Citrix Workspace Service Setup


Going through my first Citrix Cloud/Workspace/CVAD deployment I thought I’d blog the process I go through to configure Workspace. This blog post will get updated as I go and discover more about Workspace.

 

After authenticating into your Citrix Cloud instance, browse to Workspace Configuration

Citrix_Cloud_Menu

Access

Enable the Workspae URL and then click Edit. Choose a relevant name for your Workspace URL, once it has been Save, it can take 10mins to become available as mentioned below.

Workspace_Config_URL

Authentication

Select the authentication method used to sign into Workspace. Configuration of each of these authentication methods is done via Identity and Access Management section.

Workspace_Config_Auth

Customize / Appearance

  • Upload your Sign-in Appearance logo
  • Upload your After Sign-in Appearance logo
  • Content Branding (colour scheme)

Customize / Preferences

Configure the following:

  • Allow Favourites (Enabled/Disabled)
  • Automatically Launch Desktop (Enabled/Disabled)
  • Workspace Timeout (20mins is default)
  • Citrix Workspace Preferences (In a browser / In a native app / Let subscribers choose)
  • Enabled Microsoft Teams (Enabled/Disabled)

 

Manage Services Integrations

By default, Virtual Apps and Desktops is enabled by default. To configure Workspace for an On Prem Virtual Apps and Desktops or XenApp 6.5 site, on ‘Virtual Apps and Desktop On-Premises Sites” click Add Site.

Will document the On Prem site connections later.

Workspace_Config_ServiceIntegration

Configure Workspace with On Prem ADC Gateway

Browse to Access, under the required Resource Location select Configure Connectivity.

Workspace_Config_Access_GW_Service

  • Click Edit and enter in the external FQDN of your On Prem ADC Gateway.
  • Select Test STA, this is likely to fail as they are behind the ADC Gateway
  • Click Save

Workspace_Config_Access_GW_Service

  • Under Access and your Resouce Location you should now see:
    Gateway: Gateway_FQDN:443

Workspace_Config_URL_Gateway

To validate the Citrix Gateway is now handling the ICA traffic via Citrix Workspace, log into your Citrix Gateway > select Citrix Gateway > ICA Connections

Citrix ADC_ICA Connections

Because the user authentication is handled by Citrix WorkSpace via the Citrix Cloud Connectors to Active Directory, the Citrix Gateway will show ‘anonymous’ as the username.

Workspace_Config_NetScaler_ICA_Conn

To validate that the Citrix Gateway is being used I SSH’d into the ADC and run:

  • shell
  • nstcpdump.sh host <Gateway VIP> or <Content Switch VIP> (if using Citrix Unified Gateway)

You will see hits on this once applications are launched from Citrix Workspace.

Advertisements

Citrix ADC Feature Matrix


I was looking for a simple breakdown of the Citrix ADC and what features you get with each license edition.

There are some from Citrix like: https://www.citrix.com/products/citrix-adc/platforms.html but it doesn’t really give a simple list of exact feature to license.

I decided to create my own matrix based on the Platinum, Enterprise and Standard license. Hope its useful for you also.

I have included the XLSX file in case you need it – NetScaler Licensing

Date: 22 Feb 2019

Feature Platinum Advanced Standard
Web Logging YES YES YES
Surge Protection YES YES NO
Load Balancing YES YES YES
Content Switching YES YES YES
Cache Redirection YES YES NO
Sure Connect YES YES NO
Compression Control YES YES NO
Delta Compression NO NO NO
Priority Queuing YES YES NO
SSL Offloading YES YES YES
Global Server Load Balancing YES YES NO
GSLB Proximity YES YES NO
Http DoS Protection YES YES NO
Dynamic Routing YES YES YES
Content Filtering YES YES YES
Content Accelerator YES NO NO
Integrated Caching YES NO NO
SSL VPN YES YES YES
AAA YES YES NO
OSPF Routing YES YES NO
RIP Routing YES YES NO
BGP Routing YES YES NO
Rewrite YES YES YES
IPv6 protocol translation YES YES YES
Application Firewall YES NO NO
Responder YES YES YES
HTML Injection YES YES YES
NetScaler Push YES YES NO
Web Interface on NS YES YES YES
AppFlow YES YES YES
CloudBridge YES NO NO
ISIS Routing YES YES NO
Clustering YES YES NO
CallHome YES YES NO
AppQoE YES YES NO
Appflow for ICA YES YES NO
RISE YES YES NO
vPath YES YES
Front End Optimization YES YES NO
Large Scale NAT YES YES NO
RDP Proxy YES YES NO
Reputation YES NO NO
URL Filtering NO
Video Optimization YES
Forward Proxy NO
SSL Interception NO
Remote Content Inspection YES
Adaptive TCP YES
Connection Quality Analytics YES

