Citrix Cloud Connector Troubleshooting Guide

The primary intent of this article is to provide troubleshooting steps for the most commonly seen issues with Citrix Cloud Connector installation and configuration. This guide contains various errors along with logs and steps to fix the issue.

Communication errors are the root cause for many problems involving Cloud Connectors. Run the Cloud Connector Connectivity Check Utility

tool before proceeding with the below troubleshooting steps.

1.Troubleshooting.

1.1.This version of the connector is no longer supported.

Screenshot User-added image
Note:- This error can come due to various possible causes, would suggest to check the Cloud Connector logs and refer below solutions accordingly.
Logs 1 Cloud Connector CWCConnector Logs:

—> (Inner Exception #0) System.Net.Http.HttpRequestException: An error occurred while sending the request. —> System.Net.WebException:The remote name could not be resolved: ‘agenthub.citrixworkspacesapi.net’
Possible Causes Note: The screenshot above is generic which may not be relative to just the cloud connector version however it could relate to other issues as well, such as

  • Check Internet Connectivity
  • Check DNS configuration
Solution
  • Ensure the server is connected to the Internet.
  • Ensure the DNS (agenthub.citrixworkspacesapi.net) is resolving correctly.
Logs 2 Cloud Connector CWCConnector Logs:

—> (Inner Exception #0) System.AggregateException: One or more errors occurred. —> System.Net.Http.HttpRequestException: An error occurred while sending the request. —> System.Net.WebException: Unable to connect to the remote server —> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 192.168.1.20:80
Possible Cause Note: The screenshot above is generic which may not be relative to just the cloud connector version however it could relate to other issues as well, such as

  • Incorrect Proxy Configured
  • Check for the type of user account used to enable the web proxy
Solution

Logs 3
Cloud Connector CWCConnector Logs:

—> (Inner Exception #0) System.Net.Http.HttpRequestException: An error occurred while sending the request. —> System.Net.WebException: Unable to connect to the remote server —> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 192.168.1.21:443
Possible Cause Note: The screenshot above is generic which may not be relative to just the cloud connector version however it could relate to other issues as well, such as

  • Incorrect entry under Hosts file.
Solution Ensure there is no incorrect IP address assigned to ‘agenthub.citrixworkspacesapi.net’ in the hosts file.

1.2.Microsoft .NET Framework required for Citrix Cloud Connector setup

Screenshot User-added image
Possible Cause Need .NET Framework version 4.5.1 or later.
Solution Click on Accept and Install to upgrade to recent version of .NET Framework.

1.3.A clean install of the new Citrix Cloud Connector is required.

Screenshot User-added image
Possible Cause There is an existing Cloud Connector setup already installed on the server.
Solution Uninstall the previous instance from Program & Features. Download the and install the connector as a clean setup.

1.4.IE Enhanced Security Configuration is blocking installation

Screenshot User-added image
Possible Cause IE Enhanced Security Configuration is enabled for Administrators and Users.
Solution Disable IE Enhanced Security Configuration (ESC) for Administrators and Users on the Windows machine under Server Manager.

Note: Once the installation has completed, enable this setting back for Administrators and Users.

1.5.Connection Failed when testing connection under XMS PKI entity.

Screenshot User-added image
Logs XenMobile Debug Logs :

2017-02-06T15:30:57.847+0000 | 200B97A4C77E1C34 | ERROR | http-nio-14443-exec-61 | com.sparus.nps.pki.connector.MsCertSrvConnector | TestConnection to pki url [ certnew.cer] failed with response Headers: {null=[HTTP/1.1 401 Unauthorized],


2017-02-06T15:30:57.847+0000 | 200B97A4C77E1C34 | ERROR | http-nio-14443-exec-61 | com.sparus.nps.pki.connector.MsCertSrvConnector | TestConnection to pki url [ certnew.cer] failed with response Headers: {null=[HTTP/1.1 401 Unauthorized], Server=[Microsoft-IIS/8.5, Microsoft-IIS/8.5], X-Cws-TransactionId=[dc1223fd-b80d-4ea1-84f7-227086cdd74e], Pragma=[no-cache], Date=[Mon, 06 Feb 2017 15:30:56 GMT], Arr-Disable-Session-Affinity=[True, True], Access-Control-Expose-Headers=[X-Cws-TransactionId], Cache-Control=[no-cache], X-AspNet-Version=[4.0.30319], Expires=[-1], Content-Length=[599], X-Powered-By=[ASP.NET, ASP.NET], Content-Type=[text/plain; charset=utf-8]}and Response Error: System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. —> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Possible Cause Connectivity issue between Cloud connector to CA server.
Solution
  • To test the connectivity, access https://CAServerName/certsrv link in the browser on the Cloud Connector server.
  • Install the same user certificate, which was created using user template under CA for XenMobile (Certificate Based Authentication).

