![](http://content.invisioncic.com/m329563/set_resources_3/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
Dennis Parker
-
Posts
173 -
Joined
-
Last visited
-
Days Won
3
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Posts posted by Dennis Parker
-
-
Heard more from Microsoft finally and the provided a switch: --force-oneauth
This got me to the same place as using compatibility mode. My @live.com account will sync, but I can't get my O365 account to work properly. I can't find a policy screen similar to the screen shot, but I also do restrict to OrgID only in GPO, which means I probably "shouldn't" be able to use my personal account either. Making some progress.
-
1
-
-
I have seen this before, but not just showing up "randomly" and clearing up. In my case, it was always and restarts didn't fix anything. For 2019 servers, I had forgotten to include our SeamlessFlags setting 0x104 and DisableLogonUISuppression 0x0. This was in testing before we went live, so no user impact there.
For 2016 we had an issue with the VDACleanUp utility not fully completing the removal and the an install didn't upgrade all components properly. A complete VDACleanUp with the latest release and reinstall cleared them up.
I know not much help, but maybe can give you something to look at, hopefully. -
I am in the process of replacing delivery controllers now too. My thought was that I would add the new ones along side the existing for a week or so and then remove the retiring ones. I don't know the answer to your questions either, but I will be keeping a close eye on things as I go through it.
I'm kind of wondering if it may not have something to do with the Secure Tickets (STA). Maybe I'll remove my servers more slowly than planned, now that I think about it with this in mind. If the client gets 2 tickets, and both of those STAs are removed, could it possibly generate this issue?
-
I have always updated WEM when new releases come out, outside of the LTSR framework.
-
It's not quite there. If I enable compatibility mode on Windows 10 single user session, I can't log into my Work account which works without compatibility mode.
If there are some policies I can't figure out that would help, I would appreciate knowing. It is much closer. -
OMG, I thought I had tried that already, but it certainly seems to work.
I can't seem to get my O365 account to sync now, but my @live.com one worked. It is much progress. -
Perhaps our errors are different. I have been running 1912 CU1 since release day and have the same error. To be clear, it isn't a roaming issue, it is a seamless application issue for me. It works fine in a published desktop, but not in a seamless app. I guess I have a call with MS again today to look at it more and gather process monitor traces.
-
Off the top of my head, I see you assign computer policies to a user group.
You can put Computers into the group, but they won't see the setting right away and I assume you would want it to only apply to a test computer.
You can either restart the server to get the group membership or use the klist -li 0x3e7 purge command to refresh computer groups.
-
Not yet. Working with Microsoft on it still. Slow going.
-
I was asked for this same thing with the added requirement of taking a survey after the attestation, and all before any apps are launched.
Interested to see what people come up with.
-
Sounds like what I am seeing. There has been no progress from anyone that I have seen. My CTO is working on opening a ticket with the Edge Beta team now. (I didn't know we had that capability...)
-
I know this sounds more like a WEM issue, but I'm going to throw this out just in case too. We had a custom app that reads a set of license files on launch. We have UPM with profile streaming and the files weren't copied over in time by UPM for the app to read them. I came up with a silly solution to "type" all of the files in the folder during logon so UPM would bring them over quicker.
As for launching an app with a batch file with a pause, you might just be able to use TIMEOUT or in PowerShell: Start-Sleep. Then launch your application. -
Can you provide where you found information about 2012R2 not being supported? Last I knew only 2008R2 was phased out.
I am running VDA and Infrastructure services on 2012R2 still. Looking to start upgrading very soon though, so it does work anyway.
-
Our configuration is different for multiple sites due to issues like this, and being designed before LHC. We have a complete Citrix Site in each Data Center, with its own DB. This may be overkill for your environment. That being said, I have only had LHC kick in one time successfully (a couple other times, it should have, it just didn't work at all, but those were the very early days of LHC). In that one instance, the DB went down unexpectedly and users couldn't log in for about 10 minutes until LHC took over. Since it wasn't planned, I spent all of my time working on getting the DB back online and not monitoring user connections, but once the VDAs checked in and things were working, I didn't hear of any real issues with connections.
I am interested in hearing others experiences, and gets me thinking that I really probably should plan a test run sometime, if there were ever time available. -
This had been working fine with the current hooks, (Seamlessflags = 0x104) and using the UVI approach with roaming of 'AppData\Local\Microsoft\IdentityCache' and 'AppData\Local\Microsoft\OneAuth' which were needed for the Sync to work properly after a logout.
I will hopefully be able to try the ExcludedProcessNames key today, but based on the ProcessMonitor from and RDP session, I don't have high hopes. I'll update as I find out more. I will also attempt to test on other Server OSes.
