Jump to content
Welcome to our new Citrix community!
  • 0

Understanding browser content redirection


Question

For my understandings, we've been working on Citrix VDA 19.12 CU1 with enabled BCR as described in the Citrix papers:

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/policies/reference/ica-policy-settings/browser-content-redirection-policy-settings.html

 

As described, the Citrix policy to enable BCR is:

 

\HKLM \SOFTWARE\Wow6432Node\Citrix\HdxMediastream

WebBrowserRedirection Allowed=1

 

To enable white/blacklisting:

 

\HKLM \SOFTWARE\Wow6432Node\Citrix\HdxMediastream

WebBrowserRedirectionAcl REG_MULTI_SZ

WebBrowserRedirectionBlacklist REG_MULTI_SZ

 

But for my understandings the policy-settings WebBrowserRedirectionAcl and WebBrowserRedirectionBlacklist are user-settings. They can't for my understandings set to 

\HKLM \SOFTWARE\Wow6432Node\Citrix\HdxMediastream. They have to be in the User-Part of the registry. 

But I can't find them there.

 

We have configured the settings as attached.

 

How do we have to configure it right to get it work ?

 

Kind regards for any help on this.

Jens

machine.png

reg.png

user.png

Link to comment

11 answers to this question

Recommended Posts

  • 0

Hi Jens

 

you've answered your own question by showing the GPO optins and registry keys. The Redirection ACL and Blacklist are both in the Computer configuration. Attached is an example one i use for PoCs 

 

Regards

 

Ken Z

BCR.png

  • Like 1
Link to comment
  • 0

Hi Ken,

 

yes thats right - but by my understandings in GPO, user-settings as described in the Citrix-policy above must have a registry-entry in the user-hive of the registry.

So for my understandings. 

 

When I set only Computer-settings as in your screenshot, BCR does not work in our environment. Only if Citrix policy with user-part was set additionaly to the MS
GPO, it works.

 

So no problem, the main thing is, that it works :-)

 

Thank you for your great support on this threat.

 

Kind regards

Jens

Link to comment
  • 0

Well, I only set the computer configuration settings and the BCR extensions, and it's always worked without any specific user settings.

I assume the user settings are to allow you to set the ACLs/Blacklists per user rather than per server/desktop, so theoretically they should both work...

 

Regards

 

Ken Z 

Link to comment
  • 0
On 7/30/2020 at 10:50 AM, Jens Strohschnitter1709152492 said:

Hello Ken,

 

yes we're using Chrome-extension for BCR.

 

Kind regards

Jens

 

Hello Jens,

which BCR diversions do you use?
for example ms teams, webex, zoom, gotomeeting, etc

Can you give me a configuration for the Citrix Policy ACL configuration browser content redirection and authentication pages?

Thanks

 

Matze

Link to comment
  • 0

Hi Jens,

 

thanks for the reply. I know the article but somehow the settings don't match or maybe they are no longer up-to-date.

 

Did you only add this one entry?
https://login.microsoftonline.com/*teams*

 

and if so, is the entry in the Citrix Policy ACL configuration browser redirection or authentication browser redirection or both?

 

We have received an Outlook invitation for teams on Citrix VDA that looks something like this:

https: //teams.microsoft.com/_#/pre-join-calling/19: meeting_abcdefghijklmnop ...

 

The browser redirection does not work with us, but for example https://www.youtube.com/* and https://live.daserste.de/* works. it must actually be the url of the citrix policy or do you have an idea? We have already tried to use the Citrix article CTX238236.

 

By the way, if you should work at R+V in Wiesbaden, we're almost neighbors and maybe we can exchange ideas.

 

Thanks
Matze (SOKA-BAU)

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...