1.6.Unable to search for groups when managing user assignments

Screenshot User-added image
Logs

Reason behind occurrence:

Searching Sumo Login for the Customer Name + ADAgent resulted in a large number of ERROR events. All errors were originating from a single cloud connector machine.

The detailed error information showed that the Domain Authentication for the machine was failing due to the username and/or password being incorrect.

XenMobile Debug Logs :

TimeStamp=2017-02-09T19:45:22.3686060Z EdgeServerId=62cc9d0f-14ef-4646-a41a-7e104ea5c6e7 MachineName=<connector machine FQDN> MachineIP=<connector machine IP address> ResourceZone=Default CustomerId=<Customer ID> EventId=4 Level=Error EventName=ErrorInfo ProcessId=3944 ThreadId=956 ProviderId=bdaa8c62-2974-5487-8c89-70057b1d9384 TransactionId=83a5c8c5-3002-421f-8292-4cc697a59da4 RoleName=AdAgent Message=Agent: ID: TryHandle Exception caught: Citrix.CloudServices.ActiveDirectory.DomainAuthenticationException:

The user name or password is incorrect.

—> System.DirectoryServices.DirectoryServicesCOMException: The user name or password is incorrect.

at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)

at System.DirectoryServices.DirectoryEntry.Bind()

at System.DirectoryServices.DirectoryEntry.get_NativeObject()

at Citrix.CloudServices.ActiveDirectory.ActiveDirectoryExtensions.ForceBind

(DirectoryEntry de)

— End of inner exception stack trace —

Possible Cause The problem was that one of the two connector machines had lost its trust relationship with Active Directory, causing the calls from the ADAgent to fail.
Solution Using an existing cloud connector machine:

  • Uninstall Cloud Connector from the machine experiencing the issue.
  • Remove the machine from the Domain
  • Restart the machine
  • Rejoin the machine to the Domain
  • Restart the machine
  • Install Cloud Connector

When bringing up a new cloud connector machine:

  • Make sure the machine is joined to the domain
  • Install Cloud Connector

1.7.Citrix Cloud Connector Connectivity check tool keep reporting that it is not able to connect to Messaging.

Possible Cause When SSL decryption is enabled on certain proxies (Ex: Barracuda, WebSense), the connector messaging service has trouble connecting to the platform.
Solution Ask the customer to temporarily disable the SSL decryption setting, and/or to create a rule to bypass the web traffic for

https://messaging-eastus-release<a/b>.citrixworkspacesapi.net/<CustomerName>/endpoints/connect

In addition, re-run the installer or standalone connectivity check tool to check if it can connect to messaging now.

Identity workspace is used for all communication between XenMobile Service and on premise cloud connector. Refer below link to further troubleshoot XenMobile Service. The specified link contains all the API’s used with the Identity workspace.

https://core.citrixworkspacesapi.net/Help

New Azure Active Directory Support for Citrix Cloud Administrators.

https://www.citrix.com/blogs/2017/01/09/new-azure-active-directory-support-for-citrix-cloud-administrators/

User-added image

Related:

  • No Related Posts

FAQ: Citrix Secure Mail APNS for IT Admins

This article provides answers to frequently asked questions on Citrix Secure Mail APNS for IT Admins.For more information on Push Notifications for Secure Mail, refer to Citrix Documentation – Rich Push Notifications for Secure Mail for iOS.

General Overview

Q1: Why does Secure Mail for iOS require APNS notifications?

A: In Avatar and previous releases, when Secure Mail application is in the background, it relies on background app refresh functionality of the iOS platform to “wake up” the application to:

  1. Update the badge
  2. Show notifications (if turned on)
  3. Sync emails

The frequency algorithm to wake up the application is more or less depending on the app usage (the more frequent the app is in use the more frequent it checks for new mail while in background mode). Therefore, at times the badge or the mails will not sync for hours.

For customers who want near real time of badge update and a higher frequency of mail syncing, it is recommended to use Secure Mail with Push Notifications.

Q2: Is APNS notification an optional feature in Beetlejuice for Secure Mail for iOS?

