the deleting key?

In fact, you need to delete the entire key: FireFox, Chrome, VMware Default Host Application, so user will not have to choose the default browser.

 

Regards

 

Thomas Tran

  • 0
Posted

@Thomas Tran

So the resolution you provided me with did fix this. However, it only works on the PVS images once deployed. For example I went to my Golden Image and made the registry changes. I deleted all of the keys including the CItrix.ServerFTA. Then as usual, I copied the new vDisks to the PVS targets, booted them up, and then the CItrix.ServerFTA registry key re-appears. Hence when I launched a link from Outlook I get the prompt. see attached example.

 

The fix you provided me with was great. Then I ran into other file association issues. For example .PDF files. What I read was that you have to go with the .XML file creation.

 

According to Carl Webster this is all you need to do. Here is where I am losing my mind. I have set the file associations for HTTPS and HTTP then exported to the XML file. So in theory this should tackle the issue and the registry modifications you provided in theory should not be needed.

 

http://carlwebster.com/xenapp-7-x-on-server-2012-or-2012-r2-setting-file-type-or-application-associations/

 

See attached .XML file.

 

Lastly, this guy James Rankin has like the only article out there explaining why this is so painful.

http://www.htguk.com/deploying-per-user-file-type/#comment-4548

 

Any ideas? If you'd like to collaborate via email I can also make that work.

 

Thanks!

 

 

post-12665074-0-66081200-1489087591_thumb.png

AppAssoc.xml

  • 0
Posted

Hello,

I wanted to update the posting. Here is what I did and it resolved my issues.

 

1. Created a XppDefaults.xml file by exporting using the process outlined by Carl Webster @

http://carlwebster.com/xenapp-7-x-on-server-2012-or-2012-r2-setting-file-type-or-application-associations/comment-page-1/#comment-1764

 

Dism /Online /Export-DefaultAppAssociations:\\Server\Share\AppAssoc.xml

 

2. Created the GPO and linked it. PDF associations and others worked fine from this fix. However, the IE and Outlook issues I originally reported did not fix this issue.

 

3. On the Golden Image I deleted the registry keys as suggested by Thomas Tran

HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications
and
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RegisteredApplications

 

4. Here is the catch, the Citrix.ServerFTA registry key comes back after the server reboots. I don't know why or what causes it. But, I would suspect that perhaps the VDA brings it back?

 

5. Brought the Golden Image over copying the vDisk to target devices.

 

6. Noticed again that all of the Registry keys were gone except for the Citrix.ServerFTA key.

 

7. When the the Citrix.ServerFTA key is gone with all of the others clicking on a URL from Outlook does not prompt you like the screen shots attached. This is confirmed with multiple tests performed.

 

8. So what did I do. I created GPO to delete the key. Now every time a PVS target reboots with all the other fixes in place this key will delete and no more prompts!

 

Action: Delete

Hive: HKEY_LOCAL_MACHINE

Key Path: SOFTWARE\RegisteredApplications

Value Name: Citrix.ServerFTA

Value type: REG_SZ

Value data: SOFTWARE\Citrix\ServerFTA\Capabilities

 

I still would like to get to the bottom of this but I've spent way too much time already on this so I am moving forward with this. Off course I am open to any suggestions from colleagues.

 

Also please reference this article it says it all. In particular the "Limitations" portion.

http://appsensebigot.blogspot.co.uk/2015/10/deploying-per-user-file-type.html

  • 0
Posted

Hi,

 

If I remember well the Citrix FTA is the default option, you can leave it there as the only option (remove IE key too). There is another flag that enable/disable Citrix URL redirection, so if it's disabled, Citrix will launch the default browser on the server (IE).

 

The way that Citrix wants to take over control of everything is not very good as they create a program with the same name as IExplore.exe and that program will check if URL Redirection is enabled and if the URL is in the White List and reachable on the client side it will then open the URL on the local side, if not it will open on the server. So I think you can use the Citrix FTA option instead of the IE value in the registry. Just disable Citrix FTA redirection. Sorry, I understand how that mechanism work but I don't deploy too many Citrix environment. There may be some expert in this forum can help you better.

