Using Citrix Netscaler and Netscaler MAS 11.01 with Nutanix Acropolis Hypervisor

July 15th, 2016

Hi Folks,

if you want to use the Citrix Netscaler or the Netscaler Management and Analytics System 11.01 Build 47.14 together with the Nutanix Acropolis Hypervisor Platform, this is the way how you get it running.

  1. Download the Netscaler / Netscaler MAS KVM Version
  2. Extract the Arcive(s) with a tool like 7-Zip until you have the virtual HDD (Netscaler = .raw file)
  3. Login to the Nutanix Web Console and open the Image configuration, import the virtual HDD as harddisk. Prefer to use the Mozilla Browser for this task, IE may crash regarding that the file is to large.
  4. Create a new VM, remove the CD-ROM (!) and configure the VM min. like below:
    – 2 CPU’s with 1 Core
    – 2GB RAM for Netscaler, 8GB RAM for Netscaler MAS
    – Add the imported HDD by using the Nutanix Image Service as IDE drive, the Size should be min. 20GB for Netscaler and 500GB (!) for Netscaler MAS
    – Add a Network Card
  5. Before you start the VM open a telnet client like Putty and connect to any Nutanix Controller VM (Default login User: nutanix Password: nutanix/4u)
  6. Execute the following commands:
    a) acli
    b) vm.serial_port_create “<VM Name>” type=kServer index=0Replace only <VM Name> with the Name of the Virtual Machine you have created, the commands will add a serial port to the VM, without a serial port the VM will NOT boot.
  7. Start the VM
  8.  To perform the initial Setup perform the following steps by using the Acropolis VM console:
    a) Login with user “nsroot” password “nsroot
    b) For Netscaler execute the command “config ns
    c) For Netscaler MAS execute the command “shell” followed by the command “networkconfig
  9.  Have fun with the rest of the configuration… 😉

Cheers
Michael

Improving XenDesktop/XenApp 7.x logon times for Windows Server 2012/2012R2

July 7th, 2016

Hello Folks,

with a small trick you can strongly improve the login times for Windows Server 2012/2012 R2 in a XenApp/XenDesktop 7.x environment or if you run into a black screen during the login.

Just delete the registry entry HKCU\Software\Microsoft\Windows\CurrentVersion\UFH\SHC for example thru an login script, see also KB 3161390. We reduced the login time for a User from more than 40 seconds to less then 20 seconds without any negative impact, so it’s worth to try it out.

Cheers
Michael

Nutanix Akropolis (AHV) support for XenDesktop/XenApp 7.9

June 9th, 2016

Hello Folks,

as you may already note, XenDesktop/XenApp 7.9 was released and it’s now comes with support for the Akropolis support from Nutanix.

To get your Nutanix installation working it’s important to know that you have to install the “NutanixAcropolis-MCS-XD7.9_or_later.msi” provided by Nutanix (Nutanix Portal->Tools) on all of your XenDesktop/XenApp 7.9 delivery controllers.

The Software was released today, the old Version does not work with the MCS and your Akropolis Hypervisor must be Version 4.6.1.x or higher!

The installation is quite simple and the manual provided by Nutanix works well, one important thing (i run into this issue)… It’s not enough to create a Master VM! You must take a snapshot and the snapshot name MUST start with “XD_” so like XD_TS_Master_2012R2_Snapshot. Otherwise the snapshot will not be recognized during Machine Catalog Setup creation in Citrix Studio.

It’s quite simple, so if you run already a Nutanix or Citrix environment this is what you’re looking for.

Cheers
Michael

Release: IGEL Universal Management Server

April 21st, 2016

====================
IGEL Universal Management Suite
====================
Version 5.02.100
Release date: 2016-04-20

HTML version of this readme is available at http://edocs.igel.com/index.htm#10205028.htm

NOTE:
– New key attribute ‘Unit ID’ added to thin clients; the unit ID is a unique
identifier for a thin client. It is set to the MAC address for all
currently supported devices
– Apache Derby Driver updated to version 10.12.1.1
– DB schema change: Table ADDITIONAL_SYSTEM_INFORMATION replaced by HARDWARE_INFORMATION
– tested lx versions

====================
Known Issues:
====================

[High Availability Feature]

– Load balancers fail to upload the log files to UMS if support info is created.
This effects high availability networks only.

====================
New features:
====================

[UMS common]

– Added automatic UDC license deployment;
configure an IGEL Thin Client (UD LX / UDC v5.09 or higher) to be a
‘UDC automatic license deployment server’ on setup page
IGEL Setup -> System -> Remote management -> UDC automatic license deployment server
(Device registry key: system.remotemanager.wol_proxy.enabled; Type: bool; default: false)
and activate the automatic license deployment in
UMS console -> UMS Administration -> Global Configuration -> Automatic UDC License Deployment -> Enable Automatic UDC License Deployment.
Any new UDC device registering to UMS will get a license automatically.
See http://edocs.igel.com/index.htm#10204964.htm for details.

– Enhanced support information: all assigned profiles of a selected thin client
are added to the support information file

– Added feature for sending Wake on LAN broadcasts via ‘Wake on LAN Proxies’.
These proxies are standard IGEL thin clients (UD LX / UDC v5.09.100 or higher)
and can be defined in UMS Console -> UMS Administration -> Global Configuration -> Wake On LAN -> Wake On LAN Proxies.
There is no configuration required on the thin client side.
Wake on LAN proxies are designed to send wake up broadcasts into network
segments that cannot be reached from UMS server directly.
See http://edocs.igel.com/index.htm#10205070.htm for details.
[Console, common]

– Enhanced mail feature:
* Added option to mail results of administrative tasks
* Added direct mailing of support information via UMS internal mail client

– Enhanced user login history for thin client logins:
* Added AD login and logoff to logging in UMS (up to now only Shared
Workplace logins were logged).
* Added quick search support for currently logged in users
(must be activated in UMS Console -> UMS Administration -> Global Configuration -> Misc Settings -> User Login History)

– Enhanced user experience in UMS console: window pane sizings are now restart
safe stored.

– Added: User Manual is available offline in UMS Console Menu -> Help -> User Manual (offline)
[Thin clients]

– Added new asset information field to thin clients: custom firmware name
(supported in W7 /W7+ devices since version 3.11.100 while creating a snapshot)
[Profiles]

– Enhanced usability in profile import
* select best match firmware automatically if original firmware is not available
* by default file chooser lists xml and zip files only
* when importing a profile archive, all profiles are selected for import by default
[Views]

– Added functionality to assign profiles to the current result of a view
or search. Assignment is made once for all element currently in the view,
this is not a dynamic assignment process!
The available options are
* UMS Console -> View context menu -> Assign profiles to the thin clients of the view
* UMS Console -> View context menu -> Detach profiles from the thin clients of the view
* UMS Console -> Search entry context menu -> Assign profiles to the thin clients of the search
* UMS Console -> Search entry context menu -> Detach profiles from the thin clients of the search
[Configuration Dialog]

– Added support to copy a complete session in configuration dialog;
* functionality is available for all session types (e.g. RDP, Citrix, ..)
* executed via context menu in Configuration dialog -> Sessions -> [any session] -> Session instance context menu -> Copy
[VNC]

– Enhanced VNC configuration: VNC settings for integrated VNC Viewer
can be configured globally and take effect with every VNC mirroring session
(UMS Console -> Aministration section -> Global Configuration -> VNC).
[Admin tasks]

– Added new administrative task: export job executions and delete exported job executions;
* Name of administrative task: Delete job execution data
* Delete rules are configured in UMS Console -> UMS Administration -> Global Configuration -> Job Protocol
[High Availability Feature]

– Enhanced HA network stability: HA network refuses connection of processes
that have been installed with a different network token.

– Added automatic database configuration for new server processes
in an HA environment. It’s no longer necessary to configure the
HA database manually when an additional server is added to the network.
[Installer (linux)]

– Added installer option to create menu items for “UMS Console” and “UMS Administrator”
on Linux operating systems.
[IGEL Management Interface (IMI)]

Detailed documentation for IMI is available at http://edocs.igel.com/index.htm#10204968.htm

– Added support for IGEL Secure VNC. IMI provides methods to get thin client certificate
and the one-time password to forward the credentials to any VNC client you want to use.

– Added profile and master profile support.
* Provides functionality to edit/move/remove profiles and masterprofiles
* NOT supported: create profile/masterprofile or configuration change

– Added assignment support for profiles/masterprofiles
* Assing/detach profiles to/from thin clients and thin client folders

– Added use of alias ‘latest’ instead of IMI version (/v1, /v2) in
REST urls. /latest represents the newest IMI version.
====================
Resolved issues:
====================

[UMS common]

– Fixed UMS server logging issue: daily file for catalina log is created again;
– IMI got separate log file ‘api.log’.
[Console, common]

– Fixed ‘User manual’ link in help menu; link points to UMS 5 manual now

– Fixed crash in Log and Event Messages dialog with large databases: dialog would not open
in environments with more than about 1000 thin clients.

– Fixed: The UMS database administrator was not allowed to manage the
public holidays (UMS console->Misc->Manage public Holidays)

– Enhanced thin client panel layout: assignment panel width is preserved
if thin client selection changes

– Fixed: assigned thin clients on firmware updates dissapear if a firmware update
is selected and F5 is pressed

– Fixed: license creation from smartcard fails if the license contains
Addon Multimedia Codecs 2 or Addon Multimedia Codec AAC
[Thin clients]

– Fixed: Asset id field showed the same value as the serial number field.

– Fixed: Sending settings to a thin client fails if a file is assigned
to the tc several times.
[Profiles]

– Fixed: Some settings could not be saved on setup pages
‘System/Power Options/Display’ and ‘System/Power Options/System’

– Fixed bug in permission management of profile assignments: assignment panel
did not display assigned thin clients

– Changed: double click action on directories in profile assignment dialog
does no longer assign the folder, but expands the folder instead.
[Views]

– Fixed issues of view with ‘Flashplayer’ criterion and operator ‘not like’: view did
not return any thin clients

– Fixed: Views with online criterion can’t be assigned to a scheduled job.

– Fixed: Bug in “Send View Result as Mail”, which exported some incorrect columns
[Jobs]

– Changed name of Job “Update next Reboot” to “Update on Boot”
[‘Files’]

– Fixed: use ip address of server in file transfer URLs to avoid problems resolving FQDN

– Fixed: A file which is assigned to a parent directory of a thin client
is sent to the tc even if the file is in the recycle bin.

– Fixed file deleting issue: If a file is deleted in UMS the corresponding ‘real’ file
in the WebDAV directory is not deleted as long as other UMS files refer to it.
[Configuration Dialog]

– Fixed thin client configuration issue: thin client settings for profile instances are not saved.

– Fixed: Empty error message while opening Browser Session via Session Summary in configuration dialog

– Fixed configuration dialog issue with PostreSQL database: configuration could not
be saved, if values of fix instances were changed.

– Fixed permission issue for display page: page permission for display page
did not take effekt on UD LX / UDC devices prior to 5.08.
This problem exists since UMS version 5.01.

– Fixed: Adding Browser Session with legacy LX Firmwares

– Fixed time zone configuration issue: It’s possible to use template keys
in WES profiles for timezone parameter on page Sytem -> Date and Time

– Fixed: Path to some parameters were highlightet in green even if there was
no template pattern set for the parameter.
[Console, administration section]

– Fixed server actions in administration section, UMS Networt, Server: stop service and start service actions
in context menue of the UMS server are available in an HA environment only.

– Fixed ‘test’ button in email configuration: now a test mail is sent to verify the connection.
[Admin tasks]

– Enhanced job execution history for administrative tasks: an additional column shows
the server which executed the task (relevant mainly for HA environments)
[AD / LDAP integration]

– Fixed AD configuration test button issue: If an AD configuration is defined
with an user but without a password, the test button now asks for
valid credentials before the connection to the Active Directory is tested
[Console, web start]

– Fixed: License creation from smartcard doesn’t work on Linux systems.
[Server, common]

– Removed weak SSL ciphers in UMS server: RC4_128_SHA and RC4_128_MD5 removed.

– Updated: Apache Derby Driver version 10.8.3.0 to version 10.12.1.1

– Changed: Increased the maximum memory usage of UMS Console (512mb -> 768mb)
and UMS Server (768mb -> 1024mb)
[Administrator application]

– Fixed wrong state of SQL console button in UMS Administrator: button was active
even if no data source was activated.
[Installer (windows)]

– Fixed Innosetup script recording for silent installation: silent installation
did always perform a full installation, even if individual component selections
were made during script recording.

– Fixed windows installer issue: missing embedded database configuration
if standard server WITHOUT console is installed

– Enhanced installation process: installer keeps running until UMS server
has started completely and database update is done.
This may take some minutes, but prevents database update problems
[Installer (linux)]

– Enhanced installation process: installer keeps running until UMS server
has started completely and database update is done.
This may take some minutes, but prevents database update problems
[IGEL look and feel]

– Fixed various Issues with the new UMS 5 Look and Feels
(icons, date picker layout, check box representation in tables, ..).
[IGEL Management Interface (IMI)]

– Changed: IMI performance enhancements for finding all thin clients or thin client directories

– Fixed: IMI license can now contain more than one cluster id

Release: IGEL Universal Desktop W7/W7+ Version 3.11.100

February 4th, 2016

IGEL Universal Desktop W7+
=========================
Version 3.11.100
Release date 2016-02-01

Supported devices:
UD3-W7+, UD5-W7+, UD6-W7+, UD9-W7+, UD9-W7+ Touch, UD10-W7+, UD10-W7+ Touch
====================
Notes:
====================

====================
Drivers:
====================
– D-LINK DWA-131 Nano: 1085.7.0815.2009
– D-LINK DWA-131 REVB Nano: 1015.6.0210.2012
– eGalax xTouch: 5.11.0.9020
– FTDI UsbToSerial: 2.02.04
– Gemalto Minidriver for .NET Smart Card: (WES7: 8.3.1.3)
– Intel 945 Express: 8.15.10.1930
– Intel AHCI: 11.2.0.1006
– Intel Centrino WIFI N-1000: 15.1.0.18
– Intel HD Graphics: 36.15.0.1073
– Intel HD Graphics: 9.17.10.2875
– Intel PCI Communication Controller: 8.0.0.1262
– OmniKey Cardman 3×21: 1.2.15.0
– Prolific PL-2303 USBtoSerial: 2.0.2.8
– Qualcom Atheros WIFI: 10.0.0.285
– Ralink RT309x/2860: 3.02.01.0
– Ralink WIFI RT357x 5.1.7.0
– Realtek 8168: 7.61.612.2012
– Realtek HD Audio: 2.63
– Realtek RTL8169 Version: 7.43.321.2011
– RTL8168C: 7.018.0322.2010
– VIA Chrome9 VX855: 8.14.14.0141
– VIA Chrome9 VX900 for UD10: 8.14.14.0231
– VIA Chrome9 VX900: 8.14.14.0181
– VIA HD Audio VT1708B: 6.0.01.8700
– VIA WIFI VT6656: 1.1.0.2
– AMD USB 3.0 hub driver: 1.1.0.0167
– AMD PSP Device driver: 2.12.0.0002
– AMD Radeon Graphics driver: 15.101.1007.0000
– AMD SMBus driver: 5.12.0.0015
– AMD USB 3.0 host controller: 1.1.0.0167
====================
Applications:
====================
– .NET: 3.5 SP1
– Citrix Receiver: 4.4
– Client for RedHat RHEV-D: 3.0-26
– Ekiga VOIP Client: 3.2.6
– Ericom PowerTerm: 9.2.0.0
– Ericom WebConnect: 5.6.1.1000
– Fabulatech USB for Remote Desktop: 5.0.2
– Internet Explorer: 11
– Leostream Connect Client: 2.7.129.0
– Microsoft RDP Client : 8.1
– NCP Enterprise Client: 9.30
– NX Client: 3.4.0.7
– Dell vWorkspace Client: 8.5
– Sumatra PDF Reader: 2.1.1
– Sun JAVA RE: 1.8 Update 40
– ThinPrint: 8.6
– Tight VNC Server: 2.7.10
– USB Redirection for RedHat RHEV-D: 3.0-26
– VMware Horizon Client Version: 3.5.2
– Windows Media Player: 12
====================
Bug fixes:
====================
[TCSetup]
– Fixed TCSetup is not accessible by user.

