Jump to content

Sasi Tzdaka

  • Posts

  • Joined

  • Last visited

Posts posted by Sasi Tzdaka

  1. Hello
    We have a problem with a smart card working with NETSCALER
    For some reason it takes about half a minute to recognize the smart card from within the application or from the FULL DESKTOP
    And another problem is with the SSO, where it also takes half a minute until the SSO is performed and sometimes not at all

  2. Hi 

    we try this command to deploy the remote pc on computers but nothing happend


    VDAWorkstationCoreSetup_2203_3000.exe /quiet /remotepc /controllers "xdc01.corp.local xdc02.corp.local" /enable_hdx_ports /enable_remote_assistance /noresume /noreboot

  3. Hi,

    We want to deploy HTML5 
    we use Enable-vdassl -enable --CertificateThumbPrint “<thumbprint>”

    and use this  commands :
    Get-BrokerAccessPolicyRule –DesktopGroupName ‘GROUPNAME’ | Set-BrokerAccessPolicyRule –HdxSslEnabled $true

    Set-BrokerSite –DnsResolutionEnabled $true


    when we connect from the storefront everything work fine

    when we connecting from the Netscale we got this error:




    when we chnge the –HdxSslEnabled to False we can connect from the Netscaler but the HTML5 from the storefront not working


    We use wildcard certificate and we check the port 443 tcp from SNIP to the vda is open

  4. Hi,

    We want to deploy HTML5 
    we use Enable-vdassl -enable --CertificateThumbPrint “<thumbprint>”

    and use this  commands :
    Get-BrokerAccessPolicyRule –DesktopGroupName ‘GROUPNAME’ | Set-BrokerAccessPolicyRule –HdxSslEnabled $true

    Set-BrokerSite –DnsResolutionEnabled $true


    when we connect from the storefront everything work fine

    when we connecting from the Netscale we got this error:




    when we chnge the –HdxSslEnabled to False we can connect from the Netscaler but the HTML5 from the storefront not working


    We use wildcard certificate and we check the port 443 tcp from SNIP to the vda is open

  5. On 1/17/2023 at 10:32 AM, Sjoerd Van den Nieuwenhof said:



    Did is worked before or is this a new setup?

    Are users get a certificate?

    Did you specify the FAS server with the GPO? https://docs.citrix.com/en-us/federated-authentication-service/install-configure.html#configure-group-policy


    I need some more info to help you. 

    new setup
    We  get a certificate

    the fas server is in the GPO  apply on VDA/SF/FAS

  6. Users are unable to launch Publish VDA using FAS, getting error “Username or password incorrect”.

    On VDA Event Logs following Event are seen

    Event ID 3:


    Extended Error: 0x800b0112 KLIN(0)



    However when running certutil doesn’t show any certificate exception

  7. On 9/14/2022 at 4:30 PM, Johannes Norz said:


    That's not possible, just the other way round: Restrict learning to specific IPs.


    The only work-around I would know is, excluding this IP from the WAF expression




    Johannes Norz


    https://norz.at https://wonderkitchen.network



    We want that the AppFW will block the source ip if they try to add some headers or try to attack 
    but if they do not try to change the url or try to add headers they will not blok


  8. Hi,

    We updated VPX to 13.0-87.9
    After the upgrade, users are unable to download the RDP file from the GATEWAY.
    An additional TAB will be opened for them with the error
    http/1.1 object not found

    We performed a FAILOVER to the second NS which has not yet been upgraded and is in version 13.0-83.27 and the fault does not exist and users manage to download the RDP file and connect to their station.

    The users receive the station through ATTRIBUTE from the AD

    WhatsApp Image 2022-08-14 at 11.18.39.jpeg

  • Create New...