Edit:
2012R2 works as expected still. Still able to configure and have Sync work.Unable to test with 2016 server as I don't have any clients currently deployed with Edge on 2016 yet.
2019 with ExcludedImageNames set does not popup the error message, but also does not allow user to login and Sync data.
-
With the April 13 release: 81.0.416.53: the Sign In functionality appears to have changed to a Windows Universal App that can't be opened in a seamless window. It works in a published desktop or desktop RDP session, but not in a seamless window. I have only tested on Server 2019 so far.
Citrix: 1912 LTSR
Server 2019
Users that are configured for Sync are now not able to sync. New configurations can not log in.
Error message: -
Including my script to duplicate Apps between to sites. It will create the new apps with proper users, but it may not exactly answer your question about how to create the properties, but maybe will point you in the right direction.
############################################################################ # VARIABLE DEFINITIONS ############################################################################ $global:FROMAdminAddress = '<dcFromFQDN>:80' $global:TOAdminAddress = '<dcToFQDN>:80' ############################################################################ # FUNCTION DEFINITIONS ############################################################################ function Verify-Snapins { $LoadedSnapins = Get-PSSnapin -Name *citrix* -ErrorAction SilentlyContinue | Select-Object Name If($LoadedSnapins.Name -contains 'Citrix.Broker.Admin.V2') { Write-Host "Successfully verified that necessary Citrix components are loaded in PowerShell" -ForegroundColor Yellow } Else { $RegisteredSnapins = Get-PSSnapin -Name *citrix* -Registered | Select-Object Name If($RegisteredSnapins.Name -contains 'Citrix.Broker.Admin.V2') { Write-Host "Citrix components are not currently loaded in to PowerShell. Attempting to load components." -ForegroundColor DarkYellow Add-PSSnapin *citrix* Verify-Snapins } Else { Read-Host "The necessary Citrix components to execute this script are not installed on this computer. Press enter to exit." Exit } } } function Reset-Script { $Message = "Operation completed." $Question = "Do you want to exit or start over?" $choices = New-Object Collections.ObjectModel.Collection[Management.Automation.Host.ChoiceDescription] $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&StartOver')) $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&Exit')) $decision = $Host.UI.PromptForChoice($message, $question, $choices, 1) if ($decision -eq 0) { Write-Host 'Starting over!' -ForegroundColor Yellow Start-Script } else { Write-Host 'Exiting!' -ForegroundColor Yellow Exit } } function Select-DeliveryGroup { $DeliveryGroups = (Get-BrokerDesktopGroup -AdminAddress $global:FROMAdminAddress).Name $i=1 Write-Host "Please choose a customer Delivery Group to migrate applications for:" -ForegroundColor Yellow ForEach($DeliveryGroup in $DeliveryGroups) { Write-Host "$i. $DeliveryGroup" $i++ } [int]$Choice = Read-Host 'Enter the number for the delivery group to choose' $global:DeliveryGroupChoice=$DeliveryGroups[$choice-1] Write-Host "$($global:DeliveryGroupChoice) was selected as the Delivery Group." -ForegroundColor Yellow } function Export-Apps { # Setting start up location $Location = $MyInvocation.MyCommand.Path -replace $MyInvocation.MyCommand.Name,""; set-location $Location; # Grabs applications #$apps = Get-BrokerApplication -MaxRecordCount 2147483647 $apps = Get-BrokerApplication -AdminAddress $global:FROMAdminAddress -DesktopGroupUid (Get-BrokerDesktopGroup -AdminAddress $global:FROMAdminAddress -Name $global:DeliveryGroupChoice).Uid -MaxRecordCount 2147483647 $global:Results = @() foreach($app in $apps) { # Building Properties for each application $Properties = @{ AdminFolderName = $app.AdminFolderName AdminFolderUid = $app.AdminFolderUid ApplicationName = $app.ApplicationName ApplicationType = $app.ApplicationType AssociatedDesktopGroupPriorities = $app.AssociatedDesktopGroupPriorities AssociatedDesktopGroupUUIDs = $app.AssociatedDesktopGroupUUIDs AssociatedDesktopGroupUids = $app.AssociatedDesktopGroupUids AssociatedUserFullNames = $app.AssociatedUserFullNames AssociatedUserNames = $app.AssociatedUserNames AssociatedUserUPNs = $app.AssociatedUserUPNs BrowserName = $app.BrowserName ClientFolder = $app.ClientFolder CommandLineArguments = $app.CommandLineArguments CommandLineExecutable = $app.CommandLineExecutable CpuPriorityLevel = $app.CpuPriorityLevel Description = $app.Description Enabled = $app.Enabled IconFromClient = $app.IconFromClient