Archive for the ‘XenDesktop’ Category

Tip: Getting struggled with SHA2 certificates and the Citrix Linux Receiver?

Friday, September 5th, 2014

Hi Folks,

if you got issues with SHA2 certificates in the past and if used together with a Citrix environment you should try the latest IGEL 5.04.100 LX/OS firmware.

The new firmware contains a updated Citrix Receiver 13 version which comes now with SHA2 certificate support, important here: You must use the Citrix Receiver 13, no option to use Receiver Version 12 here! So it might be that you have to reconfigure your thin clients to work together with your environment and to get Receiver 13 to work.

Please test the new configuration in advance, do not just modify it to see what happens for all your users (otherwise they will hate you). 😉




Info: Citrix going back the Linux way… Register for the XenDesktop/XenApp Linux Desktop Tech Preview now.

Wednesday, August 27th, 2014

Hi Folks,

after years Citrix is going back the Linux way… You can now register for a XenDesktop/XenApp 7.5 Linux Desktop Tech Preview. This means: Offer your users a Linux Desktop or Apps.

There are a couple of reasons why to offer a Linux Desktop or App to the Users, App is not available for Windows like some Linux based GFX Tools, Licensing fee’s or general issues with Desktop OS Licensing for cloud offerings (CSP). So i really like to see what happens here in the future…

If you want to register for the Tech Preview or to get more information’s just visit the Citrix Blog here: Citrix Blog

Have Fun


Tip: How to solve scrolling issues with XenDesktop 7.x and the Linux Citrix Receiver 13

Wednesday, July 9th, 2014

Hello Folks,

if you got in issue with scrolling in web sites that contain a lot of pictures like Google Pictures than you should try the setting to enable the registry key to enable the h264 deep level compression (System->Registry->ica.wfclient.h264enabled).

Plesase note: You must use Receiver 13 and this settings is currently not available for ARM based Client like the IZ1 or UD2 Multimedia.



Tip: How to avoid Adobe Flash in Terminal Server/VDI environments with the IGEL LX/OS

Wednesday, May 28th, 2014

Hi Folks,

maybe you also agree that Adobe Flash content is one of the biggest crap that can be used in a Terminal Server/VDI environment. For example youtube or similar site’s mostly waste expensive Server CPU resources only for watching a “funny” video..

Yeah… One User with one HD Flash Movie use 41% of  Server CPU resources!

HTML5 is still not a big deal for most site’s, so how can you handle it?

1) Ban it… Block unwanted traffic with a firewall or proxy. This is highly efficient but will upset the user base and maybe you need it (schools/education), so mostly this option is no deal.

2) Buy more Server.. More or less efficient and very expensive (Hardware, licensing, setup and cooling). No deal!

3) Use solutions like Citrix HDX Flash Redirection… More or less efficient, hard to setup and not 100% compatible, it could be a option but it’s not a real solution.

4) Ban it from the servers… I just setup this for a PoC and it seams to be the most efficient way which is also acceptable for most users. So how is the setup?

a) You need IGEL Linux based devices (LX or OS) based on the x86 architecture to do this.

b) Setup a local Firefox browser session and deploy any Version of the Adobe Flash Player for Linux to it (Browser Plugins in the IGEL Setup).

c) Assign a Hotkey to the Firefox Browser Session like ALT+CTRL+i.

d) Setup a IIS/Webserver on any System that is not already running a IIS/Webserver

e) On the Terminal Server/VDI (i recommend to use the golden Image) site open the hosts file which is located in the Windows/System32/drivers/etc folder and edit it. Now add any Website you want to outsource, point it to the “new” Webserver. Example:

Do not perform this for any Website which is used for “business” uploads/work! Don’t use a DNS Server to apply the configuration, this might also point the Thin Clients to a “wrong” site… Of course you can also add Webradio Website’s, browser based games or what ever you don’t want to see in a Webbrowser on the server backend. But at all.. It’s not a security solution at all, it’s to save resources only!

f) Create a small HTML Website with a short Text like “This site can not be used on a Server/VDI! Please press ALT+CTRL+i to open the local Browser and use ALT+CTRL+TAB to switch between the Browser/Session.” or similar. Make it simple and easy to understand… Now set this HTML Page as default and 404 error page for the new Webserver (d).

g) Let the user test it… If the User enter the “new” Website will open and point the user how to work with the local Browser.. For the User it looks “very” embedded into the session, not 100% but it will be good enough to watch movies for most of them.

I know this solution is also not a 100% one and it can be bypassed if the User is using the IP. 😉 ..but it’s not a security solution, the User can watch Movies and you have minimized the wasted CPU resource on your backend. It’s easy to control, high compatible and everyone is happy. From my point it’s currently the best way to handle Flash until it will be fully replaced by HTML5 or any other “better” working solution. The performance depends on the User device, a UD5 will better perform than a UD2 but still: A slow client is better than a slow server for most company environments.

