-
Posts
776 -
Joined
-
Last visited
-
Days Won
39
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Posts posted by Jeff Riechers
-
-
Well, I think I found the issue. I had enabled Login Encryption on the image to harden the environment. Once I changed that back it worked correctly.
-
You can't do OOBE on an MCS machine. It needs to have this base configuration in place before the Citrix services can execute and the user logs into the domain.
-
-
I will email you. Thank you Karthick.
-
So I have a special nfactor setup in my lab built with my terraform that provides a dropdown list of authentication methods for LDAP, Azure SAML, Google, Okta, etc. I was testing out setting up FAS and updated my netscaler to the latest 14.1 build when out of nowhere the nfactor dies after selecting your policy. So I rolled back to my snapshot beforehand, re-applied the same terraform code, and it is still broken. I created a manual nfactor flow with my schemas and policies and they also don't work. I am trying to get details on where the failure is taking place, but I can't find anything in the logs, or in the web code that gives me any direction. I have included a copy of the scrubbed config if that helps.
-
Well that is more an OS issue, as it requires a PDF print driver, and there isn't much development for drivers for out of support Operating Systems.
You may have to get the print to PDF printer setup on your hosts and change the workflow if you are upgrading the endpoints, but not the host Operating System.
-
Thinking about it, you might be able to just do it via nfactor. Setup your initial landing page with a drop down where they select which customer they are a part of. Then the next step in the nfactor would send users to their appropriate location. And you can do session policies based on the nfactor choice to send them to the proper storefront store. (If you are doing dedicated stores for each customer)
I did a design similar to this in my terraform template to create an Authentication drop down for my lab so I can do LDAP, SAML, Okta, etc from my single IP. It was based on the domain drop down in nfactor. I included the nfactor Authentication Dropdown.xml you can look at for designing your own dropdown.
https://github.com/jeffriechers/NetScaler_Terraform_Template
-
So ran into this at a customer that we have been upgrading since 13.0. They are now up to the latest 14.1 firmware for all the new features it has. When going to the application dashboard we only see a select few applications that they have permissions too. It says like 1 of 4 applications, or 8 of 31. If you drill down you can see they have all the necessary permissions to them. But just can't get them on that heat map dashboard. Is there some setting we are missing? Or is this due to us upgrading from older firmware? I can get some scrubbed screenshots if it helps.
-
You can have 1 Citrix Gateway attached to 1 Content Switch in your environment. You can then use the hostname that they use to access the content switch to apply the appropriate nfactor SAML connection. On the SAML response URL you would but a hostname that points directly to a Citrix Gateway site and use the UPN that is supplied from SAML to log the users in.
- 1
-
It sounds like a multipathing issue on the SR. Could the firmware update have changed something with the network connectivity?
-
What CU are you running on the controllers and VDA?
- 1
-
I ran into an issue with a customer that was upgrading their 13.1 NetScalers from 49.15 to 50.23. When they did the upgrade any GSLB service that was created as ANY with a public port of 0 were deleted from the configuration. And attempting to recreate the service threw this error. ERROR: Integer value below minimum [publicPort, 1] Most of their GSLB services are tied to a single port, only the VIPs with TCP Any had the public port set to 0. Is this something new in the firmware, or possibly something that was incremented in the new release.
-
Is windows firewall only allowed to accept connections from certain IP addresses? You might have to add the new DDC ip to it.
Also check the SQL database itself. If there is a particular account that has DBO on it, login to the new DDC as that account when adding the new controller. That account will add the new Machine Account for the new DDC to the database with the necessary permissions.
-
This is normal. Items aren't loaded into the faster cache until they are launched the first time. You can use the Director Desktop Probe to schedule autologins and launches of particular applications to get them pre-loaded into memory before users start their day.
- 1
-
The new connection will only be used for new machine catalogs.
Create new machines on the new connection, then delete the old machines off the old connection.
- 1
-
It looks like it might be a time sync issue. I recommend sending the NTP settings during the VDA install to the Active Directory controllers.
-
You don't want to hide the session. You will want to end it the session. If the session is stuck so bad that you can end it you will need to reboot the machine.
Also update your environment to the latest VDA CU as there have been updates that address these issues.
-
Which version of dotnet do you have installed on the VDA? It is very picky of that for VDA registrations.
-
It's at the bottom of that article you posted under Getting Started. Good Luck.
-
Are you applying any custom configuration for AppX packages? What about any type of layout modification.xml for the start menu for new profiles.
Check the Microsoft/Windows/Apps and Appx logs under Application and Services Logs for error messages.
Also check the WEM and UPM logs for your session to see if there are any errors customizing the start menu, or resetting any AppX packages.
-
Are you using the same admin account that installed Desktop Lock? If you are using a deployment method that uses a service account, that will be the account you need to login with.
Did you do an upgrade of Workspace App to 2309.1 or was it a clean install with both it and the Desktop Lock.
-
Did you download the script from github and execute it from that directory in powershell? Powershell is very particular about execution locations, and the .\ preceding the command.
I have also had this happen with VMWare in the past, and have had to test connection to the hypervisor, and then restart the DDC services to get them to come back. Did the account used to connect to XenServer change recently?
-
What browser are they using, and what version of the HTML5 client do you have installed on Storefront? 1006 usually means a client side connection issue. So updating the HTML5 client might be all you need to do on the Storefront.
If they use the full client instead of the light client, does that connect?
-
I haven't had to enable ICA keep alives unless the application provides no data on the channel to keep the session going. You should be good to go with how it is out of the box.
2022 session host start menu broke after next login 2203 ltsr cu4
in Profile Management - General
Posted
Can you post your full UPM and folder redirection config?
Can you check this article to see if it matches up?
https://discussions.citrix.com/topic/414426-windows-server-2019-start-menu-broken/)
What does the start menu look like when you hit the button?