Citrix Storefront 3.16 HTML5 and Receiver for Linux Issue


Fellow Citrix CTA René Bigler highlighted an issue in the IGEL Community Slack channel that when using Storefront enabled for ‘Use Receiver for HTML5 if local Recevier is unavailable’ it would automatically default to HTML5 and fail to launch the app/desktop.

20181031_105753

I did further testing to isolate exactly where the issue might lie. Here’s my testing and results carried out.

Environment
-Citrix XenApp 7.15 CU2
-Storefront 3.15 and 3.16
-IGEL OS 10.05.100
-Citrix Receiver 13.9.1 and 13.10.0

Test #1
-Storefront 3.15, Receiver Deployment Option: Install locally
-IGEL OS 10.05.100
-Citrix Receiver 13.9.1

Result: Logged into Storefront browser, launched XenApp desktop successfully using native Receiver

Test #2
-Storefront 3.15, Receiver Deployment Option: Install locally
-IGEL OS 10.05.100
-Citrix Receiver 13.10.1

Result: Logged into Storefront browser, launched XenApp desktop successfully using native Receiver

Test #3
-Storefront 3.15, Receiver Deployment Option: Use Receiver for HTML5 if local Recevier is unavailable.
-IGEL OS 10.05.100
-Citrix Receiver 13.9.1

Result: Logged into Storefront browser, launched XenApp desktop successfully using native Receiver

Test #4
-Storefront 3.15, Receiver Deployment Option: Use Receiver for HTML5 if local Recevier is unavailable.
-IGEL OS 10.05.100
-Citrix Receiver 13.10.1

Result: Logged into Storefront browser, launched XenApp desktop successfully using native Receiver

Test #5
-Storefront 3.16, Receiver Deployment Option: Install locally
-IGEL OS 10.05.100
-Citrix Receiver 13.9.1

Result: Logged into Storefront browser, launched XenApp desktop successfully using native Receiver

Test #6
-Storefront 3.16, Receiver Deployment Option: Install locally
-IGEL OS 10.05.100
-Citrix Receiver 13.10.1

Result: Logged into Storefront browser, launched XenApp desktop successfully using native Receiver

Test #7
-Storefront 3.16, Receiver Deployment Option: Use Receiver for HTML5 if local Recevier is unavailable
-IGEL OS 10.05.100
-Citrix Receiver 13.9.1

Result: Logged into Storefront browser, launched XenApp desktop, attempted to use HTML5 and failed

Test #8
-Storefront 3.16, Receiver Deployment Option: Use Receiver for HTML5 if local Recevier is unavailable
-IGEL OS 10.05.100
-Citrix Receiver 13.10.1

Result: Logged into Storefront browser, launched XenApp desktop, attempted to use HTML5 and failed

Issue

Issue appears to be with any Receiver for Linux version running on Storefront 3.16 (1808)

Workaround

If you are running Storefront 3.16 (1808) and the Receiver for Linux, ensure you have ‘Install Locally’ set rather than ‘Use Receiver for HTML5 if local Recevier is unavailable’ then your XenApp desktops/apps will launch.

image (1)

 

Error “This installation package could not be opened. Contact the application vendor to verify that this is a valid Windows Installer package” Installation success or error status: 1620.


