[2022 session host start menu broke after next login 2203 ltsr cu4]

Can you post your full UPM and folder redirection config?

 

Can you check this article to see if it matches up?

 

https://discussions.citrix.com/topic/414426-windows-server-2019-start-menu-broken/)

 

What does the start menu look like when you hit the button?

[NFactor broke with error "No active policy during authentication."]

Well, I think I found the issue. I had enabled Login Encryption on the image to harden the environment. Once I changed that back it worked correctly.

[OOBE (out of box experience) MCS Machine Catalog]

You can't do OOBE on an MCS machine.  It needs to have this base configuration in place before the Citrix services can execute and the user logs into the domain.

[NFactor broke with error "No active policy during authentication."]

Yup, that is what I thought. But it all lines up in the webcode.

[ADM Application Dashboard not showing all applications on heatmap.]

I will email you. Thank you Karthick.

[NFactor broke with error "No active policy during authentication."]

So I have a special nfactor setup in my lab built with my terraform that provides a dropdown list of authentication methods for LDAP, Azure SAML, Google, Okta, etc. I was testing out setting up FAS and updated my netscaler to the latest 14.1 build when out of nowhere the nfactor dies after selecting your policy. So I rolled back to my snapshot beforehand, re-applied the same terraform code, and it is still broken. I created a manual nfactor flow with my schemas and policies and they also don't work. I am trying to get details on where the failure is taking place, but I can't find anything in the logs, or in the web code that gives me any direction. I have included a copy of the scrubbed config if that helps.

[MAC OS Sonoma - no printer redirection for local printers]

Well that is more an OS issue, as it requires a PDF print driver, and there isn't much development for drivers for out of support Operating Systems.

 

You may have to get the print to PDF printer setup on your hosts and change the workflow if you are upgrading the endpoints, but not the host Operating System.

[Single external ip for multiple Netscaler Gateway Virtual Servers]

Thinking about it, you might be able to just do it via nfactor.  Setup your initial landing page with a drop down where they select which customer they are a part of.  Then the next step in the nfactor would send users to their appropriate location.  And you can do session policies based on the nfactor choice to send them to the proper storefront store. (If you are doing dedicated stores for each customer)

 

I did a design similar to this in my terraform template to create an Authentication drop down for my lab so I can do LDAP, SAML, Okta, etc from my single IP.  It was based on the domain drop down in nfactor.  I included the nfactor Authentication Dropdown.xml you can look at for designing your own dropdown.

 

https://github.com/jeffriechers/NetScaler_Terraform_Template

 

 

[ADM Application Dashboard not showing all applications on heatmap.]

So ran into this at a customer that we have been upgrading since 13.0. They are now up to the latest 14.1 firmware for all the new features it has. When going to the application dashboard we only see a select few applications that they have permissions too. It says like 1 of 4 applications, or 8 of 31. If you drill down you can see they have all the necessary permissions to them. But just can't get them on that heat map dashboard. Is there some setting we are missing? Or is this due to us upgrading from older firmware? I can get some scrubbed screenshots if it helps.

[Single external ip for multiple Netscaler Gateway Virtual Servers]

You can have 1 Citrix Gateway attached to 1 Content Switch in your environment.  You can then use the hostname that they use to access the content switch to apply the appropriate nfactor SAML connection.  On the SAML response URL you would but a hostname that points directly to a Citrix Gateway site and use the UPN that is supplied from SAML to log the users in.

[Hypervisor 8.2 vms constantly crashing]

It sounds like a multipathing issue on the SR.  Could the firmware update have changed something with the network connectivity?

[The required protocol 'HDX' is not configured for this resource or the resource might not advertise this protocol.]

What CU are you running on the controllers and VDA?

[13.1 Build 50.23 Upgrade deletes GSLB services with 0 public port.]

I ran into an issue with a customer that was upgrading their 13.1 NetScalers from 49.15 to 50.23. When they did the upgrade any GSLB service that was created as ANY with a public port of 0 were deleted from the configuration. And attempting to recreate the service threw this error. ERROR: Integer value below minimum [publicPort, 1] Most of their GSLB services are tied to a single port, only the VIPs with TCP Any had the public port set to 0. Is this something new in the firmware, or possibly something that was incremented in the new release.

[New Delivery Controller Joining to existing Site Failing]

Is windows firewall only allowed to accept connections from certain IP addresses?  You might have to add the new DDC ip to it.

 

Also check the SQL database itself.  If there is a particular account that has DBO on it, login to the new DDC as that account when adding the new controller.  That account will add the new Machine Account for the new DDC to the database with the necessary permissions.

[First worker logon slow]

This is normal.  Items aren't loaded into the faster cache until they are launched the first time.  You can use the Director Desktop Probe to schedule autologins and launches of particular applications to get them pre-loaded into memory before users start their day.

[Studio -> New Hosting connection]

The new connection will only be used for new machine catalogs.

 

Create new machines on the new connection, then delete the old machines off the old connection.

[Ubuntu VDA not registering on DDC]

It looks like it might be a time sync issue.  I recommend sending the NTP settings during the VDA install to the Active Directory controllers.

[Issues with old Disconnected sessions still showing on Director despite there being no sessions on the VDA server]

You don't want to hide the session.  You will want to end it the session.  If the session is stuck so bad that you can end it you will need to reboot the machine.

 

Also update your environment to the latest VDA CU as there have been updates that address these issues.

[Ubuntu VDA not registering on DDC]

Which version of dotnet do you have installed on the VDA?  It is very picky of that for VDA registrations.

[Unknown Power State with MCS VMs]

It's at the bottom of that article you posted under Getting Started.  Good Luck.

[start menu tiles is broken for window server 2019 (vda 1912 cu8)]

Are you applying any custom configuration for AppX packages?  What about any type of layout modification.xml for the start menu for new profiles.

 

Check the Microsoft/Windows/Apps and Appx logs under Application and Services Logs for error messages.  

 

Also check the WEM and UPM logs for your session to see if there are any errors customizing the start menu, or resetting any AppX packages.

[Desktop Lock Administrator cant Login on Client]

Are you using the same admin account that installed Desktop Lock?  If you are using a deployment method that uses a service account, that will be the account you need to login with.

 

Did you do an upgrade of Workspace App to 2309.1 or was it a clean install with both it and the Desktop Lock.  

[Unknown Power State with MCS VMs]

Did you download the script from github and execute it from that directory in powershell?  Powershell is very particular about execution locations, and the .\ preceding the command.

 

I have also had this happen with VMWare in the past, and have had to test connection to the hypervisor, and then restart the DDC services to get them to come back.  Did the account used to connect to XenServer change recently?

[Citrix Workspace app cannot connect to the server. Please check you Network connection]

What browser are they using, and what version of the HTML5 client do you have installed on Storefront? 1006 usually means a client side connection issue.  So updating the HTML5 client might be all you need to do on the Storefront.

 

If they use the full client instead of the light client, does that connect?

[No Session Reliability in double hop szenario?]

I haven't had to enable ICA keep alives unless the application provides no data on the channel to keep the session going.  You should be good to go with how it is out of the box.