[Browser]
– Fixed IE session does not autostart in kiosk mode.
– Fixed enable/disable protected mode does not work for restricted sites zone.

[Powerterm]
– Fixed Powerterm session does not start.

[ICA]
– Fixed passthrough authentication does not work if Citrix Selfservice
session is started automatically.

[System]
– Fixed settings are not configured if user information dialog is disabled.
– Fixed standby/wakeup on UD5/UD6 does only work once.
– Fixed settings are not configured if UMS could not be reached.
– Fixed enabling the Microsoft Keyboard Filter results in a reboot loop.
– Fixed Microsoft Standard VGA driver is loaded after snapshot upload.

====================
New features:
====================
[System]
– Updated OpenSSL library to version 1.0.2d.
– Added UMS auto registration via DHCP structure tag.
– Added Italian, Spanish and Japanese as IGEL user interface language
– Added enable/disable IGEL configuration.
On IGEL setup page “Sessions->Citrix”
(registry key: ica.use_igel_setup, default: true)
On IGEL setup page “Sessions->RDP”
(registry key: rdp.use_igel_setup, default: true)
On IGEL setup page “Sessions->Windows Media Player”
(registry key: sessions.wmplayer.use_igel_setup, default: true)
On IGEL setup page “Sessions->Horizon Client”
(registry key: vmware.view.use_igel_setup, default: true)
On IGEL setup page “Accessories->Windows Services”
(registry key: system.winservices.use_igel_setup, default: true)
On IGEL setup page “Userinterface->Desktop”
(registry key: userinterface.desktop.use_igel_setup, default: true)
On IGEL setup page “Userinterface->Input->Keyboard”
(registry key: userinterface.keyboard.use_igel_setup, default: true)
On IGEL setup page “Userinterface->Input->Mouse”
(registry key: userinterface.mouse.use_igel_setup, default: true)
On IGEL setup page “Userinterface->Shell”
(registry key: userinterface.shell.use_igel_setup, default: true)
On IGEL setup page “Userinterface->Start Menu”
(registry key: userinterface.startmenu.use_igel_setup, default: true)
On IGEL setup page “Network->Routing”
(registry key: network.routing.use_igel_setup, default: true)
On IGEL setup page “Network->LAN Interface”
(registry key: network.use_igel_setup, default: true)
On IGEL setup page “Devices->Printer->Printer”
(registry key: print.use_igel_setup, default: true)
In IGEL Registry
(registry key: devices.hotplug.use_igel_setup, default: true)
On IGEL setup page “Security->Password”
(registry key: system.auto_logon.use_igel_setup, default: true)
On IGEL setup page “Security->Active Directory”
(registry key: system.domainparticipation.use_igel_setup, default: true)
On IGEL setup page “Security->Network”
(registry key: system.network.use_igel_setup_security_network, default: true)
On IGEL setup page “System->Date and Time”
(registry key: system.time.use_igel_setup, default: true)

– Added configuration of installation directory for clients
On IGEL setup page “Sessions->Citrix”
(registry key: ica.selfservice.installdir, default: C:\Program Files\Citrix\ICA Client\SelfServicePlugin)
(registry key: ica.wfclient.citrixinstalldir, default: C:\Program Files\Citrix\ICA Client)
On IGEL setup page “Sessions->Horizon Client”
(registry key: vmware.view.installdir, default: C:\Program Files\VMware\VMware Horizon View Client\vmware-view.exe)

[Dell vWorkspace]
– Updated Dell vWorkspace to version 8.5.

[VMware]
– Updated VMware Horizon Client to version 3.5.2.
On IGEL setup page “Sessions->Horizon Client->Horizon Client Sessions->Connection settings”
(registry key: sessions.vdm_client%.options.novmwareaddins, default: desktop)
(registry key: sessions.vdm_client%.options.singleautoconnect, default: desktop)
In IGEL Registry
(registry key: vmware.view.pcoip.enable-fips-mode, default: false)

– Added redirection of “Ctrl,Alt,Del” to session.
On IGEL setup page “Sessions->Horizon Client->Horizon Client Global->Keyboard”
(registry key: vmware.view.redirect_ctrl_alt_del, default: false)

[RDP]
– Added redirection of “Ctrl,Alt,Del” to session.
On IGEL setup page “Sessions->RDP->RDP->Keyboard”
(registry key: rdp.winconnect.redirect_ctrl_alt_del, default: false)

[ICA]
– Updated Citrix Receiver to version 4.4.
In IGEL Registry
(registry key: ica.selfservice.show_tray_icon, default: false)
(registry key: ica.hdx.serversidecontentfetching, default: false)
– Added redirection of “Ctrl,Alt,Del” to session.
On IGEL setup page “Sessions->Citrix->ICA Global->Keyboard”
(registry key: ica.wfclient.redirect_ctrl_alt_del, default: false)

[Browser]
– Added enable/disable of message “New addons can be activated” for IE session.
On IGEL setup page “Sessions->Browser Sessions->Advanced”
(registry key: sessions.web.websettings.iesecurity_activenewaddons, default: false)
====================
Known Issues:
====================
[System]
– Deactivating WIFI devices is not working.
– Deactivating Bluetooth devices is not working.

[FABULATECH]
– Fabulatech USB for Remote Desktop is currently
not working with Citrix XenDesktop.

[VMware]
– USB redirection: devices connected to a USB 3.0 Port will not be redirected.
– USB redirection is currently not working if vWorkspace USB
redirection service is enabled.

Merry Christmas and a Happy New Year 2016!

December 24th, 2015

Hi Folks,

i wish you a Merry Christmas and a Happy New Year 2016!

xmas2014

Cheers

Michael

Info (Updated): IGEL Universal Desktop OS 5.08.100 will not work on Microsoft Hyper-V anymore

December 14th, 2015

Hi Folks,

if you used the IGEL Universal Deskop OS as virtual Test/Demo System together with a Microsoft Hyper-V Server, please note that this will not work anymore after updated to Version 5.08.100. The VM will not boot…

So if you still want to use it on Hyper-V you have to stay on the 5.07.100 Version.

Update: This will be fixed with an private build, please contact the IGEL Support to receive the update!

Cheers

Michael

Release: IGEL Universal Desktop OS/LX 5.08.100

December 14th, 2015

IGEL Universal Desktop OS 2
===========================
Version 5.08.100
Release date 2015-12-11
Last update of this document 2015-12-11

The online Release Notes can be found at http://edocs.igel.com/index.htm#10204110.htm
Registry Keys of parameters are listed there.

==========================
Versions:
==========================
Clients:
– Citrix Access Gateway Standard Plug-in 4.6.3.0800
– Citrix HDX Realtime Media Engine 1.8.0-258
– Citrix Receiver 12.1.8.250715
– Citrix Receiver 13.1.4.322630
– Citrix Receiver 13.2.1.328635
– Dell vWorkspace Connector for Linux 8.5.0
– Ericom PowerTerm 10.2.0.0.20150802.1-_dev_-34574
– Ericom PowerTerm 9.2.0.6.20091224.1-_rc_-25848
– Ericom Webconnect 5.6.0.4000-rel.20413
– Evidian AuthMgr 1.3.5696
– FabulaTech USB for Remote Desktop 5.1.0_20151106
– Firefox 38.4.0
– IBM iSeriesAccess 7.1.0-1.0
– IGEL Legacy RDP Client 1.0
– IGEL RDP Client 2.2
– Imprivata OneSign ProveID Embedded
– Leostream Java Connect 3.0.57.0
– NCP Secure Client (Enterprise) 3.25-rev23310-i686
– NX Client 4.6.16
– Open VPN 2.3.2
– Oracle JRE 1.8.0_66
– Parallels 2X Client 14.1.3452
– Remote Viewer 2.0 for RedHat Enterprise Virtualization Desktops
– Systancia AppliDis 4.0.0.14
– Thinlinc Client 4.4.0-4775
– ThinPrint Client 7.0.65
– Totem Media Player 2.30.2
– Nimboxx VERDE Client 8.0.0-rel.25568
– VMware Horizon client 3.5.0-2999900
– Voip Client Ekiga 3.2.7

Dictation:
– Driver for Grundig Business Systems dictation devices
– Nuance Audio Extensions for dictation 7.47.0
– Driver for Olympus dictation devices
– Legacy Philips Speech Driver 5.0.10
– Philips Speech Driver 12.3.10

Signature:
– signotec VCOM Daemon 1.0.11
– Softpro/Kofax Citrix Virtual Channel 3.1.33.2
– StepOver TCP Client 1.0.0

Smartcard:
– PKCS#11 Library A.E.T SafeSign 3.0.93
– PKCS#11 Library Athena IDProtect 623.07
– PKCS#11 Library Gemalto IDPrime 1.2.1
– PKCS#11 Library SecMaker NetID 6.3.0.50
– Reader Driver ACS CCID 1.0.5
– Reader Driver HID Global Omnikey CCID 4.0.5.5
– Reader Driver MUSCLE CCID 1.4.19
– Reader Driver Omnikey CCID legacy-3.6.0
– Reader Driver Omnikey RFID legacy-2.7.2
– Reader Driver REINER SCT cyberJack 3.99.5final.SP03
– Reader Driver Safenet / Aladdin eToken 8.1.0-4
– Reader Driver SCM Microsystems SDI011 5.0.18
– Reader Driver Identive / SCM Microsystems CCID 5.0.33
– Resource Manager PC/SC Lite 1.8.12

System Components:
– Graphics Driver ATI 7.3.0
– Graphics Driver NVIDIA 304.128
– Graphics Driver INTEL 2.99.914
– Graphics Driver VIA 5.76.52.92-151843
– Kernel 3.13.11-ckt27 #67.109-udos-r1368
– Xorg X11 Server 1.15.1
– Xorg Xephyr 1.15.1

==========================
Information:
==========================

IMPORTANT:
This release integrates three Citrix Receiver versions: 12.1.8, 13.1.4 and 13.2.1.
Only one of these versions can be active at a time.
You can change the Receiver version in IGEL Setup/UMS on page
“Sessions->Citrix XenDesktop / XenApp->Citrix Receiver Selection”.
Citrix Receiver version 13.2.1 is used by default.

IMPORTANT:
Dual monitor configuration for “unsupported hardware” works only if “native
driver support” works properly. It is a prerequisite to assure that the
native driver is really working, as the fallback VESA driver does not provide
any dual monitor configuration. Have a look at Application Launcher’s
“About tab->Hardware-Graphics Chipset”. If VESA is listed there the native
driver does not work and dual monitor configuration is not functional.
==========================
Known issues:
==========================

[Citrix Receiver 13]
– Randomly seamless application windows are displayed twice in a dual monitor setup.

[Citrix]
– It can happen that the window of a published Firefox can get unusable when the window is maximized,
then minimized and maximized again. This can also happen to other applications, too
Workaround: enable registry key ica.wfclient.twisetfocusbeforerestore with Citrix Receiver 13.2.1

[Firefox]
– If you have socks- and http/ssl proxy defined in the system wide setup,
the browser uses the socks proxy. In contrast in session specific setup,
the browser prefers http/ssl proxy.

[VMware Horizon]
– Remote Applications are not seamless in the strict sense.
These are rather displayed in an extra window decorated by the TC’s window manager.
– If more applications defined and started in the same session, all are displayed inside this window.
The default size of this window can be defined in the Window section of the Horizon session.
– PCoIP user input language synchronization is currently broken.

[Dell vWorkspace Connector]
– Seamless applications exported from Win8/8.1 desktops show display errors when
dragged to the screen edges.
– With a dual monitor configuration flash redirected windows can appear on wrong screen.
– After the start of a seamless session the window is initially maximized before being
resized to the correct size.
– Windows XP sessions might not work properly anymore.
– Only standard 105 keys PC keyboards are supported.
Not supported anymore: Trimodal, Sun Type 6 or IBM 122 keys.
– Mapping of drives to a dedicated drive letter is not possible anymore.
– If Com-port redirection is enabled all linux serial ports (/dev/ttySx) will be mapped.
– If printer mapping is enabled all printers configured in CUPS are mapped.
– For Multimedia Redirection sound redirection with WMV/WMA streams is not working.
– USB Redirection may not work reliable.
– Session starts only if RDP Local Logon Window
(IGEL Setup->Sessions->RDP->RDP Global->Local Logon) is active.

[Genucard VPN]
– Network loss, network reconfiguration or dis- and reconnecting genucard requires session restarts

[Evidian AuthMgr]
– Active Directory users with a password containing special characters may have problems to
authenticate with the configured session.
Known special characters which results in errors are:
` (grave accent, ASCII code 96)
´ (acute accent, ASCII code 239)
==========================
IGEL Universal Desktop OS 2 5.08.100
==========================
New Features:
==========================

[Citrix Receiver 13]
– Updated Citrix Receiver to version 13.2.1 (additionally to 12.1.8 and 13.1.4)
Receiver 13.0.4 was removed.
Citrix Receiver version 13.2.1 is used by default now.

[Citrix]
– Added new Citrix Virtual Channel for Dictation with Nuance devices and software.
Activate in IGEL Setup on page Sessions->Citrix XenDesktop / XenApp->
HDX / ICA Global->Mapping Device Support, parameter “Nuance Channel for Dictation”
default: disabled.
– Added a parameter to disable “Ctrl+Alt+Del” hotkey for login data input in the
Smartcard login window. Only Smartcard login is available then. The new paramater
is available in the registry:
“ica.login.smartcard_only” (default: disabled)
– Added username and password authentication support for the System-wide proxy
located at setup page Network->Proxy. The primary intention of use is for
Citrix Sessions with Flash redirection.
The local Firefox browser can also levarage these settings, if a proxy realm is defined.

– Citrix StoreFront/Web Interface:
– Added a filter for the applications appearance on start menu, desktop
and application launcher at IGEL Setup
Sessions -> Citrix XenDesktop / XenApp ->
Citrix StoreFront / Web Interface -> Appearance:
“Apply display filter to start menu entries”, (default: disabled)
“Apply display filter to Application Launcher entries”, (default: disabled)
“Apply display filter to desktop icons”, (default: disabled)
– Added numeration for identical session names by activating the parameter in the
registry: “ica.pnlogin.unique_names” (default: false)
[RDP/IGEL RDP Client 2]
– Updated IGEL RDP Client 2 to version 2.2
(based on FreeRDP 1.2.4 git version Sep 21 23:42:32 2015
commit 62da9d28c674814c81c245c1c7882eb0da7be76b)
– Added automatic reconnect if network connection is lost. Reconnect can be aborted
manually. This feature only works with Desktop Sessions. Gateway Sessions
and Remote Apps are not supported.
– Added playback of MPEG-2 and MPEG-1 videos in RDP multimedia redirection.
– Added Dynamic Client Drive Mapping functionality.
You can enable this feature at Setup -> Devices -> Storage Devices ->
Storage Hotplug -> Enable dynamic client drive mapping (default: disabled)
– Added automatic Windows desktop resizing (resolution of desktop) if size of
the RDP window is changed. It can be enabled at:
Sessions -> RDP -> RDP Global -> Window -> Enable Display Control (default: enabled)
– Improved server certificate handling. If the certificate was already accepted once
no certificate dialogue will popup as long as the session is running.