EncodedIconData = (Get-Brokericon -AdminAddress $global:FROMAdminAddress -Uid $app.IconUid).EncodedIconData # Grabs Icon Image MetadataKeys = $app.MetadataKeys MetadataMap = $app.MetadataMap Name = $app.Name PublishedName = $app.PublishedName SecureCmdLineArgumentsEnabled = $app.SecureCmdLineArgumentsEnabled ShortcutAddedToDesktop = $app.ShortcutAddedToDesktop ShortcutAddedToStartMenu = $app.ShortcutAddedToStartMenu StartMenuFolder = $app.StartMenuFolder UUID = $app.UUID Uid = $app.Uid UserFilterEnabled = $app.UserFilterEnabled Visible = $app.Visible WaitForPrinterCreation = $app.WaitForPrinterCreation WorkingDirectory = $app.WorkingDirectory } # $app | gm # write-host $app.AdminFolderName -ForegroundColor Red # break # Stores each Application setting for export $global:Results += New-Object psobject -Property $properties } <# # Setting File name with time stamp $Date = Get-Date $FileName = $Date.ToShortDateString() + $Date.ToLongTimeString() $FileName = (($FileName -replace ":","") -replace " ","") -replace "/","" $FileName = "Apps" + $FileName + ".xml" # Exporting results $global:Results | export-clixml .\$FileName #> } function Import-Apps { # Importing applications and associating icons with applications # Setting Delivery Group $dg = $global:DeliveryGroupChoice # Importing Application Data # Set the path to your .xml $apps = $global:Results foreach ($app in $apps) { Write-Host "Working on Application: " $app.Name -ForegroundColor Green If ((Get-Brokerapplication -Name $app.Name -AdminAddress $global:TOAdminAddress -ErrorAction Ignore).Count) { #Do Not attempt to recreate the application, just use the existing one and add the Delivery Group to it Write-Host "Adding Application - Not creating new" Try { Add-BrokerApplication -AdminAddress $global:TOAdminAddress -Name $app.PublishedName -DesktopGroup $global:DeliveryGroupChoice | Out-Null } Catch { Add-BrokerApplication -AdminAddress $global:TOAdminAddress -Name $app.Name -DesktopGroup $global:DeliveryGroupChoice | Out-Null } } else { If ($app.AdminFolderName -ne $null -and (Get-BrokerAdminFolder -Name $app.AdminFolderName -AdminAddress $global:TOAdminAddress -ErrorAction Ignore).Count -eq 0) { $adminFolder = $app.AdminFolderName.Split("\") $folderpath = "" $fproot = "" foreach ($folder in $adminFolder) { if ($folder -ne "") { $folderpath += $folder + "\" if ((Get-BrokerAdminFolder -Name $folderpath -AdminAddress $global:TOAdminAddress -ErrorAction Ignore).Count -eq 0) { If ($fproot -ne "") { New-BrokerAdminFolder -FolderName $folder -ParentFolder $fproot -AdminAddress $global:TOAdminAddress } else { New-BrokerAdminFolder -FolderName $folder -AdminAddress $global:TOAdminAddress } } $fproot = $folder } } } #Importing Icon # write-host "Doing Icon - New-BrokerIcon -AdminAddress $global:TOAdminAddress" $IconUid = New-BrokerIcon -AdminAddress $global:TOAdminAddress -EncodedIconData $app.EncodedIconData $DoIcon = $true #Creating New Application #If the BrowserName already exists, modify to something that doesn't... If((Get-BrokerApplication -BrowserName $app.BrowserName).Count) { $unique = $False $counter = 0 Do { $counter += 1 $BNTemp = $app.BrowserName + $counter If(!(Get-BrokerApplication -BrowserName $BNTemp).Count) { $app.BrowserName = $BNTemp $unique = $True } } Until ($unique) } #Create the new Application Try { if ($app.CommandLineArguments.Length -lt 2) {$app.CommandLineArguments = " "} #Adding Application write-host "AdminFolder" $app.AdminFolderName write-host "BrowserName" $app.BrowserName write-host "ComdLineExe" $app.CommandLineExecutable write-host "ClientFldr " $app.ClientFolder write-host "Description" $app.Description write-host "ComdLineArg" $app.CommandLineArguments write-host "Enabled " $app.Enabled write-host "Name " $app.Name write-host "UserFiltEna" $app.UserFilterEnabled write-host "WorkingDire" $app.WorkingDirectory write-host "Published " $app.PublishedName ###Comment this out if first attempt fails and use alternate attempt #<# If($app.ClientFolder -ne $null) { $appClientFolder = $app.ClientFolder #write-host New-BrokerApplication -AdminAddress $global:TOAdminAddress -AdminFolder $app.AdminFolderName -ApplicationType $app.ApplicationType -BrowserName $app.BrowserName -CommandLineExecutable $app.CommandLineExecutable -Description $app.Description -ClientFolder $app.ClientFolder -CommandLineArguments $app.CommandLineArguments -Enabled $app.Enabled -Name $app.PublishedName -UserFilterEnabled $app.UserFilterEnabled -DesktopGroup $dg -WorkingDirectory $app.WorkingDirectory -PublishedName $app.PublishedName | Out-Null } else { $appClientFolder = "\" #write-host New-BrokerApplication -AdminAddress $global:TOAdminAddress -AdminFolder $app.AdminFolderName -ApplicationType $app.ApplicationType -BrowserName $app.BrowserName -CommandLineExecutable $app.CommandLineExecutable -Description $app.Description -ClientFolder $app.ClientFolder -CommandLineArguments $app.CommandLineArguments -Enabled $app.Enabled -Name $app.PublishedName -UserFilterEnabled $app.UserFilterEnabled -DesktopGroup $dg -WorkingDirectory $app.WorkingDirectory -PublishedName $app.PublishedName | Out-Null } New-BrokerApplication -AdminFolder $app.AdminFolderName -ApplicationType $app.ApplicationType -BrowserName $app.BrowserName -CommandLineExecutable $app.CommandLineExecutable -Description $app.Description -ClientFolder $appClientFolder -CommandLineArguments $app.CommandLineArguments -Enabled $app.Enabled -Name $app.PublishedName -UserFilterEnabled $app.UserFilterEnabled -DesktopGroup $dg -WorkingDirectory $app.WorkingDirectory -PublishedName $app.PublishedName | Out-Null #> <# ### Use this if the first attempt fails to properly create all applications $MakeApp = 'New-BrokerApplication -AdminAddress $global:TOAdminAddress -ApplicationType $app.ApplicationType' if($app.BrowserName -ne $null){$MakeApp += ' -BrowserName $app.BrowserName'} if($app.CommandLineExecutable -ne $null){$MakeApp += ' -CommandLineExecutable $app.CommandLineExecutable'} if($app.Description -ne $null){$MakeApp += ' -Description $app.Description'} if($app.ClientFolder -ne $null){$MakeApp += ' -ClientFolder $app.ClientFolder'} if($app.CommandLineArguments -ne $null){$MakeApp += ' -CommandLineArguments $app.CommandLineArguments'} if($app.PublishedName -ne $null){$MakeApp += ' -Name $app.PublishedName'} if($app.UserFilterEnabled -ne $null){$MakeApp += ' -UserFilterEnabled $app.UserFilterEnabled'} if($app.Enabled -ne $null){$MakeApp += ' -Enabled $app.Enabled'} if($dg -ne $null){$MakeApp += ' -DesktopGroup $dg'} if($app.WorkingDirectory -ne $null){$MakeApp += ' -WorkingDirectory $app.WorkingDirectory'} if($app.PublishedName -ne $null){$MakeApp += ' -PublishedName $app.PublishedName'} Invoke-Expression $MakeApp | Out-Null #> } Catch { write-host $_.Exception.Message write-host $_.Exception.ItemName write-host "Error on " $app.BrowserName write-host "Error on " $app.CommandLineExecutable write-host "Error on " $app.Description write-host "Error on " $app.CommandLineArguments write-host "Error on " $app.Enabled write-host "Error on " $app.Name write-host "Error on " $app.UserFilterEnabled } #Setting applications icon # write-host "Doing - Set-BrokerApplication -AdminAddress $global:TOAdminAddress app.Name -IconUid IconUid.Uid" If($DoIcon) { Try { Set-BrokerApplication -Name $app.Name -AdminAddress $global:TOAdminAddress -IconUid $IconUid.Uid | Out-Null } Catch { Set-BrokerApplication -Name $app.PublishedName -AdminAddress $global:TOAdminAddress -IconUid $IconUid.Uid | Out-Null } write-host "Working on Icon" $IconUid.Uid } # Adding User Associations If($app.AssociatedUserNames -ne $null) { Try { $users = $app.AssociatedUserNames foreach($user in $users) { Try { Add-BrokerUser -AdminAddress $global:TOAdminAddress -Name "$user" -Application $app.Name | Out-Null } Catch { Add-BrokerUser -AdminAddress $global:TOAdminAddress -Name "$user" -Application $app.PublishedName | Out-Null } } } Catch { write-host $_.Exception.Message write-host $_.Exception.ItemName write-host "Error on User " $user $app.Name } } } } } function Start-Script { Write-Host "We will perform the following: Select customer Delivery Group. Then export the apps for that group and import them into Atlanta Environment." -ForegroundColor Yellow Select-DeliveryGroup Export-Apps Import-Apps } ############################################################################ # SCRIPT EXECUTION BLOCK ############################################################################ Write-Host "Welcome to the ProCirrus application provisioning tool for XenApp 7.6" -ForegroundColor Yellow Verify-Snapins Read-Host "Press enter to begin. Hit CTRL-C at any time to cancel the current operation and exit the script." Start-Script
-
I posted a couple scripts over on this thread that may help:
https://discussions.citrix.com/topic/407824-citrix-xenapp-715-cu4-and-ms-teams-outlook-plugin-not-showing/page/2/-
1
-
-
I updated my cleanup script so that it can run as a login script to reset the Teams client. It checks/sets a registry key to prevent it from running too often. I have it run in the same policy that installs the Teams client by .cmd script and set to run PowerShell scripts first in the policy. It cleans up Teams and then reinstalls Teams in the same policy.