 

You may play with these registry keys:

HKEY_LOCAL_MACHINE\http 

HKEY_LOCAL_MACHINE\IE.HTPP

etc

 

Regards

 

Thomas Tran

  • 0
Posted

Hi,

 

Same thing for me. Windows 2016 using XD 7.13 and MCS. Office 2016 and all updates, etc.

URL redirect to client works fine for everything except Outlook 2016. It still prompts for Citrix FTA and will not let you set it as default even if it's the only choice. If I clicking on a URL in Word or Excel, it works great. I've tried all fixes I've found online so far, but nothing working if I want URL redirection. I'm wondering if it's receiver related since I have loss local control when the FTA box pops up. Local task bar turns black and it will not let me use the snipping tool or print screen to capture the screen.

 

Thanks,

Johnny Diggs

  • 0
Posted

I am having this same problem too. It doesn't just effect Outlook 2016 for my users though. We have a program with links in it that will not do anything when you click on them. Here is my experience.

After deploying the default association xml and deleting the Citrix fta from here:

HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications, it was still prompting to set the default app. Setting IE as default in the control panel didn't work either.

What fixed it was using the settings in the start menu, click System, Default apps then click reset. When clicking a link, the prompt to select a default app no longer appeared. This fix also remains persistent across logoffs and logging into different servers.

This is an OK fix if it remains persistent forever or for the life of the users profile. However when the VM reboots the question is will the fix remain. I'm using Citrix MCS to provision my VM's. I also deleted my profile from a server and logged in, it created a new profile with no errors, and I wasn't prompted to select a default browser. So I'm thinking it's not going to be a problem when the server images reset and I think new users will be ok too.

Luckily I only have a hand full of users that have started using the new servers I created. I'm going to add more users to this environment over time so hopefully the default association xml prevents this from becoming a problem.

 

Also please reference this article it says it all. In particular the "Limitations" portion.

http://appsensebigot.blogspot.co.uk/2015/10/deploying-per-user-file-type.html

 

That is an excellent blog, thanks for sharing it Brian. If I had hundreds of users I would probably have to look at that blog post closer and implement some of the recommendations in it. But since I have a small number of users, resetting the default FTA using the "modern app" Default apps tool works for me. I just hope this problem doesn't reoccur for my users.

Thanks,

John

  • 0
Posted

We have the same problem with Outlook 2016 (published app) on Windows Server 2016 and VDA 7.13 for the URL associations. 

 

Leaving just one choice changes nothing as OpenWith.exe starts anyway and no user choice are retained.

 

But, if we open and close an RDP session with the same user on the same server while Outlook is still running as a published app then, we no longer have the OpenWith popup and the browser is started normally for the life of the seamless ICA session.

 

We didn't find out what's happening on an RDP session launch...

  • 0
Posted

I'm able to fix it temporarily for each user. But when the server reboots or you update the image it comes back. This is one of the most annoying things I've come across in a while.

 

I'm going to open a case with Citrix to see if they can help.

  • 0
Posted

I'm able to fix it temporarily for each user. But when the server reboots or you update the image it comes back. This is one of the most annoying things I've come across in a while.

 

I'm going to open a case with Citrix to see if they can help.

 

did you open a case? im having the same issue and its driving me mad. we have analyzed following:

 

- using published app outlook, it will always ask if we want to continue to open it with internet explorer

- logging on once with published desktop will fix it, until a server reboot or logging on to a different server

 

we are using server 2016, office 2016, upm 5.8, vda 7.14. deleting fta in the registry does not fix the issue. of course i have applied an xml with http, htm, html, https and .url set to internet explorer. 

 

deleting the fta will result in showing this annoying popup with IE as only choice. the checkbox below is not checked and even checking it will make no difference in the same session!

  • 0
Posted

did you open a case? im having the same issue and its driving me mad. we have analyzed following:

 

- using published app outlook, it will always ask if we want to continue to open it with internet explorer

- logging on once with published desktop will fix it, until a server reboot or logging on to a different server

 

we are using server 2016, office 2016, upm 5.8, vda 7.14. deleting fta in the registry does not fix the issue. of course i have applied an xml with http, htm, html, https and .url set to internet explorer. 

 

deleting the fta will result in showing this annoying popup with IE as only choice. the checkbox below is not checked and even checking it will make no difference in the same session!