[RD Web Access]
– Added support to use a filter for the applications shown on start menu, desktop
and application launcher at IGEL Setup
Sessions -> RDP -> Remote Desktop Web Access -> Appearance:
“Apply display filter to start menu entries”, (default: disabled)
“Apply display filter to Application Launcher entries”, (default: disabled)
“Apply display filter to desktop icons”, (default: disabled)

[vWorkspace AppPortal]
– Added support to use a filter for the applications shown on start menu, desktop
and application launcher at IGEL Setup
Sessions -> vWorkspace Client -> vWorkspace AppPortal -> Appearance:
“Apply display filter to start menu entries”, (default: disabled)
“Apply display filter to Application Launcher entries”, (default: disabled)
“Apply display filter to desktop icons”, (default: disabled)

[VMware Horizon]
– Updated VMware Horizon client to version 3.5.0-2999900.
– Added Network Level Authentication (NLA) for RDP based sessions.
If NLA support is switched on, IGEL’s local logon dialog is enabled automatically.
NLA can be enabled at IGEL setup:
Sessions -> Horizon Client Sessions -> <session name> -> Options -> Network Level Authentification
For VMware Horizon Appliance Mode, the configuration as located at:
IGEL Setup: Sessions -> Appliance Mode -> VMware Horizon -> Network Level Authentification
– Added drive mappings, defined at Setup -> Sessions -> RDP -> RDP Global
to be used in PCoIP sessions, too.
[Appliance Modes]
– Added battery level notifications and battery level actions for Appliance Mode setups.

– XenDesktop Appliance:
– Added Quick Settings (located at IGEL Setup->Accessories->Quick Settings) availability
through the defined hotkey
– Changed parameters for the on-screen keyboard:
New parameter in IGEL Setup: Setup -> Sessions -> Appliance Mode -> Citrix XenDesktop
“Enable on-screen keyboard”, (default: disabled)
“Width of on-screen keyboard in pixels”, (default: 0)
“Height of on-screen keyboard in pixels”, (default: 300)
These parameters specify the width and height of the on-screen keyboard if it is enabled
for the Citrix XenDesktop appliance mode. If exactly one of them is greater than 0 the
others will be calculated so that the on-screen keyboard has its preferred aspect ratio.

Removed:
* xen.xenapp-morph.touchscreen.softkeyboard_size (Specify width or height instead)
In order to preserve the old size calculate the height like this:
softkeyboard_h = 2 x (old softkeyboard_size) x (number of key rows on the on-screen keyboard)

New parameter in IGEL Setup for x,y position:
“x coordinate of on-screen keyboard”, (default: 0)
“y coordinate of on-screen keyboard”, (default: 0)
These parameters may now have negative values. It allows to specify the location of
the on-screen keyboard relative to the right and to the bottom of the screen. E.g. setting both to -1
makes the on-screen keyboard appear at the bottom right corner of the screen.

Activating the “Enable on-screen keyboard” parameter is now necessary and sufficient
to make the on-screen keyboard appear.
The activation of a touchscreen driver is not required anymore.

– New on-screen keyboard configuration in VMware Horizon, RHEV/Spice and Imprivata Appliance
at IGEL Setup Sessions -> Appliance Mode:
“Enable on-screen keyboard”, (default: disabled)
“Width of on-screen keyboard in pixels”
“Height of on-screen keyboard in pixels”
“x coordinate of on-screen keyboard”
“y coordinate of on-screen keyboard”
Negativ values of the x,y coordinate are handled in the same way as described for Citrix XenDesktop

In Horizon Applicance Mode an on-screen keyboard is visible only during the logon.
With enabled on-screen keyboard Local Logon is automatically used.

Further configuration of the on-screen keyboard, like whether the function keys, the navigation
keys or the numpad should be visible, has to be set up at Setup -> Accessories -> On-screen keyboard.
[NX client]
– Updated NoMachine NX Client to version 4.6.16
– Added NoMachine NX Client multimonitor support with parameter:
“Multimonitor Fullscreen” at:
Setup -> Sessions -> NX -> NX Sessions -> <session name> -> Unix-Display -> Resolution
[Verde]
– Updated Verde Client to version 8.0
Added new parameters in IGEL Setup:
Setup -> Sessions -> VERDE Sessions -> <session name> -> Connection:
– “Command line mode” (default: false)
– “Desktop name”, (default: empty)
– “Desktop display protocol”, (default: empty)
This will allow to start a Verde session without using the default Verde client.
When “Command line mode” is activated the “Desktop name” and “Desktop display protocol”
parameters are modifiable.

Setup -> Sessions -> VERDE Sessions -> <session name> -> Options ->
“Custom options for Remote Viewer client”, (default: empty)
This will allow to add custom parameters to the remote-viewer client when
executed by Verde.
[Firefox]
– Added multiple startup pages in tabs support.
To do this, seperate the URLs by a pipe symbol “|”. The first page in the list will be the
active page. Note that if the tab panel is hidden, all additional startup pages are ignored.
The startup page can be defined in IGEL setup:
Sessions->Browser->Browser Global->Startuppage and
Sessions->Browser->Browser Sessions-><session name>->Settings->Startuppage
[WiFi]
– Updated Wireless Regulatory database to the latest release.
– Added support for the Wireless LAN Chipset Realtek RTL8188EE.
[Network]
– New parameters added for preventing Network Manager from abandoning device configuration.
By default Network Manager abandons device configuration at some point, when problems occur.
This is usually reasonable but sometimes it is preferable that Network Manager does not give up.
Particularly under these circumstances the new parameters may be beneficial:
* Cisco switch in use
* 802.1X authentication enabled
* network.interfaces.ethernet.deviceX.ieee8021x.secure_only=true
* Reauthentication fails when the switch is power-cycled.
These boolean parameters can be accessed via the registry:
* network.interfaces.ethernet.device0.insistence
* network.interfaces.ethernet.device1.insistence
(default: false)
They refer to the first and second wired device respectively.
The default value false preserves the behaviour of former firmware versions,
i.e. Network Manager is allowed to abandon device configuration.
If the parameter is set to true the device configuration will be retried
until it is successful.
– Added option to convert all host names to upper case by default.
This can be controlled by the new registry key:
network.dns.hostname_conversion
display name: Conversion of Terminal Name
(default: to upper case)
range: none, to upper case, to lower case
[Remote Management]
– Added the option “New Hostname” to the UMS registration tool to set a new hostname
during registration.
You can find the tool at Start Menu -> System -> UMS Registering
[Genucard VPN]
– Added more detailed error and warning messages.
[Open VPN]
– Added DNS and routing parameters to be configurable at:
Setup -> Network -> VPN -> Open VPN -> <connection name> -> IPv4
Here you can decide to use the DNS and/or routing settings you get from
the OpenVPN Server by switching on or of
“Automatic DNS” or “Automatic Routes”, respectively.
You can also specify extra name servers and search domains
and decide whether VPN should be the default route.

– Added routing parameters to be configurable at:
Setup -> Network -> VPN -> Open VPN -> <connection name> -> Route 0/1/2

[Smartcard]
– Added command line tool scardserial to read serial number (UID) of DESFire EV1 smart cards.
– Added support for card reader Elatec TWN4 CCID (09D8:0425).
– Updated PKCS#11 Library Gemalto IDPrime to version 1.2.1:
Added support for the following cards:
– IDPrime MD 840
– IDPrime MD 3840
– IDPrime MD 830 – ICP
– IDPrime MD 3810 – Rev B
– Optelio / Desineo D72
[CUPS Printing]
– Removed application xfprint4-manager for handling of print jobs. It is not supported any more.
[base system]
– Updated Kernel to Ubuntu Trusty version 3.13-67.109
– Added Japanese User Interface translation.
Added three different Japanese input methods (Nippon, Hiragana, Katakana), which can be further
customized in the IGEL Setup at Setup -> User Interface -> Input -> SCIM Input Methods Platform ->
Generic Table -> Table Administration.
– Added Product Id extension “a” when AAC Multimedia Codec is licensed.
– Added “userinterface.keyboard.extraoptions” and “userinterface.keyboard.add_layout%.extraoptions”
parameters to allow additional keyboard options being enabled.
Supported extraoptions are:
* “caps:stickycapslock”
Use “caps:stickycapslock” when you want capslock being released only by pressing and
releasing one of the shift keys but not when capslock is pressed again.
* “caps:stickyshiftlock”
For some keyboard layouts “caps:stickyshiftlock” might affect additional keys that are
not affected by “caps:stickycapslock”.
* “shift:breaks_caps”
Use “shift:breaks_caps” when you want capslock being released when one of the shift keys
is being pressed and released or when capslock is being pressed again.
– Improved the setup page “Setup -> Devices -> Storage Devices -> Storage Hotplug”.
It is not restricted to USB devices anymore.
The reason for this generalization is support for MMC card readers, that are not connected to USB but
directly to the PCI bus. These are also affected by the settings on that setup page.
– Added new parameter to configure the default access permission for mountable volumes on hotplug storage devices:
at Setup -> Devices -> Storage Devices -> Storage Hotplug -> Default permission
Range: Read/Write, Read Only, (default: Read/Write)
For USB devices it is possible to specify exceptions from the default access permission
at Setup -> Devices -> USB access control -> Device Rules -> <rule name> -> Permission
Range: Global Default, Read/Write, Read Only, (default: Global Default)
USB access control must be enabled for this to work.
The exception can be bound to the Vendor/Product ID and UUID of the USB storage device.
– Updated several packages from Ubuntu lucid to current trusty versions
– Updated IGEL Setup to version 5.1.15
[Driver]
– Added support for signotec signature pads. Enable it at
“Setup -> User Interface -> Input -> Signature Pad -> Enable signotec VCOM Daemon”
Then the virtual serial device (/dev/ttyVST0, /dev/ttyVST1) can be mapped via Citrix and
RDP COM Port Mapping.
– Added support for JMicron JMC250 Gigabit Ethernet Controller
– Updated INTEL graphics driver from version 2.99.910 to 2.99.914
– Updated Philips Speech Driver to version 12.3.10:
– Fixed problems with sliding switch of LFH3510:
switching from REC to STOP in some cases was not recognised correctly.
– Updated Grundig Dictation Driver to version 30.07.2015.
– Added Support for SonicMic 3
*** Important ***: not supported anymore: SonicMic I and SoundBox 820
[Shared Workplace]
– Use display switcher settings for shared workplace also, which could be
overruled with a user profile assigned to the logged in user.
[Desktop]
– Added display zoom support to display switcher (use a virtual resolution, higher as
the monitor resolution also known as spanning).
– Added the resolution 1280×1080 at 60Hz and 75Hz for LG29UB55-B in split-screen mode.
Unfortunately, the monitor doesn’t support this resolution, so the picture
may be distorted. As a workaround, you may switch the monitor on/off until
the monitor accepted the resolution.
– Added Screenshot Tool (see Setup -> Accessories -> Screenshot Tool) to take pictures of
the entire screen or an active window.
Added hotkey configuration for:
– Screenshot of active window, default CTRL+ALT+Print, (default: disabled)
– Screenshot of entire screen, default CTRL+SHIFT+Print, (default: disabled)
configurable at Setup -> User Interface -> Hotkeys -> Commands
– Added Taskmanager (see Setup -> Accessories -> Taskmanager) to view running processes,
CPU usage and memory information.

– Added a new category at Setup -> System -> Firmware Customization -> Corporate Design.
Bootsplash, Background Wallpaper and Company Logos for Start Menu and Screen Saver can be
costomized.
– Moved Setup pages from “User Interface->Display->Desktop” to “User Interface->Desktop”
– Updated the XFCE desktop environment to version 4.12.3
– Added parameter “Single Click Mode” at “Setup -> User Interface -> Desktop”
In this mode, icons on the Desktop are activated with a single click instead of the usual
double click. This is recommended when using a touchscreen monitor.
– Added parameter “Auto Hide Behavior” at “Setup -> User Interface -> Desktop -> Taskbar”
to configure the auto hide behavior of the taskbar.
The taskbar autohide feature now has another mode called “Intelligently”, which activates
the taskbar as long as no window occupies space at the taskbar position. If a window is moved
onto the taskbar or if it gets maximized, the taskbar autohide feature is activated automatically.
This autohide mode is used by default. Configure “Auto Hide Behavior” to “Always” if you
want the behaviour of firmware before 5.08.100.
Additionally there are new parameters:
– “Taskbar Show Delay”: to set the delay the mouse has to touch the screen edge
until the taskbar is shown.
– “Taskbar Hide Delay” to set the delay the mouse has to reside outside of the taskbar area to hide the taskbar again.

– Added parameter “Vertical Taskbar Mode” at “User Interface -> Desktop -> Taskbar”
configure the mode of the taskbar if it is aligned to the left or right. The default value
is “Deskbar”. In this mode, the window buttons in the taskbar are displayed as square tiles,
i.e. without the particular text label of the window. Moreover, the title of the start button
(if activated) is represented horizontally. In the “Vertical” mode, the window buttons are
shown together with their text label, written from top to bottom. Equally, the title of the
start button is represented vertically.
– Added parameter “Number of rows/columns in taskbar” at “Setup -> User Interface -> Desktop
-> Taskbar”. Note that the height/width of the taskbar is split equally among the configured
amount of rows/columns. In “Automatic” mode, the number of rows is one if the width/height
of the taskbar is between 1 and 55, two if the width/height is between 56 and 110, three
if the width/height is between 111 and 165, and so on.
default: Automatic
range: Automatic,1,2,3,4,5,6
– Added new page “Taskbar Background” at “Setup -> User Interface -> Desktop” to further
customize the look of the taskbar. The possible values of the taskbar “Background Style” parameter
are System Preset, Solid Color, Color Gradient and Background Image.
The Setup parameter windowmanager.wm0.variables.taskbargradient.solid is not supported anymore.
To set the background of the taskbar to a solid color, please set the “Background Style”
to “Solid Color”.
. Note that if a selected Background Image is smaller than the size of the taskbar, the image will
be repeated in both directions.
– Added new page “Taskbar Items” at “Setup -> User Interface -> Desktop” to configure
the taskbar plugins
– Added disable “Taskbar Clock” at “Setup -> User Interface -> Desktop -> Taskbar Items”
The clock in the taskbar now shows the current date in a tooltip.
– Configure window button list at “Setup -> User Interface -> Desktop -> Taskbar Items”
“Sorting order in window button list”, default: Timestamp
“Maximum number of rows/columns in window button list”, default: Automatic
range: Automatic,1,2,3
“Show labels in window button list”, default: enabled
– Added parameter “Taskbar System Tray” at “Setup -> User Interface -> Desktop -> Taskbar Items”
to enable or disable the system tray.
– Added parameter “Size of icons in System Tray” at “Setup -> User Interface -> Desktop ->
Taskbar Items” to configure the size of the icons in the system tray.
default: Automatic
range: Automatic,Small,Medium,Large
– The following registry keys are not supported anymore and have been removed:
windowmanager.wm0.variables.taskbarfullwidth
windowmanager.wm0.variables.taskbarhandlestyle
windowmanager.wm0.variables.startbuttonmessage
windowmanager.wm0.variables.startmenumoremessage
windowmanager.wm0.variables.smartplacement
windowmanager.wm0.variables.windowlist_showicons
windowmanager.wm0.variables.imagepath
windowmanager.wm0.variables.soundpath
windowmanager.wm0.variables.defaulticon
windowmanager.wm0.variables.defaultshortcuticon
windowmanager.wm0.variables.tooltipdisplaytime
windowmanager.wm0.variables.tooltipdelaytime

– The following registry keys has been fixed and is now working as intended:
windowmanager.wm0.variables.buttonlayout
With this parameter the Button layout in the window titlebar is configured:
O = menu,
T = stick,
| = title,
S = shade,
H = hide,
M = miximize,
C = close
default: |HMC
– The following registry keys have been replaced:
windowmanager.wm0.variables.taskbaractivtrans replaced by:
windowmanager.wm0.variables.taskbaropacity.enter
windowmanager.wm0.variables.taskbartransparency replaced by:
windowmanager.wm0.variables.taskbaropacity.leave
You can now set the transparency level of the taskbar while active/hovered or
inactive/left as percentage value between 0 and 100. Note that this feature needs
a running composite manager. (see Setup -> User Interface -> Display -> Options)

windowmanager.wm0.variables.usewindowlist replaced by:
windowmanager.wm0.variables.usetasklist
You can now completely disable the window button list in the taskbar by
unchecking this parameter.