Also some more benefit’s.. You can seperate client traffic from your server traffic quite simple, the customer where i suggest this mentioned that they have 10GB or more “flash” streaming traffic (only youtube) per day in the server infrastructure with a little bit more than 300 user’s. You can use it with any Terminal Server/VDI solution but please note: If using VMWare View, Microsoft RemoteFX, Citrix XenDesktop x.x / XenApp 7.5 or any other solution that support real USB redirection don’t setup USB Redirection for Human Interface Devices (HID) because in this case the Mouse and Keyboard can not be used outside the Session (…and with the local Browser).

You can also add other description’s to the created “manual” website, for example for Android press the home button and open the local Browser or similar.

If you have suggestions to improve this solution feel free to give me a mail or add a comment.



Tip: Using ICA Sessions with IGEL Linux 5.03.100 and XenApp/XenDesktop 7.x

Thursday, May 8th, 2014

Hi Folks,

in the release notes for the IGEL Firmware 5.03.100 IGEL mentioned that “single” ICA session are not possible with the Citrix Receiver 12/13 for Linux and XenDesktop/XenApp 7.x:

"- ICA sessions created on the IGEL device only work
with Citrix XenApp servers up to version 6.5."

This statement is not really true because in Citrix Terms it means only ICA Sessions based on the Citrix IMA Service (XenDesktop or XenApp 7.5 is using FMA), it is not right for sessions based on a Server IP Address or Hostname where the IMA service is not required/used.

This is also mentioned in the Citrix Edocs in the XenDesktop/XenApp 7.5 Feature description:

  • Custom ICA files — Custom ICA files were used to enable direct connection from user devices (with the ICA file) to a specific machine. In this release, this feature is disabled by default, but can be enabled for normal usage using a local group or can be used in high-availability mode if the Controller becomes unavailable. 

If configured right it can be also used as small HA “solution” for smaller installations with only one XenDesktop/XenApp controller server, please refer also to:  How to enable simple XenDesktop/XenApp 7.5 HA Mode

To enable the feature in general follow this article: Enable direct ICA connections for XD/XA 7.x

In the ICA Session configuration in the UMS Profile/local Thin Client configuration use only the Server IP/Hostname for the connection (see picture below), if you have more than one Server you need to create seperate profiles for each server and assign the profiles to different clients. Of course this is a “manual” work but you are still able to use the ICA sessions if required, a Citrix Storefront or Webinterface Server is not required in this case. If HA mode is enabled like mentioned also a XenDesktop/XenApp 7.x controller can be offline for a short time period (for example maintenance).




1) It will only work in LAN environments.
2) No Load Balancing, the clients will always connect to “one” server or you have to configure “several” ICA sessions per Client.
3) No “roaming” sessions if the User use several Thin Clients and these Clients are connecting to different server.
4) Not really usefull for large environments.

It will work with Citrix Receiver 12 and 13 for Linux but also older Receiver Versions (any OS) should work with it.



Tip: Hidden Citrix Receiver failback switch in the IGEL Linux

Wednesday, April 30th, 2014

Hello Folks,

iam not sure how long this feature already exists but i should mention it here….

IGEL has included in all current LX/OS Firmware Versions (V4.13.x or V5.01.x to < 5.03.100) a hidden “failback” Switch which can help to bypass issues with the latest included Citrix Receiver Version.

In the current IGEL Firmware 5.02.100 you are able to switch between Citrix Receiver (default, mentioned in the release notes) and Citrix Receiver (mentioned nowhere… 🙁 ). I do not unterstand why this is included as a hidden feature because it’s a clear benefit to have this option available.

Switching between these Versions is quite simple, you only need to execute the command /services/ica/bin/switch_ica_fallback. This can be done from a command line/terminal session for tests / troubleshooting or you can execute it during boottime for production. If you want to switch back to the “default” version just execute the command again… Funny right?

If you want to perform the last option open a profile or the local IGEL Setup and browse to System – Firmware Customization – Custom Commands – Desktop Commands and enter the command in the Custom Command Desktop Final field. After this change is done the setting will be active after the next reboot.

Update: This solution is not available in the Firmware 5.03.100, use here the switch in the gui or the registry setting System->Registry->ICA and enable useversion13.



P.S.: It might be that this switch will be removed in later firmware releases..

Tip: Troubleshoot Certificate issues with Citrix Receiver and Apple IOS / MacOSX / Android / Linux

Friday, April 4th, 2014

Hello Folks,

if you are using the Citrix Receiver together with Apple devices you may have discovered some certificate issues in the last weeks or months.

