IGEL Kiosk Mode Browser Settings

I was asked recently about creating a locked down Kiosk Browser Session in the IGEL Operating System. Below is the standard configuration I’d do when creating such a Profile. I will continue to update this post with any new information that might be relevant.

Create a Kiosk Browser Session

  1. Create a new Profile, and give it a meaningful name.
  2. Navigate to: Sessions > Browser > Browser Sessions
  3. Select Add in the right hand window
  4. Give a Session Name


Browser Session Options

Set Browser Home Page

  1. Navigate to: Sessions > Browser > Browser Sessions > {Session Name} > Settings
  2. Change ‘When browser starts’ to ‘Show my home page’
  3. Enter ‘Home Page’ address for the browser to open with


Enable Browser Session AutoStart

Navigate to: Sessions > Browser > Browser Sessions > {Session Name}

To ensure the browser launches when the desktop has loaded you need to enable ‘AutoStart’. Along with this setting enable ‘Restart’, Restart means the browser will automatically relaunch if it is closed. Enabling ‘AutoStart Delay’ with a value (in seconds) is the time between the desktop loading and the browser automatically launching.


Set Browser to Full Screen

Navigate to: Sessions > Browser > Browser Sessions > {Session Name} > Window

To make the browser launch in full screen enable ‘Start in fullscreen mode’. While you here enable ‘Hide local filesystem’. Setting this will hide the local file system when you attempt to save files. ‘Hide configuration page of the browser’ will already be enabled.


Customizing the Menu & Toolbars

Navigate to: Sessions > Browser > Browser Sessions > {Session Name} > Menus & Toolbars

  • Enable ‘Hide App Menu/Menu Bar
    • This removes the App Menu to the right hand side of the browserkiosk1
  • Enable ‘Hide Search input
    • This removes the search input from the browserkiosk1
  • Enable ‘Hide URL Input
    • This removes the URL input from the browser


  • Enable ‘Hide Tabs Toolbar
    • This removes the tabs from the top of the browser and also the ability to launch new tabskiosk1
  • Disable Browser Context Menu

Navigate to: Sessions > Browser > Browser Sessions > {Session Name} > Context

  • Enable ‘Hide the browser’s context menu’
    • This completely removes the browser context menu (but not the Tab Context Menu) including:
      • Save Page As button
      • View Page Source / Info



IGEL Configuration Templates

IGEL have some great Profile templates available from their website which are a great starting point for ideas on what can be done within the IGEL OS.

Once the file has been downloaded, unzip it.profile files

Within Universal Management Suite browse to:

System > Import > Import Profiles and browse to .\UMSDemonstration\Template via Import, then select the relevant IGEL OS


Once the templates have been imported it will look similar to this:




IGEL UMS – “Error: Cannot connect to remote management server”


Scanning for new thin clients discovers the available thin clients, select ‘Include’ to bring the device into Universal Management Suite (UMS).


During the inclusion process it fails with the error “ERROR: Cannot connect to remote management server”.

scan error


Communication between UMS server and thin client requires port 30001 to be open on the server running IGEL UMS. This is visible in the Windows Firewall log file (C:\Windows\System32\LogFiles\Firewall\pfirewall.log) if ‘Log dropped packets’ is enabled.

firewall error


  • Allow the following ports on the Windows Firewall
    • 30001, 30005 (For further information refer to: http://edocs.igel.com/#10202276.htm)
  • Disable Windows Firewall

Citrix Self-Service Password Reset “Cannot access your server address!”


  • Windows Server 2016
  • Citrix XenApp 7.15
  • Citrix XenApp Self-Service Password Reset


Creating a new ‘User Configuration’ in the ‘Enable Self-Service Password Reset’ section


  • The Service Address returns and error “Cannot access your service address!”.


  • Browsing to https://fqdn/MPMService returns “Error 403 – Forbidden: Access is denied”
  • Event Viewer has the following:





  1. Disable the Internet Explorer proxy server, if possible
  2. Enable ‘Bypass proxy server for local addresses’
  3. Create a proxy server exception





Citrix WEM – “Manage Printer” Application

We are currently using an on house written app that allows users to add/remove/set as printer their network printers.