– The following Setup parameter has been modified:
Removed value [Shade window] from windowmanager.wm0.variables.dblclickaction range.
The “Shade window” action is not supported.

– Added parameter windowmanager.wm0.variables.notifications.opacity to set the transparency
of notifications. This parameter can take values from 0 to 100. A lower value makes the
notifications more transparent. This feature needs a running compositor.
(see Setup -> User Interface -> Display -> Options)

– The content of folders within the advanced start menu now expands as a tree instead of
being displayed in a new subpage.
– Show battery level notifications or run battery level actions:
– as soon as a power plug is unplugged
– in the initial logon screen if kerberos or smartcard logon is enabled
– Upgraded Truetype Fonts: DejaVu and Liberation.
[Multimedia]
– Upgraded Fluendo Gstreamer 0.10 Plugins:
– Fluendo ASF Demuxer 0.10.79
– Fluendo MPEG Demuxer 0.10.85
– Fluendo H264 Video Decoder 0.10.44
– Fluendo WMV Video Decoder 0.10.60
– Fluendo MPEG-4 ASP Video Decoder 0.10.38
– Fluendo MP3 Audio Decoder 0.10.32
– Fluendo WMA Audio Decoder 0.10.59
[Evidian AuthMgr]
– Updated Evidian AuthMgr to version 1.3.5696.
Evidian AuthMgr sessions can be configured at
Setup -> Evidian AuthMgr -> Evidian AuthMgr Sessions

– Changed defaults:
– An Evidian AuthMgr session starts automatically by default now
sessions.rsuserauth<NR>.autostart, (default: enabled)
– No session icon will appear on the desktop by default now
sessions.rsuserauth<NR>.desktop, (default: disabled)
[Hardware]
– Added UDC2 support for:
– Fujitsu Futro S450-2, Futro X913 and Futro X923
– Stone N130 Laptop
– ONYX Healthcare Inc. Venus-222
– Wyse Z90Q7
– ‘System Suspend ‘ whould freeze the Futro X923 and Wyse Z90Q7 under certain
circumstances, so it has been disabled.
[Java]
– Updated Java Runtime Environment to 1.8.0_66.
[2X Client]
– Parallels 2X Client updated to version 14.1.3452
[PowerTerm]
– Updated Ericom PowerTerm 10 version to 10.2.0.0.20150802.1-_dev_-34574
[Firefox]
– Updated Firefox to version 38.4.0 ESR.
– Updated Flash Player download URL to version 11.2.202.548
[Fabulatech]
– Upgraded Fabulatech USB for Remote Desktop to 5.1_20151106
==========================
Resolved Issues:
==========================

[Citrix Receiver 13]
– With Citrix Receiver 13.2.1:
Fixed focus issues with IBM Lotus Notes application
– Fixed “Multi Monitor Fullscreen Mode” and “XenApp/StoreFront Start Monitor”
configuration: With Kerberos Passthrough authentication or after running
the refresh command both parameters were ignored.
[Citrix]
– Citrix StoreFront/XenApp fixes:
– Fixed long startup time when starting the first application
– During refresh command do not start any application automatically. The
auto start applications are handled only during the initial logon.
– Fixed sporadic freezes of the session
– Fixed secure connection problem in Citrix XenDesktop Appliance Mode. This resolves Firefox
rejecting a secure connection with warning ‘ssl_error_unsupported_version’.
– Fixed seamless application windows that did not appear in the taskbar from time to time.
– If you have problems with minimizing/restoring a maximized Firefox application, enable
registry key: ica.wfclient.twisetfocusbeforerestore and use the default Citrix Receiver 13.2.1.
– Fixed auto/restart configuration of Legacy ICA sessions
– Citrix session reconnect now works correctly.
– Fixed typo in default value of hotkey for “Toggle SpeedScreen” in Citrix sessions.
[Imprivata]
– Added parameter imprivata.xen_new_session (xenapp-try-to-launch-new-session).
This parameter enables an internal Imprivata client parameter, which fixes
problems with double-reconnects with XenApp 6.5.
[RDP/IGEL RDP Client 2]
– Fixed sporadic freezes of the session
– Fixed a problem of accessing the smart card after session redirection. Before in some cases a
smart card wasn’t accessible after session was redirected to another server.
– Fixed RD-Gateway functionality. Previously some sessions to a gateway server froze and
were not recoverable.
– Fixed problem which prevented connection to Windows XP VDIs.
– Sporadic small vertical glitches in fast moving PowerPoint presentations fixed.
– Fixed random RDP drawing issue.
– The sent client hostname is now configurable. The used hostname can be selected at:
Setup -> RDP -> RDP Global -> Options -> Client Name (default: empty)
– Fixed Local Logon Window. If all fields except the password field is prefilled and you
enter the password and press RETURN, the session starts immediately.
Before you had to press RETURN twice to start the session.
– Fixed splash screen positioning in multi monitor setups. Now the splash screen should always
be positioned in the center of the monitor, on which the session will appear.
– Fixed RDP clipboard issues. Copying plain text, HTML and bitmaps is supported now.
– Added a new error message to inform the user, that the server requires network authentication but
network authentication is not enabled for the session.
– Fixed password change dialog in a session. The dialog tells you
to press CTRL+ALT+END, but the Windows Server expects CTRL+ALT+DEL. Now you can press
CTRL+ALT+END as mentioned in the Windows dialog, and the client sends CTRL+ALT+DEL.
[RD Web Access]
– Fixed several RDP remote app issues:
– Window drawing issues have been fixed.
– Maximized window handling has been fixed.
– Fullscreen window handling has been fixed.
– Window positioning issues have been fixed
[VMware Horizon]
– Fixed a problem which prevented connection to Windows XP VDIs
– Fixed log file for Horizon View Client not being saved to /var/log/vmware-view/vmviewsessX.debug
if sessions.vdm_client0.options.debug is active.
– Fixed crash which prevented start of VMware Horizon Client in certain cases
– Fixed issues with loging of virtual channels which leads to shortage of memory when the
client runs a long time.
– Fixed bug in starter utility for VMware Horizon Client which resulted in omission of RDP options
in some cases.
– Fixed Local Logon Window. If all fields except the password field is prefilled
and you enter the password and press RETURN, the session starts immediately.
Before you had to press RETURN twice to start the session.
– Removed inoperative registry key vmware.view.savelastlog
[2X Client]
– Parallels 2X Client updated to version 14.1.3452
This version fixes an issue with minimization of Internet Explorer windows.
[PowerTerm]
– Updated Ericom PowerTerm 10 version to 10.2.0.0.20150802.1-_dev_-34574:
Fixed display problem in VT420 emulation concerning character attributes in origin mode.
[X session (Xephyr)]
– Fixed long start delay of XDMCP chooser and wrong background image with
“indirect over localhost” XDMCP method.
– Fixed quit hotkey
[Firefox]
– Fixed Local Browser not being able to play .swf-files.
– Fixed secure connection problem in Citrix XenDesktop Appliance Mode. This resolves Firefox
rejecting a secure connection with warning ‘ssl_error_unsupported_version’.
– Fixed parameter Setup -> Browser -> Browser Sessions -> <session name> -> Hotkeys ->
Disable Hotkeys for Caret Browsing having no effect.
– Fixed flashplayer not installable/updateable while the client is in a firefox-based appliance
mode (i.e. Citrix XenDesktop and RHEV/Spice).
– Fixed browser certificate deployment in cases when an additional browser profile got created
and did not get the already deployed browser certificates.
[Network]
– Fixed client trying to transfer configuration to UMS even though remote management is disabled.
– Fixed bind9 security issues: CVE-2015-5722, CVE-2015-5477, CVE-2015-4620, CVE-2015-1349,
CVE-2014-8500, CVE-2014-0591, CVE-2013-4854, CVE-2012-5689, CVE-2013-2266, CVE-2012-4244,
CVE-2012-5688, CVE-2012-4244, CVE-2012-5166, CVE-2012-3817, CVE-2012-1033, CVE-2012-1667,
CVE-2011-2464, CVE-2011-1910, CVE-2010-3613, CVE-2010-3614 and CVE-2010-3615
– Fixed iputils security issue: CVE-2010-2529
– Fixed xinetd security issue: CVE-2012-0862
– Fixed host name / network name: previously it could happen that the hostname is a fully
qualified domain name. Furthermore now all host names are converted to upper case by default.
This can be controlled by the new registry key:
network.dns.hostname_conversion
display name: Conversion of Terminal Name
(default: to upper case)
range: none, to upper case, to lower case
[Genucard VPN]
– Fixed update second stage problems. No timeout is reached anymore
[Evidian AuthMgr]
– Fixed credential problem with password containing $ (dollar sign, ASCII code 36).
[Smartcard]
– Fixed HP USB Smartcard CCID Keyboard to work with SecMaker Net iD PKCS11 library.
– Fixed smart card PIN input in server side Nexus Personal software with readers without PIN pad,
handled by Open Source CCID driver, e.g. Gemalto PC Twin Reader.
[CUPS Printing]
– Fixed functionality to set the CUPS print job user name to the name of the logged in Active
Directory user name (controlled by parameters print.cups.use_krbuser and print.cups.krbuser_format).
– Fixed printing via TCP/IP USBLP when a Elo Multitouch (USB) or a Elo Singletouch (USB) is connected.
[Desktop]
– Fixed desktop icons with very long labels overlapping adjacent icons.
– Fixed desktop icons and menus not getting refreshed correctly in certain circumstances
– Fixed a rare problem with the background of systray icons, which should now always correspond
to the background of the taskbar.
– Fixed the resize window issue while using ELO serial/USB touchscreens
– Disabled possibility to drag and drop desktop icons onto each other.
[base system]
– Firmware update process and creating of Custom Partition, Custom CI Partition
(Custom Wallpaper or Custom Bootscreen) or Firefox Profile Partition run now exclusively,
to avoid damages in the firmware.
– Fixed sessions not restarting if the restart parameter was switched from deactivated
to activated during runtime.
– Fixed Kerberos configuration in case “Default Domain” parameter is left empty.
– On-screen keyboard fixes:
– A reasonable size is ensured on the lock/login screen
– Visual feedback is reduced (ordinary keys are not highlighted) when shadowing is active.
– Fixed SMB-Mount not mounting share folders if user password contains the comma char “,”.
– Fixed bug: A system booted from USB memory stick crashed when USB access rules were modified.
– Custom wallpapers can now be downloaded over untrusted SSL connections.
– Fixed noise in sound output if the ‘Mic Playback Volume’ and ‘Mic Boost’ are set to
maximal value on the IGEL H830.
– Fixed passthrough authentication failing after changing password.
– Fixed a problem with IGEL on-screen keyboard and ICA/RDP session in full screen.
The Igel on-screen keyboard and taskbar were not visible in a full screen session.
Important: The virtual keyboard in the ICA/RDP full screen session should be activate.
– Fixed firmware update from a USB stick if Active Directory login is active.
– Replaced ntpdate with sntp + wrapper script to speed up time synchronisation.
– Fixed icu security issues: CVE-2015-2632, CVE-2015-4760, CVE-2013-1569, CVE-2013-2383,
CVE-2013-2384, CVE-2013-2419, CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926,
CVE-2014-7940 and CVE-2014-9654
– Fixed hplip security issue: CVE-2015-0839
– Fixed expat security issue: CVE-2015-1283
– Fixed some security issues in freetype (no CVE numbers)
– Fixed gdk-pixbuf security issues: CVE-2015-7673, CVE-2015-767 and CVE-2015-4491
– Fixed nss security issues: CVE-2015-2721 and CVE-2015-2730
– Fixed pcre3 security issues: CVE-2014-8964, CVE-2015-2325, CVE-2015-2326 and CVE-2015-5073
– Fixed net-snmp security issues: CVE-2014-3565 and CVE-2015-5621
– Fixed libvdpau security issues: CVE-2015-5198, CVE-2015-5199 and CVE-2015-5200
– Fixed libwmf security issues: CVE-2015-0848, CVE-2015-4588, CVE-2015-4685 and CVE-2015-4696
– Fixed openssh security issues: CVE-2015-5600 and CVE-2015-5352
– Fixed nvidia-graphic-driver-304 security issue: CVE-2015-5950
– Fixed cups-filter security issues: CVE-2015-3258 and CVE-2015-3279
– Fixed gcc-4.8 security issue: CVE-2014-5044
– Fixed samba security issues: CVE-2015-0240, CVE-2014-8143, CVE-2014-3560, CVE-2014-0178,
CVE-2014-0239, CVE-2014-0244, CVE-2014-3493, CVE-2013-4496, CVE-2013-6442, CVE-2013-4124,
CVE-2013-0172, CVE-2013-0213 and CVE-2013-0214
– Fixed sqlite3 security issues: CVE-2013-7443, CVE-2015-3414 and CVE-2015-3416
– Fixed tiff security issues: CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130,
CVE-2014-9330, CVE-2014-9655, CVE-2013-4231, CVE-2013-4232, CVE-2013-4243 and CVE-2013-4244
– Fixed rpcbind security issue: CVE-2015-7236
– Fixed unzip security issues: CVE-2015-7696, CVE-2015-7697, CVE-2015-1315, CVE-2014-9636,
CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141
– Updated several packages from trusty to current versions
– Fixed handling of failed firmware update from a USB storage.
– Fixed libaudio2 security issues: CVE-2013-4258, CVE-2013-4257 and CVE-2013-4256
– Fixed libexif security issues: CVE-2012-2814, CVE-2012-2840, CVE-2012-2813, CVE-2012-2812,
CVE-2012-2841, CVE-2012-2836 and CVE-2012-2837
– Fixed lzo security issue: CVE-2014-4607
– Fixed bash security issues: CVE-2014-6271, CVE-2014-7169, CVE-2014-7187, CVE-2014-7186,
CVE-2014-6278 and CVE-2014-6277
– Fixed libvte security issues: CVE-2012-2738 and CVE-2012-2738
– Fixed rsyslog security issues: CVE-2014-3634, CVE-2014-3683 and CVE-2011-3200
[Storage Devices]
– Fixed problems with USB storage hotplug after removal of an IGEL smartcard.
[X server]
– Updated INTEL xorg driver from 2.99.910 to 2.99.914
– Fixed some backlight control issues with Intel Notebooks with using intel_backlight
instead of acpi_video0 as backlight control.
The corresponding switch is in the IGEL Registry:
x.drivers.intel.backlight_control
default: “Default” (which uses the INTEL control)
range: Default,INTEL,ACPI
To get back old behaviour switch x.drivers.intel.backlight_control to ACPI.
[Audio]
– Added the following parameter in registry:
multimedia.pulseaudio.daemon.load-module-switch-on-connect (default: true)
This parameter controls if hotplugged USB audio devices will be set as default device.
Disabling the parameter fixes the following problem:
– Dictation with Philips Speech driver can fail with error message
“no audio device available” when a different application is playing audio.
[Multimedia]
– Fixed video redirection of H264 videos in RDP and ICA sessions.
[Printing]
– TCP/IP Print: added DSR output flow control feature to serial port devices. Activate with
parameter “Use DSR Flow Control” on pages: Setup -> Devices -> Printer -> TCP/IP ->COM X
and Setup -> Devices -> Printer -> TCP/IP -> Additional Serial Ports
[Hardware]
– Fixed non working VGA on Futro S700
[Remote Management]
– Fixed visibility of Smartcard, Touchscreen and Dictation related parameters in UMS
– Fixed automatic firmware update that under certain conditions could be invoked while other
settings are being applied and collides with running configuration scripts.
– File transfer mechanism now sends more verbose error messages to UMS.
– Fixed check of the exit status of file transfer between UMS and TC.