This means, you have imported a “valid” Certificate but the user is still not able to connect to your Citrix environment. Very common for this issue is the public CA GoDaddy and there are a couple of Admins running into this issue in the last weeks.

The reason for this issue is quite simple, a few CA’s now create all certificates valid after the 01-01-2017 as a SHA2 certificate, this SHA2 certificate is not supported by the Citrix Receiver for Apple OS’s in the moment. See also

Only way to fix this at moment is to use an other certificate type or to wait until Citrix adds the SHA2 support for the Apple/Android/Linux receiver versions.


P.S.: Please refer also to the Citrix Client Feature Matrix mentioned in the previous post.

Release: XenDesktop 7.5, XenApp 7.5 and Storefront 2.5

Thursday, March 27th, 2014

Hello Folks,

Citrix has released there latest product version of XenApp 7.5 and XenDesktop 7.5 incl. Storefront 2.5.

The new versions are available at the Citrix website for download now and check out you licensing before upgrading your existing environment.

Have Fun


P.S.: For a nice Visio stencil of XenApp/XenDesktop 7.5 visit

Tip: Troubleshoot disconnecting ICA Session with Citrix Receiver for Linux

Monday, March 10th, 2014

Hi Folks,

if you have an issue with disconnecting ICA Session coming with the lates Version of the Citrix Receiver try the following steps:

1) Make sure you have no network issue (use the network tool coming with the IGEL Linux)

2) Disable all not needed redirection features in Sessions->ICA->ICA Global like Printer redirection, Serial Port redirection and so on.

3) Very often it seams to be that this issue is related to Flash (last Flash versions are very unstable, try also an older one on client and also server side) or Multimedia redirection, disable this in the ICA Global settings too.

Please report if this fixed the issue for you and what setting helps most.


Michael Hoting

P.S.: If you run in a issue like this, request exact reports what was the last user action before the session drops.

Tip: Citrix Linux Receiver settings explained

Thursday, December 5th, 2013

Hello Folks,

Citrix has released  a new Version for the Linux Receiver documentation explaining a couple of settings, the new document is already for the Receiver Version 13 but most settings are similar to Receiver 12 and explaining a lot of useful settings that can be found in the IGEL Setup->System->Registry->ICA->wfclient area.

You can found the documentation here: Download Linux Receiver Guide


Tip: XenDesktop 7 and fixing Flash redirection issues on a Windows 7 VM

Tuesday, September 24th, 2013

Hello Folks,

if you’re running XenDesktop 7 together with Windows 7 VM’s you can run into a issue with Flash Redirection that Flash redirection doesn’t work.

Solving this issue is quite simple, it looks that the current Flash Player from Adobe is not compatible to HDX Flash redirection or cause some issues here. Just use an older Version and HDX Flash Redirection works like a charm again.

This has nothing to do with IGEL, it seams to be a general Flash issue in the current Flash Version from Adobe together with HDX Flash.

Update: I doesn’t know why it works for me one time with Windows 8 but in general Flash Redirection and Windows 8 is not supported and recorded as known issue by Citrix. The issue with the latest Flash Player do also has an impact on Windows 7 VM’s and can be solved like described.

Update2: Just if you are not familar with Flash redirection and what components are required, you have to use the Flash Plugin (Flash Player for other Browser) and not the ActiveX Plugin, if only the ActiveX Plugin is installed it will not work in general! You can also access older players from the archive (




Tip: How to allow RDP and unmanaged ICA connections to XenDesktop 7 Terminal Servers (Windows Server 2008R2/2012)

Monday, September 23rd, 2013

Hello Folks,

not 100% IGEL related: If you already use XenDesktop 7 you maybe want to allow/use RDP connections or unmanaged ICA connections to a Terminal Server.

In XenApp 6.5 you only need to setup the Citrix “Desktop Access” Policy but for XenDesktop 7 this is not enough and still RDP or unmanaged ICA connections didn’t work.

After you installed the XenDesktop 7 VDA for a Server OS you will get a new “local” User Group “DirectAccess Users”, add your Domain Users or User Groups to this local Group on the Terminal Server.

XenDesktop 7 local DirectAccess Users group.

XenDesktop 7 local DirectAccess Users group.


After this is done, you are able to connect to the Terminal Server as User via RDP or unmanaged ICA.




P.S.: This is useful for the IGEL Linux if you want to setup a direct ICA session for a Desktop Session… 😀

Using Citrix GoToMeeting with Citrix XenApp or XenDesktop

Wednesday, September 18th, 2013

Hi Folks,

maybe this information is useful: If you want to use Citrix GoToMeeting you should be aware that you can not use GoToMeeting  together with an Audio Headset and XenApp.

If you are using XenDesktop together with a Desktop OS (not Server OS!) then it will work and you can use the Headset.