 

We are facing the same issue, we have had this since Window Server 2016 was RTM and we installed XA on them last year. It's driving our users mad, it's so many annoying issues these days with Windows 10/Window Server 2016 + Citrix.

  • 0
Posted

This is not a problem of Citrix, so I don't think Citrix will help you. The problem is all browser programs will try to register themselves with Windows to handle http protocol .

 

The solution as I have answered in my previous post is to delete all those keys, and you should delete them also in the master VM Image as someone has provided the feedback, so when the VM is recreated it will not contain those registry keys. You can also try to remove the write permission on that registry key after deleting those setting.

 

Regards

 

Thomas Tran

  • 0
Posted

This is not a problem of Citrix, so I don't think Citrix will help you. The problem is all browser programs will try to register themselves with Windows to handle http protocol .

 

The solution as I have answered in my previous post is to delete all those keys, and you should delete them also in the master VM Image as someone has provided the feedback, so when the VM is recreated it will not contain those registry keys. You can also try to remove the write permission on that registry key after deleting those setting.

 

Regards

 

Thomas Tran

 

this is not entirely true. it does work properly with full desktop and rdp. the problem only exists with published applications and also with these keys deleted. 

 

i have opened a case aswell in the meantime.

 

btw: it also works with persistent vm's - the problem is somewhat related to PVS and probably MCS.

  • 0
Posted

I think logically, if you keep Citrix FTA registry key and delete all other registry keys it should work. Citrix FTA will detect if a http link is invoked and it will pass the link to the browser on the server or redirect to local machine, depending on your setting.

 

It becomes complicated since Windows 2012, Microsoft has changed the UserChoice key with hash value so it breaks every thing.

On the RDS side, people using my program Remote Executer for URL redirection and with that registry setting, it works quite well.

 

There may be problem in Citrix FTA program, it does not detect the right default browser

 

Regards

 

Thomas Tran

  • 0
Posted
Unfortunately this doesn't work for me on Win 2016, XA 7.14 and non persistent machines.

I always get the "How do you want to open this? message when trying to start a link, with only IE as choice. This happens every time I try to open the link in the same session.

 

I tried both the "OEMDefaultAssociations.xml" and the "Dism /Online /Export-DefaultAppAssociations" options, as well as the removal of the values from the \RegisteredApplications keys.

 

Nothing works, this is driving me crazy.
  • 0
Posted

 

Unfortunately this doesn't work for me on Win 2016, XA 7.14 and non persistent machines.
I always get the "How do you want to open this? message when trying to start a link, with only IE as choice. This happens every time I try to open the link in the same session.
 
I tried both the "OEMDefaultAssociations.xml" and the "Dism /Online /Export-DefaultAppAssociations" options, as well as the removal of the values from the \RegisteredApplications keys.
 
Nothing works, this is driving me crazy.

 

It's still a problem for me too and It's driving me crazy as well. I went to a less frequent reboot schedule to minimize the number of times this happens to users. I just don't have a lot of time to dedicate to it right now. Hopefully someone comes across a solution that actually works and stays put across reboots.

  • 0
Posted

i have tried a lot of things in the meantime and found some interesting stuff.

 

in my lab i have built a server 2016 RDS only machine. no citrix components at all. office 2016 is the only installed application.

using mstsc with outlook as startprogram, i was able to reproduce the exact same issue. no profilemanagement, no pvs. just a simple vm with RDS role installed. 

 

first i thought, this must be a microsoft issue then. BUT - when i tried with remoteapp instead of mstsc (using the rdweb from microsoft) it worked straight away! 

 

this means, that remoteapp does somehow load a "published" application differently than mstsc with a start program. using procmon i tried to find the difference and i have found it. 

 

microsoft remote apps loads a process rdsinit.exe which actually fixes the outlook popup, even in seamless mode! the only thing i have found about this process is this here: https://blogs.technet.microsoft.com/askperf/2008/02/22/ws2008-terminal-services-remoteapps/

 

now - i just loaded rdsinit.exe in a loginscript on my citrix worker and this fixed also the outlook problem. but you still have to delete the FTA under registeredapplications, use the XML to set the FTA associations AND reset all registry keys, that citrix hijacks with its FTA like this one:

 

[HKEY_CLASSES_ROOT\http\shell\open\command]
@="\"c:\\program files\\internet explorer\\iexplore.exe\" %1"
 

you can search for "command_backup" in the registry to find all references.