Release: XenDesktop 7.6 FP3 is now available at www.citrix.com

September 30th, 2015

Hello Folks,

Citrix XenDesktop/XenApp 7.6 feature pack 3 is now available in the download area at citrix.com.

It contains minor updates for nearly all XenDesktop/XenApp components but make sure your licenses have an SA date min. 21 September 2015 before you perform the upgrade to your environment.

Cheers

Michael

Tip: How to detect the used monitor connectors thru the IGEL Linux

September 30th, 2015

Hi Folks,

you need to figure out the names of the used Monitor connectors (DVI, Displayport, HDMI or VGA) and/or you run into issues if you want to configure the display setup by your own and never got it to work?

Open the IGEL Setup and create a Terminal Session in Accessories, make sure that the Display Setup is fully set to Auto in the User interface configuration.

Now start the Terminal Session and login as root, enter the command: “xrandr -q”; this will give you a list which Monitor connectors are used and the supported resolutions. Now you can configure your display setup as required.

Cheers

Michael

Release: IGEL Universal Management Suite 4.09.120

August 20th, 2015

Hi Folks,

there is a “new” Universal Management Suite release available, iam sorry for the delay but currently i don’t spend much time into the blog.

 

=====================
IGEL Universal Management Suite
=====================
Version 4.09.120
Release date: 17.07.2015

=====================
Notes
=====================

Windows Server 2003 is no longer supported by the IGEL UMS (Java 8 does not
support Server 2003).

The option to accept UMS server certificate temporary when connecting with
UMS console was removed due to incompatibility with security enhancements.

The linux installer is tested with
– Ubuntu 12.04 (x86, 32bit) and Ubuntu 14.04 (x86, 32bit and 64bit)

For further compatibility information check the Universal Management Suite
data sheet at www.igel.com.

*****************************************************************************
UMS 4.09.120 (stable build based on version 4.09.110)
*****************************************************************************
=====================
New features
=====================
[Configuration Dialog]
– Updated configuration dialog to provide setup pages of upcoming LX
release v5.07.100

=====================
Fixed bugs
=====================
[Console, common]
– Fixed: A bug whereby the user got “SSL error: Unrecognized SSL message,
plaintext connection?” after updating from UMS version 4.01.100 to 4.09.100
(4.09.110) at logon.
– Fixed: Objects could not be renamed from within the content area; renaming
in the management tree worked without problems
[Profiles]
– Fixed: A profile could not be created if the UMS works with a PostgreSQL
database.
– Fixed configuration dialog issue: display page was not displayed if feature
‘Multi monitor support’ was disabled in a profile
[Thin clients]
– Fixed thin client import issue: during thin client import with long format
the fields ‘comment’ and ‘last known ip’ were mixed up
– Fixed profile assignment issue: indirect assigned profiles might have no
effect if there are directories without assignments between thin client and
directory with assignment
[Views]
– Fixed delete view issue: deleting two or more views at once (multi selection)
failed; applied to UMS on oracle and SQL Server database only
[Universal Firmware Update]
– Fixed: Deleting a universal firmware update in the UMS caused the deletion of
the whole WebDav folder. This bug occurs for universal firmware updates
(created by “Snapshot -> Universal Firmware Update”) which are stored directly
in one of the WebDav folder.
[Configuration Dialog]
– Fixed problems with blue colored tree nodes in setup tree.
[Server, common]
– Fixed: ums startup failed after update installations (4.09.100 to 4.09.110)
in rare cases
[Administrator application]
– Fixed administrator application issue: administrator application won’t start
if there is no data source defined

Tip: Fixing Windows 8.x to 10 Upgrade (Part 1… I assume.. :-( )

August 4th, 2015

Hello Folks,

did you also already tried to upgrade to Windows 10? On some devices it runs smoothly but on other one’s it could be a real nightmare… To be honest i assume the release was a little bit to early or the developers for the upgrade routines got a few beer to much during the development. As you can read iam currently not really happy with the upgrade process….

Why? I tried to upgrade a bunch of different devices and only on 50% the upgrade worked with the first try… On the other devices like the Surface Pro 2 it fails with really funny and nonsense error messages. There are already a lot of tweaks available but here is a small checklist to prepare the upgrade from my site.

1) Run “Dism /Online /Cleanup-Image /RestoreHealth" to verify your current installation (Windows 8.x) is working fine and correct. Maybe you are required to solve seperate issue here, try google in this case.. :-)
2) Uninstall any Virus Scanner from your current Windows, Virus Scanners can cause a lot of issues during the upgrade.
3) Add a Registry entry "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade" DWord 32-> "AllowOSUpgrade" and set it to "1". (This seams also to force the upgrade if you did not got the Microsoft upgrade notice in advance).
4) If you already tried to upgrade remove the $Windows.~BT and $Windows.~WS folders from drive C:
5) Reboot and retry the upgrade thru Windows update.

In some cases this will fix the issue but not always so i assume there will be some follow up articles…. 🙁

Cheers

Michael

 

Release: IGEL Universal Desktop LX/OS 5.07.100

August 4th, 2015

IGEL Linux
==========
Version 5.07.100
Release date 2015-07-31
Last update of this document 2015-07-20

Supported devices:
IZ2-RFX, IZ2-HDX, IZ2-HORIZON
IZ3-RFX, IZ3-HDX, IZ3-HORIZON
UD2-LX 40, UD2-LX 31, UD2-LX 30
UD3-LX 42, UD3-LX 41, UD3-LX 40, UD3-LX 31
UD5-LX 50, UD5-LX 40, UD5-LX 30
UD6-LX 51
UD9-LX Touch 31, UD9-LX 30
UD10-LX Touch 10, UD10-LX 10

The online Release Notes can be found at http://edocs.igel.com/index.htm#10203510.htm
Registry Keys of parameters are listed there.

==============
Versions:
==============
Clients:
– Citrix Access Gateway Standard Plug-in 4.6.3.0800
– Citrix HDX Realtime Media Engine 1.8.0-258
– Citrix Receiver 12.1.8.250715
– Citrix Receiver 13.0.4.281908
– Citrix Receiver 13.1.4.322630
– Dell vWorkspace Connector for Linux 8.5.0
– Ericom PowerTerm 10.1.0.0.20140313.1-_dev_-31580
– Ericom PowerTerm 9.2.0.6.20091224.1-_rc_-25848
– Ericom Webconnect 5.6.0.4000-rel.20413
– Evidian AuthMgr 1.3.5664
– FabulaTech USB for Remote Desktop 5.1.0
– Firefox 38.1.0
– IBM iSeriesAccess 7.1.0-1.0
– IGEL Legacy RDP Client 1.0
– IGEL RDP Client 2.1
– Imprivata OneSign ProveID Embedded
– Leostream Java Connect 3.0.57.0
– NCP Secure Client (Enterprise) 3.25-rev23310-i686
– Open VPN 2.3.2
– NX Client 4.6.3
– Oracle JRE 1.8.0_51
– Parallels 2X Client 14.1.3414
– Remote Viewer 2.0 for RedHat Enterprise Virtualization Desktops
– Systancia AppliDis 4.0.0.14
– Thinlinc Client 4.4.0-4775
– ThinPrint Client 7.0.65
– Totem Media Player 2.30.2
– Virtual Bridges VERDE Client 7.1.1_rel.24005
– VMware Horizon client 3.4.0-2769709
– Voip Client Ekiga 3.2.7

Dictation:
– Driver for Grundig Business Systems dictation devices
– Driver for Olympus dictation devices
– Legacy Philips Speech Driver 5.0.10
– Philips Speech Driver 12.3.5

Smartcard:
– PKCS#11 Library A.E.T SafeSign 3.0.93
– PKCS#11 Library Athena IDProtect 623.07
– PKCS#11 Library Gemalto IDPrime 1.1.0
– PKCS#11 Library SecMaker NetID 6.3.0.50
– Reader Driver ACS CCID 1.0.5
– Reader Driver HID Global Omnikey CCID 4.0.5.5
– Reader Driver MUSCLE CCID 1.4.19
– Reader Driver Omnikey CCID legacy-3.6.0
– Reader Driver Omnikey RFID legacy-2.7.2
– Reader Driver REINER SCT cyberJack 3.99.5final.SP03
– Reader Driver Safenet / Aladdin eToken 8.1.0-4
– Reader Driver SCM Microsystems SDI011 5.0.18
– Reader Driver Identive / SCM Microsystems CCID 5.0.33
– Resource Manager PC/SC Lite 1.8.12

System Components:
– Graphics Driver ATI 7.3.0
– Graphics Driver INTEL 2.99.910
– Graphics Driver VIA 5.76.52.92-151843
– Kernel 3.13.11-ckt20 #54.91-ud-r1292
– Xorg X11 Server 1.15.1
– Xorg Xephyr 1.15.1

==============
Information:
==============

IMPORTANT:
This release integrates three Citrix Receiver versions: 12.1.8, 13.0.4 and 13.1.4.
Only one of these versions can be active at a time.
You can change the Receiver version in IGEL Setup/UMS on page
“Sessions->Citrix XenDesktop / XenApp->Citrix Receiver Selection”
==============
Known issues:
==============

[Citrix]
– It can happen that the window of a published Firefox can get unusable when the window is maximized,
then minimized and maximized again. This can also happen to other applications, too.

[Citrix Receiver 13]
– Randomly seamless application window are displayed twice in a dual monitor setup.

[VMware Horizon]
– Remote Applications are not seamless in the strict sense.
These are rather displayed in an extra window decorated by the TC’s window manager.
– If more applications defined and started in the same session, all are displayed inside this window.
The default size of this window can be defined in the Window section of the Horizon session.
– PCoIP user input language synchronization is currently broken.

[Dell vWorkspace Connector]
– Seamless applications exported from Win8/8.1 desktops show display errors when
dragged to the screen edges.
– With a dual monitor configuration flash redirected windows can appear on wrong screen.
– After the start of a seamless session the window is initially maximized before being
resized to the correct size.
– Windows XP sessions might not work properly anymore.
– Only standard 105 keys PC keyboards are supported.
Not supported anymore: Trimodal, Sun Type 6 or IBM 122 keys.
– Mapping of drives to a dedicated drive letter is not possible anymore.
– If Com-port redirection is enabled all linux serial ports (/dev/ttySx) will be mapped.
– If printer mapping is enabled all printers configured in CUPS are mapped.
– For Multimedia Redirection sound redirection with WMV/WMA streams is not working.
– USB Redirection may not work reliable.
– Session starts only if RDP Local Logon Window
(IGEL Setup->Sessions->RDP->RDP Global->Local Logon) is active.

[Genucard VPN]
– Network loss, network reconfiguration or dis- and reconnecting genucard requires session restarts

[Evidian AuthMgr]
– Active Directory users with a password containing special characters may have problems to
authenticate with the configured session.
Known special characters which results in errors are:
$ (dollar sign, ASCII code 36)
` (grave accent, ASCII code 96)
´ (acute accent, ASCII code 239)

[Universal MultiDisplay]
– X-Sessions don’t work with UMD currently.
– Java TC Setup can show display corruptions.

==============
IGEL Linux 5.07.100
==============
New Features:
==============

[Citrix]
– Updated Citrix Receiver 13.1 to new version 13.1.4.322630
– Added a host name length check: If a host name has more than 20 characters it might cause problems under
some server configurations, therefore StoreFront/XenApp Login displays a warning notification.
Registry key:
“Check hostname length” ica.pnlogin.check_hostname (default: enabled / disabled).
– Upgraded Citrix Lync RTME to 1.8.0-258. The new version supports both Lync 2010 Client and
Lync 2013 Client in a virtual desktop or a seamless application.
– StoreFront/XenApp Login uses predefined user and domain also without autologon function.
– Improved the visual feedback of starting Citrix sessions with the browser. Now there will be displayed a popup notification
with application name.

[RDP/IGEL RDP Client 2]
– Added RD Web Access server e-mail discovery. Configurable at:
“IGEL Setup->Sessions->RDP->Remote Desktop Web Access->Server”
By setting “Server configuration” to “Ask user”, the user gets a dialog
either to enter his e-mail for e-mail discovery or to enter the hole Server URL to the Web Access Server.
– Added MultiPoint Server support as an IGEL appliance mode.
The appliance can be enabled at:
IGEL Setup->Sessions->Appliance Mode
Set the “Appliance mode” to “RDP MultiPoint Server”. The server will be automatically detected.
A target server could be predefined by “Connect to server once it has been found” parameter.
If this server has been found, a RDP connection will be established immediately.
– Implemented support for Hardware Video Acceleration in RDP-EVOR Video Redirection.