Issue

Attempting to install an .msp file (in my case Citrix XenApp 6.5 RollUp7) it fails to install with the following error message.

Error Message

msp error

Troubleshooting Steps

  1. Run the msp with the verbose logging switch for example:

.\XA650W2K8R2X64R07.msp /L*v C:\Temp\RollUp7.log

2. Have a look in the C:\Temp\RollUp7.log file and you’re looking for the highlighted in red below “C:\Windows\Installer\d5c63.msi

Log File:

=== Verbose logging started: 30/05/2018 8:17:04 Build type: SHIP UNICODE 5.00.7601.00 Calling process: C:\windows\System32\msiexec.exe ===
MSI (c) (EC:F0) [08:17:04:901]: Font created. Charset: Req=0, Ret=0, Font: Req=MS Shell Dlg, Ret=MS Shell Dlg

MSI (c) (EC:F0) [08:17:04:901]: Font created. Charset: Req=0, Ret=0, Font: Req=MS Shell Dlg, Ret=MS Shell Dlg

MSI (c) (EC:10) [08:17:04:917]: Resetting cached policy values
MSI (c) (EC:10) [08:17:04:917]: Machine policy value 'Debug' is 0
MSI (c) (EC:10) [08:17:04:917]: ******* RunEngine:
 ******* Product: {1471A89F-8CAB-4C46-89AB-942432D1DD3D}
 ******* Action: 
 ******* CommandLine: **********
MSI (c) (EC:10) [08:17:04:917]: Machine policy value 'DisableUserInstalls' is 0
MSI (c) (EC:10) [08:17:05:057]: Cloaking enabled.
MSI (c) (EC:10) [08:17:05:057]: Attempting to enable all disabled privileges before calling Install on Server
MSI (c) (EC:10) [08:17:05:151]: End dialog not enabled
MSI (c) (EC:10) [08:17:05:151]: Original package ==> C:\windows\Installer\d5c63.msi
MSI (c) (EC:10) [08:17:05:151]: Package we're running from ==> C:\windows\Installer\d5c63.msi
MSI (c) (EC:10) [08:17:05:166]: Note: 1: 2276 2: 3: 75 
DEBUG: Error 2276: Database: . Codepage 75 not supported by the system.
1: 2276 2: 3: 75 
This installation package could not be opened. Contact the application vendor to verify that this is a valid Windows Installer package.
C:\windows\Installer\d5c63.msi
MSI (c) (EC:10) [08:17:05:213]: Note: 1: 1708 
MSI (c) (EC:10) [08:17:05:213]: Product: -- Installation failed.

MSI (c) (EC:10) [08:17:05:213]: Windows Installer installed the product. Product Name: . Product Version: . Product Language: . Manufacturer: . Installation success or error status: 1620.

MSI (c) (EC:10) [08:17:05:213]: MainEngineThread is returning 1620
=== Verbose logging stopped: 30/05/2018 8:17:05 ===

 

3.  Browse to C:\Windows\Installer\ folder (hidden protected OS folder) and rename the .msi to .old mentioned in the log file.

4. Re-run the .msp install

5. This time it will prompt for the original msi files, in my case it was the mps.msi

windows_installer

6. Browse to the original msi file where it may be and now the .msp file will install normally.

Citrix Receiver upgrade to 4.10 via Scripted Install – “Exit code is 1602 No Plugin found with UpgradeCode = {9FAB00CA-B032-4E4E-8D0C-E3B35802335D}”


Issue

When doing either a scripted upgrade of Citrix Receiver to v4.10.x from v4.x the installation fails.

A manual upgrade works as expected.