Our users like this custom tool because its so simple to navigate around but going into our new XenApp 7.15 environment on Windows Server 2016 OS this tool doesn’t work.

In this new environment we are going to implement Citrix Workspace Environment Management (WEM) and I noticed it comes with the ‘Manage Printers’ function as part of the WEM agent deployed to the XenApp Member servers, this tool is very good but its semi hidden away and takes a couple of clicks to find it where our users were used to having a desktop printer icon to get to the custom app.

I decided to see if the WEM ‘Manage Printers’ function can be made into a desktop icon, the details to turn this into an application are:

  • Command Line: C:\Program Files (x86)\Norskale\Norskale Agent Host\PrnsMgmtUtil.exe
  • Working Directory: C:\Program Files (x86)\Norskale\Norskale Agent Host
  • Icon File: C:\Windows\System32\shell32.dll
  • Icon Index: 16
  • Display Name: Printer Management
  • Action Type: Create Application Shortcut

Dont forget to ‘assign’ the new application in Action Assignment.

VMware vCenter 6 Web Console doesn’t load or very slow

Update (05 Sept 2017):

After changing the value to 512MB we continued to have this issues on and off, contacted VMware Support yet again and now they have advised to increase the MaxPermMB from 512 to 1024 (which is apparently the max value this can go to). We will continue to monitor to see if there is any improvement.


VMware vCenter 6.0.0 Build 4541948 (Update 2a) – could effect other vCenter versions also.


After a period of a week or more the vCenter Web Console slows down dramatically to the point where the website doesn’t load anymore and the browser times out.

Looking into the /var/log/vmware/vsphere-client/logs/vsphere-client-virgo.log file you it displays the following Out Of Memory error:

Run: less vsphere-client-virgo.log


“[2017-03-15T13:59:07.853+13:00] [ERROR] ing.timer.TimerFactoryBean#0 o.s.scheduling.timer.MethodInvokingTimerTaskFactoryBean Invocation of method ‘update’ on target class [class com.vmware.vise.vim.cm.healthstatus. HealthStatusUpdater] failed java.lang.OutOfMemoryError: PermGen space”


  1. (Workaround) Reboot the vCenter, according to VMware Support you should reboot it often to ensure the vCenter doesn’t run out of memory.
  2. (Permanent fix) Increase the memory size for vspherewebclientsvc in the service-layout.mfx file from 256 to 1024.
    1. Use WinSCP to connect to vCenter Server
    2. Browse to and edit: /etc/vmware/service-layout.mfx
    3. Find the line with the firstboot_name ngc_firstboot
    4. Under the column ‘MaxPermMB’ change the value from 256 to 1024
    5. Save service-layout.mfx file
    6. SSH to vCenter Server
    7. Run: /etc/init.d/service vsphere-client restart

Deploy ESXi 6.0 upgrade to Update 2 Fails


When attempting to remediate an ESXi host with 6.0 Update 2, the following error displays in Update Manager:

“The host returns esxupdate error code:14. There is an error when resolving dependencies. Check the Update Manager log files and esxupdate log files for more details.”

In /var/log/esxupdate.log

esxupdate: ERROR: DependencyError: VIB VMware_bootbank_vsanhealth_6.0.0-3000000. requires esx-base >= 6.0.0-2.43, but the requirement cannot be satisfied within the ImageProfile.


There is a dependency for Update 2 that needs installing first,  weirdly enough the dependency is included in Update 2.


  • Enable ESXi Shell and SSH on ESXi host
  • Download Update 2 from VMware Patches
  • Copy zip file to /vmfs/volumes/datastore (file is too large to copy to /var/tmp)
  • Use Putty to connect to ESXi host
  • Run: esxcli software vib install -n esx-base -n vsan -n vsanhealth -d /vmfs/volumes/datastore1/update-from-esxi6.0 6.0_update02.zip

-n = Specifies VIBs from a depot, using one of the following forms: name, name:version, vendor:name, or vendor:name:version.

-d = Specifies full remote URLs of the depot index.xml or server file path pointing to an offline bundle .zip file.


  • Reboot the ESXi host.
  • To confirm the components installed correctly run: esxcli software vib list
  • These are the dependencies and versions installed:


  • Once the server is back online now use Update Manager to remediate Update 2 (and any additional patches) onto ESXi host.