This is not related to IGEL, it’s a general behavior for GoToMeeting together with XenDesktop/XenApp and the Client OS (Windows/Linux) is not important!



P.S.: Future versions of GoToMeeting maybe will not show this behavior… 🙂

Recommended: Free Citrix XenDesktop 7 CXD-102 course

Wednesday, August 21st, 2013

Hi Folks,

i would like to introduce the free Online Course CXD-102 “Introducing to XenDesktop 7” from Citrix.

This course is a requirement to visit an instuctor-led XenDesktop 7 course and it also introduces the architecture of XenDesktop7, the product itself and the main know how regarding the major changes compared to XenApp.

You will find the course here:



If you don’t have an Citrix Account you can create also a Citrix Account for free via the Login Page.


Tip: Citrix session drops if you open a second ICA connection in a XenApp/XenDesktop session

Tuesday, July 9th, 2013

Hi Folks,

i just got an issue where the user opens a session from an IGEL Linux / Windows PC to a XenApp / XenDesktop environment. This works fine until the user starts a second session in the first session to an other XenDesktop/XenApp environment.

The connection are done thru a Storefront server.

If this issue happens also to you, try the following registry setting in the Server / Desktop the user connects first.



Please note: Test in advance, i do not provide any warranty that this will fix the issue at all or for a data loss in case of a wrong impementation. You are fully responsible if you apply this setting!


Info: Important to know if you want to try a IGEL OS with Citrix XenDesktop 7

Tuesday, July 2nd, 2013

Hello Folks,

if you already Setup a XenDesktop 7 Test Environment to test it with you IGEL Thin Clients you should be aware that the current inbuild receiver is not optimized for XenDesktop 7.

For Windows based devices you need Citrix Receiver 4 for Windows and for Linux you need Citrix Receiver 13, last one is still not released by Citrix. For Windows based devices you might be able to upgrade the Receiver by your own but for Linux you have to wait for the official release. See also:

Why is this important to know, XenDesktop 7 brings a lot of new Features and these Features are mostly not supported by the old Receiver Versions. This can cause Performance, Display or other issues (like no multitouch Support if a touch Screen is used).

So you can Setup your XenDesktop 7 Environments but for your final PoC you should wait for the right Receiver Version. 🙂

This do also apply for the XenApp Feature Pack 2.


XenDesktop 7 is available for download

Wednesday, June 26th, 2013

Hi Folks,

XenDesktop 7 is available for download at Not direct IGEL related but it might be intresting for you. 😉



New Tool: XenDesktop Helper

Wednesday, May 8th, 2013

Hi Folks,

i’ve written a small tool that i need for my own but maybe you can also use it…. It’s primary based on the idea that you can not figure out the Client IP, MAC-ID or Hostname in a connected XenDesktop/VDI in a Box session with user rights in a Login script in a simple way, also it can force a user logoff if the Client Hostname or IP do not fit compared with a given variable. The result will be displayed and also written into the registry to use it with other scripts, see also the readme for more informations.



The download is available in the download area, this tool is not directly related to IGEL but of course it can be used in a XenDesktop/VDI in a Box session running on an IGEL Thin Client.

Important: It’s called XenDesktop Helper and not XenApp Helper->Do not use this tool with XenApp!!

Have Fun!

Test: Using IGEL Linux based Thin Clients together with Citrix CloudGateway Enterprise

Friday, February 15th, 2013

Hi Folks,

today i’ve tested the IGEL Universal Desktop LX/OS together with Citrix XenApp 6.5, XenDesktop 5.6 and VDI in a Box 5.2 and Citrix CloudGateway Enterprise (LAN and WAN thru Citrix Netscaler).

I’ve used the internal Webbrowser coming with the IGEL Linux for the connection, in both cases (LAN and WAN) it works like a charm. For my test i’ve used the IGEL Firmware 4.11.100.

CloudGateway thru IGEL Universal Desktop LX Webbrowser

 …and connected to a session (XenApp 6.5)


Connection thru CloudGateway to XenApp 6.5

If you plan to upgrade your Citrix Environment to CloudGateway this should work for you, so the IGEL Linux based Clients seams to be ready for the new Citrix products. Official i’ve read no confirmation from IGEL about this, so in anyway you should test this to confirm the results. If you discover issues here feel free to contact me.

Update: I forgot, in the screenshots the Desktop Connections to XenApp,XenDesktop and VDI in a Box are missing but i works also fine for me.


P.S.: The old PNAgent Service Site is now called “Legacy” in Citrix products…..

Tip: Application can’t be started from a mapped USB Memory with IGEL Universal Desktop LX/OS in a Citrix Session

Thursday, October 25th, 2012

Hello Folks,

try to solve this issue.