[VMware Horizon]
– Update VMware Horizon client to version 3.4.0-2769709
– Added Local Logon for Horizon Sessions:
IGEL Setup->Sessions->Horizion Client->Horizont Client Global->Local Logon
Registry keys: vmware.login.*
This new feature allows customization of the login mask for VMWare Horizon Sessions, predefinition of the
user, password and/or domain field and storing of the last login credentials.
Moreover, the new local logon can be used for both, session and appliance mode.
Additional possibilities of customization (i.e. height/width of login mask, custom logo, custom title) can be
found in the registry under: vmware.login.*

[2X Client]
– Updated 2X Client to Parallels 2X Client 14.1.3414
Added new “RemoteFX” option
IGEL Setup->Sessions->Parallels 2X Client->Parallels 2X Sessions->[session name]->Experience
Registry key: sessions.twox<NR>.experience.remotefx (defaut: enabled / disabled)

[NX client]
– Updated NoMachine NX Client to version 4.6.3

[ThinLinc]
– Updated ThinLinc client to version 4.4.0-4775
– Added Multi Monitor configuration with parameter “Full screen all monitor”:
IGEL Setup->Sessions->ThinLinc->ThinLinc Global->Window
thinlinc.full_screen_all_monitors; default: enabled / disabled
IGEL Setup->Sessions->ThinLinc->ThinLinc Sessions->[session name]->Window
sessions.thinlinc<NR>.config.full_screen_all_monitors; default: enabled / disabled

[Firefox]
– Updated Firefox to version 38.1.0 ESR
– Updated Flash Player download URL to version 11.2.202.491
– Added possibility to preset proxy connection for Browser Session with username, password and realm
IGEL Setup->Sessions->Browser->Browser Global->Proxy:
“Proxy Realm” browserglobal.app.conv_proxy_preset_cred.realm
“Username” browserglobal.app.conv_proxy_preset_cred.username
“Password” browserglobal.app.conv_proxy_preset_cred.crypt_password

– Added parameters to change the behaviour of URL bar suggestions:
IGEL Setup->Sessions->Browser->Browser Global->Privacy:
“Suggest visited sites in URL bar” browserglobal.app.browser_urlbar_suggest_history; default: enabled / disabled
“Suggest only typed visited sites” browserglobal.app.browser_urlbar_suggest_history_onlyTyped; default: disabled / enabled
“Suggest bookmarked sites in URL bar” browserglobal.app.browser_urlbar_suggest_bookmark; default: enabled / disabled
“Suggest open pages in URL bar” browserglobal.app.browser_urlbar_suggest_openpage; default: enabled / disabled

IGEL Setup->Sessions->Browser->[session name]->Privacy:
“Suggest visited sites in URL bar” sessions.browser<NR>.app.browser_urlbar_suggest_history; default: Global Setting;
range: Global Setting, disabled, enabled
“Suggest only typed visited sites” sessions.browser<NR>.app.browser_urlbar_suggest_history_onlyTyped; default: Global Setting;
range: Global Setting, disabled, enabled
“Suggest bookmarked sites in URL bar” sessions.browser<NR>.app.browser_urlbar_suggest_bookmark; default: Global Setting;
range: Global Setting, disabled, enabled
“Suggest open pages in URL bar” sessions.browser<NR>.app.browser_urlbar_suggest_openpage; default: Global Setting;
range: Global Setting, disabled, enabled

– Added parameter to enable built-in tracking protection:
Enable built-in tracking protectionIGEL Setup->Sessions->Browser->Browser Global->Privacy
“Enable built-in tracking protection” browserglobal.app.privacy_trackingprotection; default: enabled / disabled

IGEL Setup->Sessions->Browser->[session name]->Privacy
“Enable built-in tracking protection” sessions.browser<NR>.app.privacy_trackingprotection; default: Global Setting; range: Global Setting, enabled, disabled

– Added Italian and Japanese Firefox UI translation
– Added Italian dictionary for spell checking
– Renamed Setup->Sessions->Browser->[session name]->Toolbars to
Setup->Sessions->Browser->[session name]->Menus & Toolbars
– Integrated Setup->Sessions->Browser->[session name]->Toolbar Items and Setup->Sessions->Browser->[session name]->Toolbarconfig
into Setup->Sessions->Browser->[session name]->Menus & Toolbars
– Added the following buttons to the list of configurable toolbar elements:
IGEL Setup->Sessions->Browser->[session name]->Menus & Toolbars
“Navigation Toolbar” and “Application Menu”
New elements: social-share-button, loop-button, panic-button,
new-window-button, fullscreen-button, tabview-button, web-apps-button
Note that the webrtc-status-button has been replaced by loop-button!

– Added parameter “Enable Firefox Hello”
Registry: browserglobal.app.loop_enabled; default: disabled / enabled
– Added parameter “Enable Reader Mode”
Registry: browserglobal.app.readermode_enabled; default: disabled / enabled
– Added parameter “Enable Social Integration”
Registry: browserglobal.app.social_enabled; default: disabled / enabled
– Added parameter “Enable Firefox Heartbeat”
Registry: browserglobal.app.heartbeat_enabled; default: disabled / enabled

– Added parameter “Disable navigation elements in context menu”
IGEL Setup->Sessions->Browser->[session name]->Context
Registry: sessions.browser<NR>.app.disable_contextnavigation; default: disabled / enabled

– Added parameter “Use old searchbar” to enable the old searchbar prior to Firefox 38 ESR
IGEL Setup->Sessions->Browser->Browser Global->Advanced
Registry: browserglobal.app.oldsearchbar; default: disabled / enabled
IGEL Setup->Sessions->Browser->[session name]->Advanced
Registry sessions.browser<NR>.app.oldsearchbar; default: Global Setting; Range: Global Setting, enabled, disabled

– Added parameter “Disable GStreamer in Browser”
IGEL Setup->Sessions->Browser->Browser Global->Advanced
Registry: browserglobal.app.disablegstreamer; default: disabled / enabled
IGEL Setup->Sessions->Browser->[session name]->Advanced
Registry sessions.browser<NR>.app.disablegstreamer; default: Global Setting; Range: Global Setting, enabled, disabled

– Added parameter “Disable OpenGL acceleration” to IGEL Setup->Sessions->Browser->Browser Global->Advanced page

– Moved parameter “Languages for Web Pages” from
IGEL Setup->Sessions->Browser->Browser Global->Advanced to IGEL Setup->Sessions->Browser->Browser Global->Content
and from IGEL Setup->Sessions->Browser->[session name]->Advanced to IGEL Setup->Sessions->Browser->[session name]->Content, respectively.

[Network]
– Added NCP VPN Support again:
Upgraded NCP Enterprise VPN Client to version 3.25-rev23310.
– Added support for DHCP provided NTP servers.
Enable use of DHCP provided NTP servers: system.time.ntp_use_dhcp_timeservers, default: enabled
– Upgraded WPA Supplicant to version 2.1
– Upgraded Network-Manager to version 0.9.8.8
– Added possibility to set private key file for TSIG based DDNS Registration.
Setup->Network->LAN Interfaces->Key file for additional DNS authentication
– New IPv6 parameter “IPv6-Configuration” added at
IGEL Setup->Network->LAN Interfaces->Interface1
IGEL Setup->Network->LAN Interfaces->Interface2
IGEL Setup->Network->LAN Interfaces->Wireless
New registry keys:
network.interfaces.ethernet.device0.ipv6_configuration
network.interfaces.ethernet.device1.ipv6_configuration
network.interfaces.wirelesslan.device0.ipv6_configuration
Range: Compatibility mode, Disabled, Automatic, DHCPv6
Default: Compatibility mode
These specify the type of IPv6 configuration for the first and second ethernet device and the WiFi device respectively.
– “Compatibility mode” is equivalent to the behaviour of former versions of the firmware.
NetworkManager ignores the device, but the kernel does some basic configuration, particularly it assigns
a link-local address to the device.
– When “Disabled” is selected IPv6 is disabled completely.
– In the case of “Automatic” the device tries to perform an IPv6 stateless or stateful autoconfiguration
based on router advertisements. Depending on the router advertisements this involves DHCPv6 (see RFC 4861).
– “DHCPv6” is offered as an option, because it is supported by NetworkManager.
It might be used when a DHCPv6 server is available but no router advertisements. Routing has to be
configured by other means then. In practise “automatic” will normally be preferable.
In all cases IPv4 is configured in the usual way.

New registry keys:
network.interfaces.ethernet.device0.dual_stack_timeout
network.interfaces.ethernet.device1.dual_stack_timeout
network.interfaces.wirelesslan.device0.dual_stack_timeout
Type: integer
Default: 15
In the case where “IPv6-Configuration” is set to “Automatic” or “DHCPv6” this is the time in seconds that will be
waited for the other configuration, IPv4 or IPv6, to complete after the first one is done (before running the
scripts that depend on the network being up).

NOTE:
IGEL devices so far cannot communicate with the UMS via IPv6.
Therefore the major application scenario for IPv6 is the following:
– Devices still receive their IPv4 configuration and potentially IGEL-specific
DHCP options from a DHCPv4 server.
– The major part of the settings is received from the UMS via IPv4.
– Currently just the default options are requested from the DHCPv6 server.
So this is limited to receiving the IPv6 address, nameservers and the
DNS search list.
– Regarding DNS only IPv6 nameserver addresses should be delivered (in router
advertisements or DHCPv6 options). The resolver should be able to use those
for retrieving AAAA records and also A records if need be.
– Where clients and servers are prepared to use IPv6 they then will do so.
Examples: An NTP-server (“System->Time and date->NTP time server”) can be
specified as an IPv6 address or a name for which the DNS has only
an AAAA record available. Similarly in a web-browser session IPv6 will be
used when the DNS has AAAA records available for servers.

– Added configuration parameters for handling old IPv4 DHCP leases, when there is no answer from any DHCP server:
network.interfaces.ethernet.device0.dhcp_timeout_lease_handling
network.interfaces.ethernet.device1.dhcp_timeout_lease_handling
network.interfaces.wirelesslan.device0.dhcp_timeout_lease_handling
These specify the behaviour for the first and second ethernet device and the WiFi device respectively.
Range: Reject all old leases, Check leases, Accept any old lease; default: Reject all old leases
“Reject all old leases” is equivalent to the behaviour of former Linux5 systems and means that no old leases are used.
In the case of “Check leases” an old lease is considered ok if the first router answers to a ping.
“Accept any old lease” blindly accepts the first old lease offered by the DHCP client. This is dangerous and it is
reasonable only under extraordinary circumstances.

[WiFi]
– Added configuration for BSSID (MAC address) of a certain Access Point to associate with it. If the BSSID is configured,
then the WPA supplicant is restricted to associate only with this Access Point. The BSSID parameter can be set to the
string value “bestsignal”, then the BSSID of the Access Point with the best signal level is selected. The detection of
the Access Point providing best signal level is executed once during network configuration. The parameters are accessible
only by Registry in IGEL Setup:
For the first configured SSID:
“BSSID” network.interfaces.wirelesslan.device0.bssid (default: not set)
For additional SSIDs:
“BSSID” network.interfaces.wirelesslan.device0.alt_ssid<NR>.bssid (default: not set)
NOTE: Detection of the AP providing best signal level isn’t supported for VIA VNT VT6656.

[Genucard VPN]
– Added change of smartcard PIN
– Added support to rekey genucard
– Added key file extensions .key and .KEY for machine authentication private keys, to bind the Genucard
to a specific thin client.
– Added more detailed error messages
– Added logging mechanism in UI
– Updated Look & Feel

[Open VPN]
– Added Open VPN client support version 2.3.2
– Added new VPN session type OpenVPN at:
IGEL Setup->Network->VPN->Open VPN
Registry keys:
sessions.openvpn<NR>.*
For autostart:
“Enable Autostart During Boot” network.interfaces.openvpn.autostart_enabled (default: disabled / enabled)
“Autostart Session ID” network.interfaces.openvpn.autostart_session_id (default: not set)
– Supported are Open VPN client sessions using different authentication modes
– TLS
– Username/password
– Static key
Accordingly deployment (using eg. UMS or USB storage) of TLS certificate(s) onto the TC is needed.
Default directory for persistent storage of certificates is /wfs/OpenVPN.

[Smartcard]
– Added driver for smartcard reader SCM Microsystems SDI011 Contactless Reader with USB Id 0x04E6:0x512B
– Updated Identive/SCM Microsystems smartcard reader driver scmccid to version 5.0.33.
New supported readers:
USB Id Name
0x04E6:0x5816 SCT3512 Token
0x04E6:0x5817 SCT3522CC Token
0x04E6:0x581A SCT3522DI Token
0x04E6:0x5724 CLOUD 4701 F Smart Card Reader
0x04E6:0x5790 CLOUD 3700 F Contactless Reader
0x04E6:0x5791 CLOUD 3701 F Contactless Reader
0x04E6:0x5713 uTrust 2980 F Smart Card Reader
– Updated open source CCID smart card reader driver to version 1.4.19.
The following readers are newly supported:

USB Vend. USB Prod. Name
0x03EB 0x9324 IIT E.Key Almaz-1C
0x03F0 0x1024 Hewlett-Packard Company HP USB Smart Card Keyboard
0x03F0 0x104A Hewlett Packard HP USB Smartcard CCID Keyboard
0x03F0 0x581D Hewlett-Packard HP lt4112 Gobi 4G Module
0x0403 0xC587 SecuTech SecuTech Token
0x0424 0x1104 Microchip SEC1110
0x0424 0x1202 Microchip SEC1210
0x046A 0x00A1 Cherry KC 1000 SC
0x046A 0x00A2 Cherry KC 1000 SC/DI
0x046A 0x00A4 Cherry KC 1000 SC Z
0x046A 0x00A5 Cherry KC 1000 SC/DI Z
0x04E6 0x5291 SCM Microsystems Inc. SCL010 Contactless Reader
0x04F2 0x0967 Chicony USB Smart Card Keyboard
0x058F 0x9522 Alcor Micro AU9522
0x062D 0x0001 THRC Smart Card Reader
0x076B 0x5400 HID Global veriCLASS Reader
0x076B 0x5427 HID OMNIKEY 5427 CK
0x079B 0x0026 Morpho MSO350/MSO351 Fingerprint Sensor & SmartCard Reader
0x079B 0x0052 Morpho MSO1350 Fingerprint Sensor & SmartCard Reader
0x08AE 0x0BDF Macally NFC CCID eNetPad
0x08E6 0x34C5 Gemalto Ezio Shield Branch Reader
0x08E6 0x8141 Gemalto IDBridge K3000
0x096E 0x0603 PIVKey T800
0x096E 0x0608 Feitian 502-CL
0x096E 0x060D Feitian R502
0x096E 0x061A Feitian bR301
0x096E 0x080F Feitian eJAVA Token
0x09D8 0x0427 Elatec TWN4 SmartCard NFC
0x0A5C 0x5804 Broadcom Corp 5880
0x0A89 0x0080 Aktiv PINPad Ex
0x0A89 0x0081 Aktiv PINPad In
0x0BF8 0x1005 Fujitsu Siemens Computers SmartCard Keyboard USB 2A
0x0BF8 0x1006 Fujitsu Siemens Computers SmartCard USB 2A
0x0BF8 0x1022 FujitsuTechnologySolutions GmbH Keyboard KB100 SCR
0x0BF8 0x1023 FujitsuTechnologySolutions GmbH Keyboard KB100 SCR eSIG
0x0C4B 0x0504 REINER SCT cyberJack go
0x0C4B 0x0520 REINER SCT tanJack Bluetooth
0x0CA6 0x00A0 CASTLES EZCCID Smart Card Reader
0x0D46 0x301D KOBIL Systems IDToken
0x0DB5 0x0138 Access IS ePassport Reader
0x0F14 0x003D Ingenico WITEO USB Smart Card Reader
0x0F1A 0x0002 GIS Ltd SmartMouse USB
0x1050 0x0111 Yubico Yubikey NEO OTP+CCID
0x1050 0x0112 Yubico Yubikey NEO CCID
0x1050 0x0115 Yubico Yubikey NEO U2F+CCID
0x1050 0x0116 Yubico Yubikey NEO OTP+U2F+CCID
0x1059 0x0017 Giesecke & Devrient GmbH StarSign Crypto USB Token
0x15CF 0x0019 Avtor SecureToken
0x15CF 0x001D Avtor SC Reader 371
0x163C 0x0407 Watchdata USB Key
0x163C 0x0A03 Watchdata W5181
0x17EF 0x6007 Lenovo Lenovo USB Smartcard Keyboard
0x17EF 0x6055 Lenovo Lenovo USB Smartcard Keyboard
0x1862 0x0000 Teridian Semiconductors TSC12xxFV.09
0x1A44 0x0101 VASCO DIGIPASS KEY 101
0x1A44 0x0120 VASCO DIGIPASS KEY 202
0x1A44 0x0122 VASCO DIGIPASS KEY 202
0x1C34 0x8141 SpringCard NFC’Roll
0x1C34 0x91B1 SpringCard H663 Series
0x1C34 0xA1A1 SpringCard H512 Series
0x1DB2 0x088B DUALi DRAGON NFC READER
0x1FC9 0x010B NXP PR533
0x1FFA 0x000C Identive Technologies Multi-ISO HF Reader – USB
0x2021 0x0001 AK910 CKey
0x2021 0x0011 AK910 CKey
0x2021 0x0101 AK910 IDONE
0x20A0 0x4108 Crypto Stick Crypto Stick v1.4
0x20A0 0x4109 German Privacy Foundation Crypto Stick v2.0
0x20A0 0x4211 Free Software Initiative of Japan Gnuk Token
0x21AB 0x0010 Planeta RC700-NFC CCID
0x2406 0x6200 IID AT90S064 CCID READER
0x2406 0x6300 Inside Secure VaultIC 420 Smart Object
0x2406 0x6301 Inside Secure VaultIC 440 Smart Object
0x2406 0x6302 Inside Secure VaultIC 460 Smart Object
0x2406 0x6303 INSIDE Secure VaultIC 405 Smart Object
0x2406 0x6305 INSIDE Secure VaultIC 441 Smart Object
0x2406 0x6403 Inside Secure AT90SCR100
0x2406 0x6404 Inside Secure AT90SCR050
0x2406 0x6407 Inside Secure AT90SCR200
0x24A2 0x0102 SafeTech SafeTouch
0x257B 0xD205 eID_R6 001 X8
0x25DD 0x1101 Bit4id miniLector-s
0x25DD 0x1201 Bit4id cryptokey
0x25DD 0x2221 Bit4id iAM
0x25DD 0x2321 Bit4id CKey4
0x25DD 0x3111 Bit4id miniLector
0x2A17 0x0001 udea MILKO V1.
0x8829 0xCCB2 CCB eSafeLD