 

this works, but is no good workaround, since the rdsinit.exe will stay forever and user sessions are not logged off anymore. also it will launch an additional process and the user will see it in the tasklist. i could probably fix all these issues by a script - but i dont know what else this rdsinit.exe will break in a citrix session?

 

the conclusion of all this is: citrix published apps are missing a proper environment (full desktop does work and also fixes the published app after opened once - just like rdsinit.exe does fix it aswell). also - this is a microsoft AND a citrix problem

 

i have a case opened with citrix. if anyone wants to jump in... here is the SR: 73172645

  • 0
Posted

i have tried a lot of things in the meantime and found some interesting stuff.

 

in my lab i have built a server 2016 RDS only machine. no citrix components at all. office 2016 is the only installed application.

using mstsc with outlook as startprogram, i was able to reproduce the exact same issue. no profilemanagement, no pvs. just a simple vm with RDS role installed. 

 

first i thought, this must be a microsoft issue then. BUT - when i tried with remoteapp instead of mstsc (using the rdweb from microsoft) it worked straight away! 

 

this means, that remoteapp does somehow load a "published" application differently than mstsc with a start program. using procmon i tried to find the difference and i have found it. 

 

microsoft remote apps loads a process rdsinit.exe which actually fixes the outlook popup, even in seamless mode! the only thing i have found about this process is this here: https://blogs.technet.microsoft.com/askperf/2008/02/22/ws2008-terminal-services-remoteapps/

 

now - i just loaded rdsinit.exe in a loginscript on my citrix worker and this fixed also the outlook problem. but you still have to delete the FTA under registeredapplications, use the XML to set the FTA associations AND reset all registry keys, that citrix hijacks with its FTA like this one:

 

[HKEY_CLASSES_ROOT\http\shell\open\command]
@="\"c:\\program files\\internet explorer\\iexplore.exe\" %1"
 

you can search for "command_backup" in the registry to find all references.

 

this works, but is no good workaround, since the rdsinit.exe will stay forever and user sessions are not logged off anymore. also it will launch an additional process and the user will see it in the tasklist. i could probably fix all these issues by a script - but i dont know what else this rdsinit.exe will break in a citrix session?

 

the conclusion of all this is: citrix published apps are missing a proper environment (full desktop does work and also fixes the published app after opened once - just like rdsinit.exe does fix it aswell). also - this is a microsoft AND a citrix problem

 

i have a case opened with citrix. if anyone wants to jump in... here is the SR: 73172645

 

Just asked the citrix support to link your case with mine (73306984), I have the exact same problem.

 

Cheers

Sebastiano

  • 0
Posted

@Christoph: Maybe a user login script with runonce.exe /AlternateShellStartup could help for your seamless connections. This will load the full environment for seamless users (so seamless users get everything they would in a published desktop in their user profile).

 

I have the same issue on 2016 with XenApp 7.14.1, UPM 5.7, VDA 7.14.1, but in my environment the issue exists also in published desktop sessions and only as far as VDA is installed. In a clean 2016 server install without Citrix components IE has all standards. After VDA installation IE has only 10 of 15 defaults left.

  • 0
Posted

Hi @ll,

 

found a workaround for me. Hope it's also a solution for you guys.

The Citrix server fta links http and https to itself. If you delete the two REG_SZ reg keys for http and https under HKLM:\SOFTWARE\Citrix\ServerFTA\Capabilities\URLAssociations links in Outlook could be opened again. You don't need any other fix. AppAssoc.xml isn't necessary.

I've created a gpp to delete these keys on my VDA servers.

  • 0
Posted

Hello,

 

When you do what you say you still receive the pop up, which in this case shows Microsoft's IE as the one and only option.

We tried these workarounds with Citrix support for several weeks without any luck.

 

Beware that, if you test it with the same user who created the server image in the first place, you won't have any issue since the hash in the registry is the one you created. The issue will occur for all the other users,

 

An update for everyone (received from Citrix the 25th of July): Citrix escalated this issue to Microsoft, who is currently (I'd say "still") looking into it.

 

Once again, this issue is related to the new "security mechanism (the famous hash)" introduced in Win 2016 by Microsoft and which cannot be modified by third party software providers.

 

Cheers

Seb 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...