I works for my environment...YMMV...
function GetRegValue([string]$Key, [string]$Name) { if(Test-Path $Key) { $a = get-itemproperty -path $Key $b = $a.$Name Return $b } else { Return $null } } function SetRegValue([string]$Key, [string]$Name, [string]$Value, [string]$Type) { # IF REGISTRY KEY EXISTS, THEN SET VALUES, OTHERWISE CREATE IT AND SET THE VALUES if(Test-Path $Key) { Set-ItemProperty -path $Key -name $Name -value $Value -Type $Type -Force Return $true } else { New-Item -Path $Key Set-ItemProperty -path $Key -name $Name -value $Value -Type $Type -Force Return $true } } $ScriptStateInfoKey = "HKCU:\Software\CompanySpecific" $ScriptStateInfoName = "TeamsCleanup" $ScriptStateInfoVersion = "1" $ScriptState = GetRegValue $ScriptStateInfoKey $ScriptStateInfoName if($ScriptState -eq $null -or $ScriptState -lt $ScriptStateInfoVersion) { SetRegValue $ScriptStateInfoKey $ScriptStateInfoName $ScriptStateInfoVersion "STRING" $UserName=$env:USERNAME $HomeShare=$env:HOMESHARE $UserProfile=$env:USERPROFILE $PathsToRemove=@("$UserProfile\AppData\Local\SquirrelTemp","$UserProfile\AppData\Local\Microsoft\Teams","$UserProfile\AppData\Roaming\Microsoft\Teams","$UserProfile\AppData\Local\Microsoft\TeamsMeetingAddin","$UserProfile\AppData\Local\Microsoft\TeamsPresenceAddin","$HomeShare\AppData\Roaming\Microsoft Teams") foreach($PathToRemove in $PathsToRemove) { Remove-Item -Path $PathToRemove -Recurse -Force -ErrorAction SilentlyContinue # For testing # $PathToRemove } }
-
Depends on the client for us. But Teams is always published as a separate app that can be launched. Some clients want it to auto-launch whenever someone logs in, and for that we have a GPO with a login script that will open Teams if they are a member of the Auto-Launch group. There are certainly many ways to accomplish this.
-
We redirect AppData Roaming, and keep everything there basically.
We roam several other folders for different apps, but for Teams, we also roam : AppData\Local\Microsoft\Teams
-
Assuming you are using Citrix UPM, you have to allow the directories to roam with the profile.
I added these to Group Policy:
Citrix Components -> Profile Management -> File System -> Syncronization -> Directories to Sync:
AppData\Local\Microsoft\TeamsMeetingAddinAppData\Local\Microsoft\TeamsPresenceAddin
-
I'm on XenApp (for the most part). If they roam properly, Teams will update the folder number when it updates for the user.
-
There was a memory issue with LHC that was resolved. I don't have exact version numbers, but I know I didn't have the issue with 7.15 LTSR and do not have the memory issue with 1912 LTSR on 2012R2.
There are still occasional issues with 505 errors that need to be worked through, but internal processes have been cleaned up some and Citrix has done work on the process, which combined have reduced the number of 505 errors significantly. I probably have one about every 2 months now.
Testing moving Citrix Database to another SQL server
in XenApp 7.x
Posted
Does the Computer account of the Delivery Controller have access to the DBs on the new server? (security Logins)