Upgrade Script example

.\CitrixReceiver.exe /noreboot /silent /includeSSON /ENABLE_SSON=Yes /EnableCEIP=false

TrolleyExpress.log file
C:\Users\<install user>\AppData\Local\Temp\CTXReceiverInstallLogs-20180524-160141\TrolleyExpress-20180524-160141

shows something similar to the following:

Error - CComponentManager::GetInstallStatus(598) - Installation NOT successful for 'XenApp Web Plugin', error: 1603.
Information - CComponentManager::GetInstallStatus(603) - Installation NOT successful for 'Citrix Receiver (DV)', it never fully tried to install, possibly due to issues.
Information - CComponentManager::GetInstallStatus(603) - Installation NOT successful for 'HDX Flash', it never fully tried to install, possibly due to issues.
Information - CComponentManager::GetInstallStatus(603) - Installation NOT successful for 'HDX Aero', it never fully tried to install, possibly due to issues.
Information - CComponentManager::GetInstallStatus(603) - Installation NOT successful for 'Authentication Manager', it never fully tried to install, possibly due to issues.
Information - CComponentManager::GetInstallStatus(603) - Installation NOT successful for 'Self Service Plug-in', it never fully tried to install, possibly due to issues.
Information - CComponentManager::GetInstallStatus(603) - Installation NOT successful for 'WebHelper', it never fully tried to install, possibly due to issues.
Information - CComponentManager::GetInstallStatus(645) - Created entry for RTME Plugin for reinstalling it if it was installed previously
Information - CComponentManager::GetInstallStatus(692) - Need to repaire plugin with UpgradeCode = {9FAB00CA-B032-4E4E-8D0C-E3B35802335D}
Information - CtxInstallHelpers::CInstalledClientPkg::FindInstalledClient(154) - No existing clients found with given upgrade code: {9FAB00CA-B032-4E4E-8D0C-E3B35802335D}
Information - CComponentManager::GetInstallStatus(704) - Repairs Receiver plugin with Product code = 
Information - CComponentManager::GetInstallStatus(713) - No Plugin found with UpgradeCode = {9FAB00CA-B032-4E4E-8D0C-E3B35802335D}
Information - CApp::SetExitCode(120) - Exit code is 1602 (called with 1603)
Information - CApp::Remove_Reg_Uninstall(1641) - CApp::Remove_Reg_Uninstall
Information - CApp::ExitInstance(1335) - Exit Code = 1602

“No Plugin found with UpgradeCode = {9FAB00CA-B032-4E4E-8D0C-E3B35802335D}”

Solution

  • None currently, it’s a known issue with Citrix for upgrading to v4.10.x and 4.11.x, it’s meant to be resolved in v4.12.x.
  • New installs and manual upgrades work as expected
  • Upgrading to v4.9.x LTSR and earlier works as expected.

Workspace Environment Manager – Capture Screen


Workspace Environment Manager has a cool little feature for end users to use called ‘Capture Screen’, it can be accessed by right clicking on the WEM Agent in the System Tray.

capture_screen_menu

This utility captures the users screen and lets them either Save the image or send it straight to a pre-configured email address (Service Desk etc). Enable Screen Capture in the WEM Administration Console under:

Advanced Settings > UI Agent Personalization > Helpdesk Options

enable_screen_captre

By default the Comments field is greyed out on the end point and needs to be enabled within the WEM Administration Console.

screen_capture_blank

To enable the Comments field you need to put the WEM variable “##UserScreenCaptureComment##” (without quotes) anywhere in the ‘Email Template’ field as below.

email_template

After putting in the variable, apply the settings in the WEM Administration Console and then refresh the WEM Agent on the end point. Now when selecting Capture Screen the Comments field is enabled for user input.

screen_capture_ready

You can use a combination of variables through the Custom Subject and Email Template as below, remembering that ##UserScreenCaptureComment## needs to be somewhere in the Email Template.

email_template_ready

User Comment:    ##UserScreenCaptureComment##
User Name:           ##UserName##
Display Name:      ##FullUserName##
XenApp Server:   ##ComputerName##
RDS Session ID:   ##RDSSessionID##
Client Name:       ##ClientName##

Refer here for possible variables to use: https://docs.citrix.com/en-us/workspace-environment-management/current-release/reference/dynamic-tokens.html

IGEL Profile Library


For a while I have been putting my common IGEL profiles into a GitHub repository, feel free to download them for your own use, contact me know if you want to upload any of your own to assist the !

https://github.com/carlbehrent/igelprofiles