A: Yes, it is an optional feature in BeetleJuice. It is turned off by default. The Admin will have to enable the feature (as an app specific policy in AppC/ XMS server). If the customer is ok with background app refresh approach when Secure Mail is in background, then this feature does not need to be enabled.

Q3: How about push notifications for Secure Mail for Android?

A: Android OS allows 3rd party applications to maintain server connections both in foreground and background mode. Hence, Secure Mail for Android maintains a persistent ActiveSync connection to sync emails and sync is near real time.

Q4: Will APNS feature in Secure Mail for iOS work with both XM 9 and XM 10 servers?

A: Yes

Q5: What are the supported upgrade paths?

A: The following table provides supported upgrade paths.

User-added image

Key points (to elaborate on the above table)

  • APNs support requires a unique App ID (Apple iOS requirement). Therefore, this solution will be supported for Secure Mail wrapped with a Unique App ID. Secure Mail that is using a provisioning profile created with a wildcard App ID is not supported for APNs.
  • It is not possible to upgrade a wildcard App ID wrapped Secure Mail to a Unique App ID wrapped Secure Mail on the users device. A re-install is required. So, for older customers wanting to leverage this push service, you will need to create a Unique App ID in the Apple Developers portal, a new provisioning profile, a new wrapped version of Secure Mail then load this up to the server as a new app.

Q6: Will the APNs feature work with Office365?

A: Yes, O365 is supported in addition to Exchange 2007, 2010 and 2013.

Q7: Is the APNs feature available for Lotus Notes?

A: The Beetlejuice release (10.0.7) only supports Exchange. We will investigate on what web services are available for Lotus Notes. When the due diligence is completed, we will provide a status update.

Q8: Do I need to install any server components on-premise?

A: No. Citrix will host a “listener” service in the cloud. This service will send out push notifications to your user’s Secure Mail application. Note that no personally identifiable information (PII) is stored or flows through this cloud service.

Q9: Why did you go with a cloud first approach for listener service?

A: Key reasons are:

  • Zero on-premise server footprint to support APNS notifications
    • No hardware/ software/ monitoring/ server scaling work effort for IT administrators
  • No change to mail data flow
    • Mail data traffic continues to flow between Device and Exchange Server
  • No sensitive data sent to listener service by Exchange server
    • APNS notification sends only the badge count to Secure Mail application.

Q10: Why does the feature require a listener service? The Native Mail client does not need a listener service.

A: The native mail client on iOS maintains a persistent ActiveSync connection with the exchange server. Apple allows this only for the native mail client. 3rd party mail clients have to leverage APNs to send remote notifications.

In order to support APNs, a server component is required. The server component receives a trigger from the exchange server and then send an APNs notification to Secure Mail application.

Q11: Where is the listener service hosted?

A: The listener service is hosted on Amazon Web Services (AWS). It is configured as an HA/DR service. The listener service will be available in three regions – Americas, EMEA, APAC. The IT admin will have to select the region that is closest to the Exchange Server.

Q12: What is the Citrix hosted listener service URL?

The listener service URLs and IP addresses are based on region:

– Americas:

– EMEA:

– APAC:

Configuration and Setup

Q1: What does the customer IT admin need to do to enable APNs push notifications for WM?

A: The document by the Mobility Experts team provides step-by-step instructions and screenshots to set up APNs notifications, Citrix Blog – Mobility Experts: A Step-by-Step Guide to Configuring Secure Mail APNS

Q2: Can I use the MDM server APNs certificate for my Secure Mail App ID?

A: No. The MDM server APNs certificate is required to enable XDM/ XMS manage iOS devices. The Secure Mail APNs certificate is required to support APNs push notifications for the Secure Mail application.

Q3: How do I generate the APNs certificate for Secure Mail?

A: The APNs certificate for Secure Mail application is generated by IT admin using the Apple developer portal. This is the same portal used to register the app with Apple (with a specific app ID). When the APNs certificate is generated, the IT admin can upload that using the Xenmobiletools portal. For more information, refer to the step-by-step instructions from Apple on generating and exporting APNs certificates – Configuring Push Notifications.

Q4: How do I renew the APNs certificate for Secure Mail when it expires?

A: A new APNs certificate should first be generated via the Apple developer portal and exported. You then go to xenmobiletools.citrix.com and update the certificate that has been previously uploaded for Secure Mail. This is done by selecting the ‘Update’ action for the Secure Mail app ID in the uploaded certificates list.

Q5: The Exchange server is behind a firewall. Do I need to allow outbound connection to the Citrix hosted listener service?

