[After upgrading Citrix Store Front 1912CU3 to 2203 - None of the Citrix XML Services configured for farm *** are in the list of active services, so none were contacted.]

Carl, as always your a star!

Had the same issue.  Been going around the bend trying to fix why after the upgrade I can't get anything showing unless i switch back to http. 

Applied and sorted!

Regards

[Just Grey Screen instead of Published Desktop]

Hi All, 

 

So we are getting this issue yet again.  Last time over a year ago and sorted with some Sophos AV exclusions and sorted. 

However I can't seem to work out what's causing the issue this time.  I've enabled verbose Sophos logging which really impacts our Citrix servers (we do a shared desktop) so I get users complain on slowness.  If i then enabled the windows audit policy of success and failures on Audit process tracking it grinds the server to unusable.  So I'm between a rock and a hard place, need to enable logging to work out what causes it, but can't enable logging as the system is unusable.  

 

We don't have Adobe installed anywhere like the issues Christian Radatz found.  At the moment I've setup a scheduled task to watch for the CtxUvi 1003 & 1005 error in the event log and send me an email so I know its occurred.  Next I need to get the server in question to be put in to maintenance mode also as part of that script just to stop the helpdesk tickets coming in.  But this is just a temp solution until we have a fix.

 

With the Sophos verbose logging I couldn't see anything out the ordinary around the time of the issue. 

 

So my question is can anyone offer a solution that doesn't impact the server to the extent it does while trying to work this out.  Christian Radatz, how did you do the Process Tracking?

 

Thanks in advance!

 

[Just Grey Screen instead of Published Desktop]

Hi all, 

 

Further update from me.  Since doing the exclusions in for Sophos ''On Access Scanning and 'Scheduled Scans' to the 3 main folders we still have had no occurrence of the grey screen.  So I think this is definitely a solution, be it a sledge hammer to crack a nut, as we previously had the issues every single day without fail up until I did this change.  

 

As mentioned before I will now try to tie down what area is the route cause.  Also I have not made any change to behavioural monitoring.

[Just Grey Screen instead of Published Desktop]

Hi all, 

 

An update from me.  So I enabled verbose logging and its not been totally clear if Sophos is the culprit however I spotted on one log around 1 hr before the CtxUvi error the log showed:

 

2021-04-24T12:28:17.010Z [70] [3948:8772] SaviNotify.cpp(1079) : Suppressed SOPHOS_SAVI_ERROR_SWEEPFAILURE (operation cancelled), name=C:\Program Files (x86)\Citrix\HDX\bin\PicaUiTweakHook.dll
2021-04-24T12:28:17.010Z [70] [3948:8772] SaviWrapper.cpp(1054) : Warning: Failed to sweep object, hr=0xA0040229, name=C:\Program Files (x86)\Citrix\HDX\bin\PicaUiTweakHook.dll
2021-04-24T12:28:17.010Z [80] [3948:8772] ThreatDetectionEngine.cpp(888) : [a0040229] Processor returned error for C:\Program Files (x86)\Citrix\HDX\bin\PicaUiTweakHook.dll, skipping to the decision handlers
2021-04-24T12:28:17.010Z [80] [3948:8772] ThreatDetectionEngine.cpp(216) : [a0040229] DoCheck returned error.
2021-04-24T12:28:17.010Z [80] [3948:8772] EngineManagement.cpp(259) : [a0040229] CEngineManager::Scan - Call to engine->Check(ScannableNode) for C:\Program Files (x86)\Citrix\HDX\bin\PicaUiTweakHook.dll returned an error code. Attempting to continue.
 

As I've not had much progress on this I decided to put exclusions in for ''On Access Scanning and 'Scheduled Scans' for the 3 main locations of:

 - C:\Program Files (x86)\Citrix\

 - C:\Program Files\Citrix\

 - C:\ProgramData\Citrix\

 

This was done yesterday morning and pushed out to all my Citrix servers and since then we haven't had a grey screen issues at all reported.  As mentioned previously we have approx 30 servers with 300 users daily and always get issues in the afternoon & evenings but nothing since the change.   If this stays good for the next few days I will slowly remove each exclusion and see when it fails. 

 

Its a bit early to say this is pointing in the right direction but I thought I would post an update for others.  

Also as a side note we didn't have those registry mentioned by Jonathan Pitre a few entries ago. 

[Just Grey Screen instead of Published Desktop]

Hi All, 

I'm not alone on this hooray!

I've been going around in circles trying to work out what's going on here and have the exact same issues as you with the CtxUvi events (how I found this post).

First I thought it was the version we were using which was Citrix Virtual Apps and Desktop 7 1906.  Haven't wanted to disrupt anything with upgrades during pandemic and last week realised its out of support so upgraded to 2012 and still the same issue happening. 

 

We think this started occuring about 6 weeks ago but can't be 100% sure and if it was then that coincides with our monthly windows updates server patching.  But again can't be 100% on that. 

 

I have 30 Servers and it always starts happening after lunch for my users on random servers but not all of them.   Looking at the event logs today on one server this ties in as the first instance of the CtxUvi issue which was at 12:55:10 then every 5 mins there after until I reboot the server.   So can't be a GPO applying as that happening all the time (24hrs we have users in with night shifts etc).  I cant see any obvious correlation with other events on the server but its like a needle in a haystack 

 

We don't use Trend AV but have Sophos with Behaviour Monitoring.  Nothing showing in the AV logs  at normal logging level so I'm turning on verbose logging on a number of the servers and will see what that shows up.  

 

I will update anything else I find also but has anyone logged this with Citrix yet?

 

Regards

[FSLogix VHD size dramatically different from actual file content size and will not compress?]

Hi Kasper,

 

I wasn't going to shrink as just to many users and risk of corruption it will be easier just to delete and let it re create.  

Good call on the ProcessMonitor which I will do.  We are still trying to get the Teams Machine wide installer working on the Win10 workstations at the moment as that will be the ideal.  

 

Mark

[FSLogix VHD size dramatically different from actual file content size and will not compress?]

Interesting Kasper,

We did have it as per user but switched to machine install not long ago instead on our citrix servers (these are just desktop servers).

However with our internal win10 workstations which links to the same VHDX for office is a per user one as we cant get the per machine one working on there (even hacking the registry to pretend its a VDI).  I mus admit that Teams install is driving us bonkers as we control and lock-down everything within a inch of its life so we like to be in control of all software deployments and versions etc but I go off topic!

 

I get your theory though.  But 9Gb of deleted files seems a bit much.  I guess I could implement the redirections.xml to make sure the teams files go to the local_username directory.  

 

Thanks for the response

[FSLogix VHD size dramatically different from actual file content size and will not compress?]

Hi there,

I've getting the exact same issue.  Not bothered trying to shrink at the moment as I want to know why its growing in the first place.  We have some users with the o365 container vhdx file at 10Gb but only 1G of data in there.  I can't figure out why!

 

Did you get any solution?