Jump to content

Jeff Riechers

Members
  • Posts

    776
  • Joined

  • Last visited

  • Days Won

    39

Posts posted by Jeff Riechers

  1. So I have a deployment where we publish Desktops and Apps to the same delivery group.  

    When users login to the Desktop we want them to have the choice of auto starting Teams when they get there.  But in Published Apps we don't want Teams to launch.

    Worked great with Teams 1.x.  But with New Teams 2.1 it is handles autostart differently.  It reads from the HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\MSTeams_8wekyb3d8bbwe\TeamsTfwStartupTask\State value.

    So anyone else found an answer for this yet?  As of right now we are probably going to hard code that disabled State value with WEM, and then have users put teams in their personal Startup.  But want to avoid that if possible.

    With more and more UWP style apps coming, I think this is going to creep up more and more, and don't really feel like having to police helper app auto launches if possible.

  2. Ok.  Updating to the latest version of ADM and adding flex now properly shifts the view.  However, if you are using application grouping you will want to license and assign all existing applications before applying the new licenses.  At a customer site that heavily used groups we were unable to add existing items that now were licensed to groups.  But new items could be.  We since shifted to Regex presentation of applications to groups to make it work for now.

  3. I had a customer convert over to the new licensing model that is being released on March 3rd.  

    We need to allocate the new licenses to the ADM as their Virtual Servers allocated licensing is expiring soon, but there is no legacy style license available.  We applied the flex licensing but it did not increase the virtual server license count.

    Does this mean on-prem ADM is dead for analytics?

  4. This can be done by a few things.

    1. You don't have XML trust setup on DDC.

    2. You don't have the correct A record setup in Storefront from the Gateway url you are accessing.

    3. You have callback enabled, but the storefront can't get to the same Netscaler as the gateway url.

    4. You are using SSL offload and you don't have Loopback set to On using http in storefront.

    5. You are using FAS and the GPO is not applied to the storefront servers.

     

    Check the Application and Services Logs, hit the Citrix Delivery Services and the errors there will help you with this issue.

  5. Having some issues with the 2311 Workspace App.  First I couldn't get any connections to work, as I would get Application Errors just trying to launch ICA files.

     

    I rebuilt my machine completely and now I can connect.  But I sometimes out of nowhere get Application Errors that will drop the session.  Here are the current items I have found.

     

    Ica Client Vanadium Error Incorrect Function

    APPCRASH wfica32.exe in module vdtw30n.dll

    APPCRASH wfica32.exe in module vcruntime140.dll

     

    These are definitely client side issues, as I have had them happen to 2 different farms running different versions of software.  I opened a ticket with support with logs but it went nowhere and they closed it out.  Anyone else seeing issues with 2311 so I can start getting more information around this? 

     

    Thanks

  6. Are you using traditional SFTA, BCR, or Host to client redirection?

     

    The original SFTA is done via registry keys, so you can do that with WEM or GPO.

     

    BCR is handled by Citrix Policies, so you can do those from dedicated Citrix Policies.

     

    The brand new 2311 Host to Client is handled via jsons in policy, so those can run from dedicated policies.

     

    Which method are you using, or looking to use?

  7. Setting up FAS for SAML on my demo farm.  Works great for Windows,  but doesn't work for any of my linux distros. 

     

    I successfuly authenticate with NetScaler, but then get Invalid Login.  Looking at the troubleshooting guides mine is not exhibiting the same problems.  Its acting almost like it can't process the information correctly.

     

    Trying with gmail shadow accounts and Azure AD SAML.  Here is what I have done so far.

     

    Followed FAS for Linux setup directions and have proper cert placement and configuration.

     

    Looking in the hdx.log files this is what I see during login.

     2023-12-19 08:03:07.642 <P10580:S6> citrix-ctxlogin: : failed to get value or value invalid! 
    2023-12-19 08:03:07.642 <P10580:S6> citrix-ctxlogin: : failed to get login greeter title 
    2023-12-19 08:03:07.644 <P10580:S6> citrix-ctxlogin: : failed to get value or value invalid! 
    2023-12-19 08:03:07.644 <P10580:S6> citrix-ctxlogin: : failed to get login greeter body 
    2023-12-19 08:03:07.688 <P10580:S6> citrix-ctxlogin: : socket accept failed: Interrupted system call 
    2023-12-19 08:03:07.688 <P10580:S6> citrix-ctxlogin: : skip this time since loginui cannot be exited now 
    2023-12-19 08:03:07.688 <P10580:S6> citrix-ctxlogin: : nanosleep() failed: Interrupted system call 

    <these repeat many times until the following shows up>

    2023-12-19 08:03:07.895 <P10580:S6> citrix-ctxlogin: : failed to connect to passwd server: No such file or directory. 

    <then some more repeating of the sleep and skip>

    2023-12-19 08:03:09.628 <P10580:S6> citrix-ctxlogin: : failed validation of user '<username>@HOME.LAB': INVALID_PASSWORD 
    2023-12-19 08:03:09.628 <P10580:S6> citrix-ctxlogin: : socket accept failed: Interrupted system call 
    2023-12-19 08:03:09.628 <P10580:S6> citrix-ctxlogin: : skip this time since loginui cannot be exited now 

     

    The thing is, that is not the proper UPN.  It seems to be stripping out everything after the @ and replacing it with the DNS domain name of my AD.  HOME.LAB.

  8. Are those apps running on the same server?  Or are they running on a different server?  If they are published apps from the same server you can use the vprefer function and they will run directly without starting a secondary session.

     

    Are people running published apps outside of the desktop?  Or just inside.  If you don't want particular published apps from roaming into the desktop you will need to setup some form of app hiding via  custom storefront store, or disable the delivery group session roaming from powershell.

×
×
  • Create New...