A: Yes. Ensure outbound SSL connections are not blocked by the Firewall to the Citrix hosted service for your region:

– Americas:

– EMEA:

– APAC:

Q6: How do I configure Exchange to reach the listener service when there is a proxy server?

A: If you have a proxy server, you should allow Exchange to bypass the proxy and route traffic directly to the listener service:

  • On Exchange for EWS, make the following update to the XML in the web.config file in the ClientAccessexchwebews folder:

     <configuration> <system.net> <defaultProxy> <proxy usesystemdefault="false" proxyaddress="http://proxy.ournetwork:8080" bypassonlocal="true” /> </defaultProxy> </system.net></configuration> 
  • For the Proxy: configure the bypass list to allow Exchange to make the connection to the listener service. Depending on the proxy you are using, you can filter this to the specific FQDN for the listener service. Refer to the section under Push notifications: https://msdn.microsoft.com/en-us/library/office/aa579128(v=exchg.140).aspx.

Q7: What are the configurations required when EWS and ActiveSync servers are different?

A: For Secure Mail to be able to connect to the EWS server, the following configuration is required:

  1. Update the hidden policy for the EWS server FQDN in the Secure Mail policy XML file:

    <key>PushNotificationsEWSHostName</key>

    <string></string>

  2. If using STA for Secure Mail, then you need to add the EWS FQDN to the background services policy just like the ActiveSync server FQDN.

    Note: EWS usage from the Secure Mail application is only during subscription of EWS push notifications. Mail data traffic will continue to flow via ActiveSync.

Q8: Can ActiveSync and EWS use different authentication methods?

A: No, Secure Mail requires that both Activesync and EWS use the same authentication method for SSO. If you want to enable EWS certificate based authentication only for Secure Mail clients so that other EWS mail clients are not impacted, the following configurations can be selected from:

  1. Using NetScaler KCD: Using the NetScaler AAA and KCD, the certificate can be used to authenticate at the NetScaler and then this is delegated to the Exchange CAS for authentication. See this post for more details on configuring Secure Mail and KCD with NetScaler AAA – How to: Single Sign on to XenMobile Secure Mail.
  2. New IIS Site on Exchange server with EWS Virtual Directory: Microsoft supports configuring a new EWS directory and ActiveSync directory in a separate IIS site on the Exchange server. This way, authentication methods can be set differently for EWS. Microsoft documentation for a new virtual directory in Exchange
  • As part of the site-creation process, you must bind an IP address to the site; each site should have a unique IP address.
  • After you assign an IP address, create a DNS record that allows users to access the new website using a new domain name.
  • Secure Mail can be configured to connect to this separate site while leaving all other clients to connect to the default site by specifying the FQDN of the new site in the Secure Mail Exchange server policy. This way the Autodiscovery used by other clients will not be impacted by the new configuration and will still connect to the default site.

Q9: What are the configuration changes required when Split Tunneling is set to Off and STA is enabled?

A: NetScaler Gateway must allow traffic from Secure Mail to the Citrix registration service URLs so that the initial registration of the Secure Mail client to the NetScaler does not fail.

Americas:

  • https://us-east-1.pushreg.xm.citrix.com
  • 52.7.65.6 & 52.7.147.0
EMEA:

  • https://eu-west-1.pushreg.xm.citrix.com
  • 54.154.200.233 & 54.154.204.192
APAC:

  • https://ap-southeast-1.pushreg.xm.citrix.com
  • 52.74.236.173 & 52.74.25.245

Q10: What do I set the Upload Read Ahead Size to?

A: If the Exchange Server is configured for client certificate authentication, the uploadReadAheadSize parameter needs to be changed in IIS for both the EWS site and the ActiveSync site:

Q11: How can I verify that the Outbound connections are working and APNs is setup?

  • The outbound connection from Exchange to the listener service can be verified either via the Exchange event logs which will log events when a subscription request or notification for a subscription is invalid/fails. You can also run Wireshark traces on the Exchange server to track outbound traffic to the listener service.
  • There are two easy checks that can be carried out to know whether APNs is working or the app is still using local badging:
    • First, validate that the badge unread count is equal to what you see for your Outlook client on your laptop/desktop.
    • As a second check, send the app to the background for more than 5 minutes and then check if the badge is still updating.

Q12: I do not see the Secure Mail updated APNs policies to configure the settings.

A: This is available in the Beetlejuice wrapper. Ensure that with the Beetlejuice upgrade, you are also using the latest version of the MDX toolkit.

Q13: Can I change the APNs policy from OFF to ON or ON to OFF?