– Added functionality to execute commands when smartcards are inserted and removed.
The following parameters are added:
“Enable Smartcard Insert and Removal Actions” scard.scwatchd.enable (default: disabled / enabled)
“Smartcard Insert Action” scard.scwatchd.insert_action (default: not set)
command which is executed when smartcard is inserted
“Smartcard Removal Action” scard.scwatchd.removal_action (default: not set)
command which is executed when smartcard is removed

[Driver]
– Updated Philips Dictation Driver to version 12.3.5

[base system]
– Updated Fabulatech USB for Remote Desktop to version 5.1.0
– Updated Kernel to Ubuntu Trusty version 3.13-54.91
– Added Italian GUI translation.
– Added Spanish GUI translation.
– Updated TC Setup to version 4.9.13
– Reworked Power Options:
– Added new XFCE Power Manager daemon 1.4.3
– Added new battery tray icon with:
– new battery information dialog
– new brightness adjustment
– new “Presentation mode” activation, which disables DPMS and screen saver
– more reliable remaining charge and discharge time information
– Renamed IGEL Setup->System->Energy to IGEL Setup->System->Power Options
– System Suspend and CPU Power Plan options now on IGEL Setup->System->Power Options->System
– Battery options now on IGEL Setup->System->Power Options->Battery:
Removed tray icon parameters from setup page, because they are not supported anymore
by the new battery tray icon:
“Display power” windowmanager.wm0.variables.battery_indicator.display_power
“Display percentage in tooltip” windowmanager.wm0.variables.battery_indicator.tooltip_display_percentage
“Display time in tooltip” windowmanager.wm0.variables.battery_indicator.tooltip_display_time

– DPMS options at IGEL Setup->System->Power Options->Display and
IGEL Setup->User Interface->Display->Power Options: It’s possible now
to set different timeout values for battery and AC mode.
“Standby Time” (Plugged in) x.xserver0.standbytime, default: 10 Minutes
“Standby Time” (On battery) x.xserver0.standbytime_bat, default: 6 Minutes
“Suspend Time” (Plugged in) x.xserver0.suspendtime, default: 12 Minutes
“Suspend Time” (On battery) x.xserver0.suspendtime_bat, default: 8 Minutes
“Off Time” (Plugged in) x.xserver0.offtime, default: 15 Minutes
“Off Time” (On battery) x.xserver0.offtime_bat, default: 10 Minutes
From now on only certain timeout values can be set with a drop down box:
Range: Never, 1 Minute, 2 Minutes, 3 Minutes, 4 Minutes, 5 Minutes
6 Minutes, 8 Minutes, 10 Minutes, 12 Minutes
15 Minutes, 20 Minutes, 25 Minutes, 30 Minutes, 45 Minutes
1 Hour, 2 Hours, 3 Hours, 4 Hours, 5 Hours

– New display brightness configuration at IGEL Setup->System->Power Options->Display and
IGEL Setup->User Interface->Display->Power Options for battery and AC mode:
The display brightness can be automatically reduced after a configured idle time.
“Reduce after” (Plugged in) x.xserver0.brightness_on_ac; default: 9 (Never)
Range: 10 – 120 seconds, value 9 is never
“Reduce after” (On battery) x.xserver0.brightness_on_battery; default: 9 (Never)
Range: 10 – 120 seconds, value 9 is never
“On inactivity reduce to” (Plugged in) x.xserver0.brightness_level_ac; default: 80%
Value of the display brightness: 1% – 100%
“On inactivity reduce to” (On battery) x.xserver0.brightness_level_bat; default: 20%
Value of the display brightness: 1% – 100%

– Shutdown options now on IGEL Setup->System->Power Options->Shutdown

[Desktop]
– Added the possibility to define the sorting order of the buttons for application windows in the taskbar. The new
parameter is called “windowmanager.wm0.variables.tasklist_sort_order”. By default the buttons are sorted by
timestamp, just like in previous firmwares. Other sorting types like drag ‘n’ drop, sorting by window title and
grouping are available now.
– Added possibility to store custom files, e.g. documents, pictures or videos on the Desktop. In order to do this,
distribute the respective files via UMS to the location /wfs/user/Desktop on the thin client.
After the next reboot, these files can be accessed through the Desktop. The supported file types and
their associated software can be looked up at: http://edocs.igel.com/index.htm#10203086.htm

[VNC Viewer]
– Added the ability to specify the color depth, which is useful for slow connections:
IGEL Setup->Sessions->VNC Viewer Sessions->[session name]->Misc
“Color Level” sessions.vncviewer<NR>.option.color_depth; default: Default
Range: Default, Very Low (8 colors), Low (64 colors), Medium (256 colors)
Note: With “Default” setting the highest possible color depth is used.

[Evidian AuthMgr]
– Updated Evidian AuthMgr to version 1.3.5664.
Evidian AuthMgr sessions can be configured at
IGEL Setup->Evidian AuthMgr->Evidian AuthMgr Sessions
Registry keys: sessions.rsuserauth<NR>.*
Setup page IGEL Setup->Evidian was renamed to IGEL Setup->Evidian AuthMgr
– Added IGEL Setup->Evidian AuthMgr->Evidian AuthMgr Global and
IGEL Setup->Evidian AuthMgr->Evidian AuthMgr Sessions
setup sections

– Changed defaults:
– An Evidian AuthMgr session starts automatically by default now
sessions.rsuserauth<NR>.autostart, default: enabled / disabled
– No session icon will appear on the desktop by default now
sessions.rsuserauth<NR>.desktop, default: disabled / enabled

– Added support for HTTPS connections
A CA certificate must be configured at
IGEL Setup->Evidian AuthMgr->Evidian AuthMgr Sessions->Evidian AuthMgr Session->Connections
Registry key:
“CA Certificate” sessions.rsuserauth<NR>.parameters.cacert_path, default: not set
– Integrated Restart session to restart all running Evidian AuthMgr sessions.
Restart session can be configured at
IGEL Setup->Evidian AuthMgr->Evidian AuthMgr Global
registry keys: session.rsuserauthrestart0.*
– Added a new parameter to enable the usage of an Evidian Authentication configuration file and
a parameter to define the path to that configuration file.
The feature is not supported by IGEL, but provides the possiblity
to use an Evidian pkcs#11 library via custom partition.
registry keys:
“Use Smartcard Authentication configuration file” sessions.rsuserauth<NR>.parameters.authconf, default: disabled
“Smartcard Authentication configuration file” sessions.rsuserauth<NR>.parameters.authconf_path,
default: /etc/rsUserAuth/authConf.txt
[Java]
– Updated Java Runtime Environment to 1.8.0_51
– see http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
for a detailed list of fixed issues.

[PowerTerm]
– Updated Ericom PowerTerm InterConnect LTC to version 10.1.0.0.20140313.1-_dev_-31580.

[VoIP]
– Added configuration of some video settings for VoIP client Ekiga. In the Registry the following parameters can be set:
“Maximum video bitrate (in kbits/s)” voip.ekiga.codecs.video.maximum_video_tx_bitrate
default: 64; valid range: 16 – 10240

“Video Codecs” voip.ekiga.codecs.video.media_list, default: [theora*90000*0*SIP*1,h261*90000*0*H.323 SIP*1]
Note: Prioritized list of “theora*90000*0*SIP*1” and “h261*90000*0*H.323 SIP*1” codecs, separated by “,” and
enclosed by “[” and “]”

“Picture Quality – Frame Rate Tradeoff” voip.ekiga.codecs.video.temporal_spatial_tradeoff, default: 31
valid range: 0(maximum quality) – 31(maximum frame rate)

“Video Input Device” voip.ekiga.devices.video.input_device, default: Default
Range: Default, Moving Logo (Moving Logo/Moving Logo)
Note: it’s possible to enter other input devices

“Video Size” voip.ekiga.devices.video.size, default: 176×144
Range: 176×144,320×240,352×288,640×480,704×576
Note: it’s possible to enter a custom size

==============
Resolved issues:
==============

[Citrix]
– Fixed refreshing of Citrix StoreFront/XenApp sessions
– Added windowmanager.tweaks.SKIP_NAMELESS_ICA_WINDOWS registry key to skip
ICA seamless windows that have an empty name.
This is to avoid an issue with drop-down boxes in Lotus Notes and potentially in other applications.
– Fixed a focus problem in the IBM/Lotus Notes email search dialog.
Added windowmanager.tweaks.dont_focus_transient_ica_windows registry key for that.
– Removed windowmanager.tweaks.SKIP_WM_FLAG_INPUT_WINDOWS from the settings and from the window manager binary.
[Citrix Receiver 13]
– Fixes with Citrix Receiver 13.1.4:
– Fixed fullscreen sessions with dual screen configurations, if the session window is restricted to one monitor.
– Fixed systray icons: menu from puplished applications lead to a session disconnect.
– Fixed sticky windows keys in Citrix sessions.
– Fixed session disconnects when transferring data continuously
through the Citrix Generic USB or Client drive redirection.

[RDP/IGEL RDP Client 2]
– Fixed session termination on System suspend or after changes in Setup.
– Fixed wrong authentication failed messages if round robin and local logon with network authentication (NTLM) are used.
– Fixed NLA authentication.
– Fixed serial port redirection: implemented DSR handshaking output flow control preventing data loss.
– Fixed application start mechanism. Now you can use the “start application after login” feature again.
– Fixed log on with SafeNet smart card or token.
– Fixed using different gateway credentials if local logon is enabled.
– Fixed reading smart cards with Cherry G80-1502 keyboard integrated serial reader via RDP with COM Port Redirection.

[RD Web Access]
– Fixed drop down lists in Microsoft Dynamics in RDP remote app sessions.

[VMware Horizon]
– Fixed RDP connection problems to Windows XP machines
– Fixed serial port redirection: implemented DSR handshaking output flow control preventing data loss.

[PowerTerm]
– Updated Ericom PowerTerm InterConnect LTC to version 10.1.0.0.20140313.1-_dev_-31580: With this version
the PowerTerm fonts are working again.

[2X Client]
– Fixed the maximize and minimize issue of published application window in multi monitor configuration

[Firefox]
– Added parameter to completely disable the mozplugger plugin in Firefox.
Registry: browser_plugin.mozplugger.disable; default: disabled / enabled
With disabled mozplugger the display of certain documents can be fixed. (PDF, DVI, PS)
– Fixed App Menu button not being hidden if either sessions.browser<NR>.app.main_menubar_hidden or
sessions.browser<NR>.app.use_menubar is active
– Fixed Bookmarks Menu not being hidden in the App Menu and Toolbar if sessions.browser<NR>.app.bookmmenu_hidden is active
– Fixed Home Button not being hidden in the App Menu if sessions.browser<NR>.app.home_button_hidden is active
– Fixed Print Button not being hidden in the App Menu if sessions.browser<NR>.app.print_button_hidden is active
– Fixed Developer Tools button not being hidden in the App Menu if sessions.browser<NR>.app.tools_hidden is active

[Network]
– Fixed deadlock in PPTP VPN which occurs on some devices while a VPN connection is being configurated.
– Upgraded NCP Enterprise VPN Client to version 3.25-rev23310: This version fixes problem leading to system freeze in 5.05.100.
– In connection with 802.1X/WPA Enterprise authentication RSA private key files can now be used unencrypted.
The private key password has to be empty then. PKCS12 files are not affected by the change.
– Improved CA certificate fingerprint check in connection with SCEP. The CA certificate is checked after receiving it and
it is discarded if it fails the test. The check is not done, if the fingerprint in the setup is left empty.
– Fixed SCEP CA Identifier usage. The CA identifier (option -i) is now passed to sscep’s getca method (only).
– If SCEP data shall be used for 802.1X autentication with Ethernet device ethX and the client certificate is
still missing, there is now another attempt at configuring the device without authentication. This depends on
network.interfaces.ethernet.deviceX.ieee8021x.secure_only ,default: disabled
– Improved reaction to changes in SCEP settings.
If there are changes in IGEL Setup->Network->SCEP Client->Certificate any old client private key and
client certificate are discarded.
Changes in Network->SCEP Client->Certification Authority result in a complete reset, i.e. any old CA and RA certificates
as well as any old client certificate and client private key are discarded.

[Imprivata]
– Fixed Imprivata Appliance with Citrix Receiver 13.1 connections.

[Smartcard]
– Fixed Smartcard Reader detection after suspend, in appliance mode.
– Fixed hanging AD / Kerberos Logon: when log on with A.E.T. SafeSign smart card was active, the log on screen
sporadically was freezing. This was occurring only with IGEL UD3-LX 41 and IGEL UD3-LX 42 so far.

[CUPS Printing]
– Fixed not working hpijs printer filter.
– Fixed printing of files with filename which contains special chars (like umlaut or other language specific characters)
via LPD print

[base system]
– Fixed serial port redirection: implemented DSR handshaking output flow control preventing data loss.
– Fixed curl security issues: CVE-2015-3143, CVE-2015-3145 and CVE-2015-3148
– Fixed gstreamer0.10-plugins-bad security issues: CVE-2015-0797
– Fixed CVE-2013-7439 security issue in libxext, libxfixes, libxi and libxrender
– Fixed mime-support security issue: CVE-2014-7209
– Fixed ntpdate security issues: CVE-2015-1798 and CVE-2015-1799
– Fixed nvidia-graphic-drivers-304 security issues: CVE-2014-8091, CVE-2014-8098 and CVE-2014-8298
– Fixed ppp security issues: CVE-2014-3158 and CVE-2015-3310
– Fixed tcpdump security issues: CVE-2015-0261, CVE-2015-2153, CVE-2015-2154 and CVE-2015-2155
– Fixed virtualbox security issues: CVE-2014-6595, CVE-2014-6590, CVE-2014-6589, CVE-2014-6588,
CVE-2015-0427 and CVE-2015-3456 (a.k.a. VENOM)
– Fixed isc-dhcp security issues: CVE-2011-2749, CVE-2012-3954, CVE-2012-3571, CVE-2012-3570, CVE-2012-3955,
CVE-2012-2248 and CVE-2013-2494
– Fixed fuse security issue: CVE-2015-3202
– Fixed libtasn1-6 security issue: CVE-2015-3622
– Fixed xerces-c security issue: CVE-2015-0252
– Fixed libnm security issue: CVE-2015-1322
– Fixed policykit security issue: CVE-2013-4288
– Fixed system upgrade on a device which is configured to be a firmware update buddy. Some partitions can
have same content in a system 4 and in a system 5 firmware but these partitions still keeping the old
firmware magic number. Thus a client can’t update these partitions from such a buddy, because the update process
refuses to use partition’s images containing other magic number then the running firmware. Now the update process
checks magic number of each partition and updates partitions if the magic number mismatches.
– Updated some more base libraries and binaries to Ubuntu Trusty version 14.04.2
– Fixed update of disabled partitions on buddy update server: If buddy device will be rebooted by
the update process, then disabled partitions will be now updated.
– Fixed custom timezone configuration. Custom timezone files must be located at /wfs/zoneinfo/ directory to be considered.
– Firmware update mechanism now calculates available size on the storage taking into account non-auto partitions,
which are created by the firmware at runtime (e.g. Firefox profile partition).
– Fixed execution of initialization action of the custom partition if custom partiton is reconfigured
(e.g. disabled and then enabled again without reboot).
– Improved security with openssl with disabling export ciphers by default and reject dh keys smaller
than 768 bits (fixes LOGJAM vulnerability CVE-2015-4000)
– Fixed openssl security issues: CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792
– Fixed openssl0.9.8 issues: CVE-2014-3508, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3569,
CVE-2014-3568, CVE-2014-3567, CVE-2014-3571, CVE-2014-3570, CVE-2015-0204, CVE-2014-3572, CVE-2014-8275, CVE-2015-0288,
CVE-2015-0209, CVE-2015-0293, CVE-2015-0292, CVE-2015-0289, CVE-2015-0287, CVE-2015-0286, CVE-2015-1791, CVE-2015-1792,
CVE-2015-1790, CVE-2015-1789, CVE-2015-4000 and CVE-2014-8176

[Storage Devices]
– Fixed listing of USB external harddisks in the eject tool (only when dynamic client drive mapping is
enabled) and in the disk utility.
– The Common Toolbar at User Interface -> Display -> Desktop -> Common Toolbar now fully supports the Imprivata appliance mode.

[X server]
– Fixed XC Font Service: connection to remote font server is working again.
– Fixed support for pivot mode with display switcher (advanced configuration)
– Fixed screen remains black in dual screen config after short disconnect.
– Fixed memory leak in VIA graphic driver:
Also fixes issues with UMD hangs or restarts which were caused by the memory leak.

[Desktop]
– Fixed taskbar positioning for certain multimonitor configurations with different screen sizes.

[Universal MultiDisplay]
– Fixed a text rendering issue on the second screen of the Master.
– Fixed not recognized keyboard input on UMD monitor number 2
– Fixed UMD JWS-session X-server crash.

[Printing]
– Fixed TCP/IP printing to USB connected printer. Before it only was working if a CUPS USB printer was configured.
– Increased stability of printing with USB connected printers.

Tip: Troubleshooting Miracast devices and Windows 8.x

July 3rd, 2015

Hi Folks,

did you get a Miracast enabled device like the Microsoft Wireless Display Adapter? But now you suffer during the setup or it “just” did not work?

mswda

Here are a few simple tips’s how to troubleshoot a Miracast connection.

First of all verify that you device is Miracast enabled! To use Miracast you must be use a Miracast enabled GFX-Card and WiFi driver, you can check this out quite simple… Just execute “dxdiag.exe” and select “Save informations”, now open the saved “dxdiag.txt” file with a regular text editor and scroll down to the line beginning with “Miracast:” in the Display Devices area.  If you have “Miracast: Supported” than you are ready to go but i assume that you have a “Miracast: Not supported…”

For Windows Phone you can find a Miracast enabled device list here: http://www.microsoft.com/en-us/mobile/support/faq/?action=singleTopic&topic=FA143456

If you run into a “Miracast: Not supported by Graphics Driver” issue make sure that you have installed the latest driver! By default newer Intel devices are working well also with low end Atom based tablets if they are not to old. You can download the latest Miracast enabled Intel Drivers from here: https://downloadcenter.intel.com/search?keyword=4th+Generation+Intel%C2%AE+Core%E2%84%A2+Processors+with+Intel%C2%AE+HD+Graphics+4400. This driver supports a bunch of devices but be aware that not all devices are supported for Miracast, just review the driver release notes (see picture below).

IntelMiracast

AMD could be also be tricky, in anyway you mostly are required to perform a driver update but for a couple of AMD Devices you are required to add a registry entry “DalWirelessDisplaySupport” as Dword set to 1 in the HKEY_LOCAL_MACHINE_System\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\00?? area. 00?? means you have to figure out which registry part handles your AMD GFX-Card.

If you run into a “Miracast: Not supported by WiFi Driver” issue you are required to update your wireless driver or maybe forced to replace the Wireless Module.  For Intel devices there is a good article here: http://supportkb.intel.com/wireless/wireless-display/templates/selfservice/intelwidi/#portal/1026/article/2511 to verify if your components are supported or “not”.

If you have a “Miracast: Supported” message in the dxdiag.txt but still you are not able to connect to the Miracast Device the fun beginns…

1) If the Hyper-V role is installed make sure that you have not assigned a virtual switch to the Wireless network card.

2) Make sure that no VPN client is installed during your tests, this can prevent the Miracast connection….

3) ..similar for a Virus Scanner inspecting the network traffic. During my tests i never got an issue with the enabled Windows Firewall but in any way disabling the Windows Firewall could be also tested.

4) Miracast currently works for 2,4GHz wireless connections, if you are connected to a 5GHz wireless lan a Miracast connection can not be started. This is not well documented but during my tests i never was able to connect to a Miracast device if my WiFi was connected to a regular 5GHz wireless network. The funny thing, i was able to browse the Miracast devices but if trying to connect it just hangs without any error message… So make sure that you are connected to a 2,4GHz network. In rare cases you might be also forced to fully disconnect from the wireless lan->setup the miracast connection->join the wireless lan again.

So the shortlist:

1) Make sure you have the right hardware and the right drivers installed!

2) Make sure you wireless network connection is configured well!

Have Fun!

Michael

 

Info: cloud-client.info App has been removed from the Windows Store.

July 1st, 2015

Hi Folks,

i’ve removed the cloud-client.info App from the Windows Store, if you have already installed the App you can use it for an unlimited time but there will be no future updates. Thank you to all people using the app and sorry that i don’t have the resources available to keep the app running.

Cheers
Michael

Release: IGEL Universal Desktop W7 and W7+ 3.10.100

June 10th, 2015

IGEL Universal Desktop W7
=========================
Version 3.10.100
08. June 2015

Supported devices:
UD3-W7, UD5-W7, UD6-W7, UD9-W7, UD9-W7 Touch, UD10-W7, UD10-W7 Touch,
UD3-730 W7, UD3-740 W7, UD5-730 W7, UD5-740 W7, UD9-730 W7, UD9-731 W7

====================
Notes:
====================

====================
Drivers:
====================
– D-LINK DWA-131 Nano: 1085.7.0815.2009
– D-LINK DWA-131 REVB Nano: 1015.6.0210.2012
– eGalax xTouch: 5.11.0.9020
– FTDI UsbToSerial: 2.02.04
– Gemalto Minidriver for .NET Smart Card: (WES7: 8.3.1.3)
– Intel 945 Express: 8.15.10.1930
– Intel AHCI : 11.2.0.1006
– Intel Centrino WIFI N-1000: 15.1.0.18
– Intel HD Graphics: 36.15.0.1073
– Intel HD Graphics: 9.17.10.2875
– Intel PCI Communication Controller : 8.0.0.1262
– OmniKey Cardman 3×21: 1.2.15.0
– Prolific PL-2303 USBtoSerial: 2.0.2.8
– Qualcom Atheros WIFI: 10.0.0.285
– Ralink RT309x/2860: 3.02.01.0
– Ralink WIFI RT357x 5.1.7.0
– Realtek 8168: 7.61.612.2012
– Realtek HD Audio: 2.63
– Realtek RTL8169 Version: 7.43.321.2011
– RTL8168C: 7.018.0322.2010
– VIA Chrome 9 VX855: 8.14.14.0141
– VIA Chrome9 VX900 for UD10: 8.14.14.0231
– VIA Chrome9 VX900: 8.14.14.0181
– VIA HD Audio VT1708B: 6.0.01.8700
– VIA WIFI VT6656: 1.1.0.2

====================
Applications:
====================
– .NET: 3.5 Sp1
– Citrix Receiver: 4.2 (14.2.100.14)
– Client for RedHat RHEV-D: 3.0-26
– Ekiga VOIP Client: 3.2.6
– Ericom PowerTerm: 9.2.0.0
– Ericom WebConnect: 5.6.1.1000
– Fabulatech USB for Remote Desktop: 5.0.2
– Internet Explorer: 11
– Leostream Connect Client: 2.7.129.0
– Microsoft RDP Client : 8.1
– NCP Enterprise Client: 9.30
– NXClient: 3.4.0.7
– Quest vWorkspace Client: 8.0.3
– Sumatra PDF Reader: 2.1.1
– Sun JAVA RE: 1.8 Update 40
– Thin Print: 8.6
– Tight VNC Server: 2.7.10
– USB Redirection for RedHat RHEV-D: 3.0-26
– VMware Horizon Client Version: 3.1.0 build-2085634
– Windows Media Player: 12

====================
New features:
====================
[Browser]
– Updated Internet Explorer to version 11
In IGEL registry

*** reduced to improve view by cloud-client.info, see firmware readme for more information’s ***

[RDP]
– Updated Microsoft RDP client to version 8.1

[JAVA]
– Updated Sun Java Runtime to version 1.8 Update 40

[ICA]
– Updated Citrix Receiver to version 4.2.100
On IGEL setup page “Sessions->Citrix->Self-Service Plug-In->Appearance”
(registry key: ica.selfservice.desktopdisplayrootfolder, default: “”)
On IGEL setup page “Sessions->Citrix->Self-Service Plug-In->Desktop integration”
(registry key: sessions.selfservice%.desktop, default: false)
(registry key: sessions.selfservice%.startmenu, default: true)
In IGEL Registry
(registry key: ica.selfservice.enable_selfservice_mode, default: false)
(registry key: ica.selfservice.show_add_store_nss_mode, default: false)

====================
Bug fixes:
====================
[System]
– Fixed connection to hidden SSID WIFI
– Fixed that “Userinterface->Desktop->Disable Lock Workstation” shows no effect
On IGEL setup page “Userinterface->Desktop->Administrators”
(registry key: userinterface.desktop.user0.disable_lock_workstation, default: false)
On IGEL setup page “Userinterface->Desktop->Users”
(registry key: userinterface.desktop.user1.disable_lock_workstation, default: false)

[RDP]
– Fixed a bug that rdp autostart session looses focus
In IGEL Registry
(registry key: sessions.autostart_delay, default: 5)
– Fixed that rdp dual view session appears only on one screen

[ICA]
– Fixed that “Add account” window appears while starting ICA session as user

====================
Known Issues:
====================
-[System]
– Deactivating WIFI devices is not working
– Deactivating Bluetooth devices is not working

-[FABULATECH]
– Fabulatech USB for Remote Desktop is currently
not working with Citrix XenDesktop.

-[VMware]
– USB Redirection: Devices connected to a USB 3.0 Port will not be redirected.
– USB redirection is currently not working if vWorkspace USB
redirection service is enabled.

Whitepaper: How to create a virtual IGEL Thin Client on Microsoft Hyper-V

June 3rd, 2015

Hello Folks,

very often I’ve been asked how to create a virtual IGEL Thin Client, this was mostly related to Microsoft Hyper-V Server coming with Windows 8.x and soon with Windows 10.

So here is a new Whitepaper available that shows how you have to create and install the VM and how the license from IGEL can be applied. The Whitepaper is available here: How to create an IGEL Universal Desktop OS Test VM on Microsoft Hyper-V

Cheers
Michael

Info: Converted with Universal Desktop OS INTEL NUC Kit DE3815TYKHE Atom processor E3815

May 29th, 2015

Hello Folks,

today i converted a INTEL NUC Kit DE3815TYKHE Atom processor E3815 (Thanks to Intel for providing the device) with the IGEL Universal Desktop OS 5.06.10x with the following results.

intelnuc

Video: Intel HD working (thru VGA and HDMI Port)
Audio: Headset/Mic and HDMI Audio are working
Network: 1GB Ethernet and internal Wifi (Realtek, not included by default) working
USB Ports: 2.0 and 3.0 Ports are working
Internal eMMC Hardisk: Not supported thru Universal Desktop OS
SATA Controller with SSD: Working
RAM: 2GB (not included by default)

From the performance point the device is ok and quite fast for a single core INTEL Atom CPU, it do not provide a high end multimedia performance for local Youtube and Movie playback but for typical office scenarios it’s ok for a device at this price point. The power consumption is very low end is round about 5w during regular use. The case comes with a vesa mount and the device can be placed behind a display without any issues.

Cheers

Michael

Release: IGEL Universal Management Suite Version 4.09.110

May 21st, 2015

Hi Folks,

there is a new IGEL UMS Version 4.09.110 available at www.myigel.biz.

Fixed configuration of Citrix XenDesktop/XenApp sessions in a profile with Firmware LX 5.06.100.
* The parameter “Authentication type” on page Sessions->Citrix XenDesktop/XenApp->Citrix StoreFront/WebInterface->Logon was not handled correctly.

Cheers

Michael

Tip: Best Citrix Receiver support in town, IGEL LX/OS 5.06.10x

May 18th, 2015

Hello Folks,

maybe you used already the Citrix Receiver Switch in IGEL Linux Firmwares before Version 5.06.10x.

This old switch allowed you to switch between Citrix Receiver 12 and 13 and this was already really a unique feature. Since Version 5.06.10x you can switch between three Receiver Version, this allows you to choose the Receiver Version which works best for your requirements but you should note a few things.
From the release notes:

– Removed parameter “ica.useversion13″. Parameter was replaced by ica.activeversion
– Added parameter “ica.activeversion”, which is available in the registry and on page “Citrix > Citrix Receiver Selection”
in setup/UMS. This parameter is set to “Default” by default, which means that the used Citrix Receiver version is
the recommended version for the particular firmware version (in this firmware it is Receiver 13.1.3).
It is possible to change this behavior by pinpointing a specific Receiver version here, but if a later firmware
version does not contain the chosen version, the default version of this later firmware will be used instead.
CAUTION: Please note that the default version up to this firmware was 12.1.8 for a long time now.
With this firmware release, it switches to 13.1.3. You have to change “ica.activeversion” if you insist on
continuing to use Receiver 12.1.8.

This means, if you want to configure this thru the UMS the old Profiles will not work!!! You need to create a new profile for the new 5.06.10x firmware and than you are required to make the configuration thru System->Registry. Be warned, if you not perform this configuration in advance it can happen that the User is not able to connect to your Citrix environment. Tip: You can assign the old configuration (optimized for the Firmware < 5.06.100) and the new configuration at the same time thru the UMS. The firmware will choose the right setting by there own.

Cheers

Michael