A: This can be changed by the Admin from ‘OFF’ to ‘ON’. The next time Secure Mail checks in with the server to get the latest policies, the badge will begin to update. The scenario of going from ‘ON’ to ‘OFF’ is not supported. If turned OFF, the badge will continue to update.

Q14: Where do I upload the APNs certificate?

A: The listener service will require your Secure Mail’s APNs certificate to push notifications to your end users. The APNs certificate is uploaded via https://xenmobiletools.citrix.com. You will need your citrite id to get access to the portal. Ensure to select the 2nd option on the screen: “Upload Secure Mail APNs certificates”.

Q15: Can I upload the same certificate and app ID for multiple regions?

A: Yes, the same certificate and app ID can be uploaded for multiple regions. However, you can only have one entry per region. To upload for multiple regions, each region will need to be registered under a different citrite ID.

Information/Data Flow

Q1: After the admin enables APNs push, what is the end to end flow?

A: The end -to -end flow is as follows:

Set-up
  1. User launches APNs enabled Secure Mail application on their device.
  2. User is prompted by the iOS platform to allow Notifications. User clicks on “Allow”.
  3. The iOS platform obtains the device token from the Apple Push Notification service (on behalf of the Secure Mail application).
  4. Secure Mail registers with the Citrix hosted listener service.
  5. Secure Mail makes an EWS call to subscribe to EWS push notifications for the inbox folder. Upon success, the Exchange server sends the subscription id to Secure Mail.
  6. Secure Mail updates the Citrix hosted listener service with the subscription id.
Execution
  1. When there is mailbox activity, the Exchange server will send an EWS push notification to the listener service.
  2. Listener service will send out an APNs push notification via Apple APNs to Secure Mail. The APNs push notification will have the total unread count of the inbox.
  3. WM will connect to Exchange server via active sync and sync e-mails as well as trigger mail notifications if enabled by the user in Secure Mail settings.

Q2: Does anything need to be configured on the Exchange Server to make it aware of the Listener service?

  • EWS Push Notification APIs will be used by Secure Mail to communicate with the Exchange Server.
  • For most customers, EWS will be enabled on the Exchange server since Outlook for Mac uses EWS. Ensure with your Exchange Admin that EWS is not blocked or allowed for only specific user agents.
  • At FTU, after upgrade, or when the policy change to turn on APNs is received by the client, the client makes a push subscription request to Exchange. The URL of the listener service will also be communicated as part of this request to Exchange. This is how the Exchange server knows which Listener service to communicate with to trigger push notifications to the device.
  • Refer to the tech note on EWS Push notifications for complete details of the subscription request from the client.

Q3: What server role on Exchange carries out the communication with the listener service?

A: CAS – Client Access Server

Q4: What kind of information does the Listener service know about a Mailbox?

A: No Personally Identifiable Information (PII) is available to the Listener Service. The Listener service will store the following information:

  1. Device Token ID: Assigned to the device during initial registration with the listener service
  2. EWS subscription ID: assigned by Exchange to the client upon EWS Push subscription request
  3. EWS folder ID of inbox.
  4. Active Sync ID hashed with SHA-256
  5. Email address hashed with SHA-256
  6. iOS version
  7. APNs specific information: notification id, etc
  8. No mail data will flow through the listener service.

Q5: How will the actual mail data traffic flow?

A: This will continue to flow between the device and the exchange server via ActiveSync (no change in the behavior).

Q6: What happens if the EWS connection from Exchange to the Listener service fails?

  • The connection will be retried for up to 15 minutes based on the algorithm described in this StatusFrequency.
  • If within 15 minutes, there is still no success, Exchange will terminate the subscription request for the client.
  • When Secure Mail is brought into the foreground, it will check its registration status with the listener service every 5 minutes.
  • If it has been 30 minutes since the listener service last received an update from Exchange, the client will send a new subscription request to Exchange since Exchange would have terminated the subscription after retrying for 15 minutes.

Q7: Why are we using ‘Push’ instead of ‘Streaming’ notifications? Microsoft seems to recommend the latter.

A: The only reason Microsoft recommends streaming over push is because of the reduction in overhead of an additional listener service that needs to be written and maintained. Since Citrix is hosting the listener service, a push solution is just as viable and effective.

In addition, to use the streaming approach, the server would have to subscribe itself to Exchange for the updates and would require the credentials of the user. For a cloud based offering, this cannot be done. This would be the approach for an On-prem solution.

Q8: What info will help Citrix support if I need assistance troubleshooting my APNs setup?

  • Secure Mail logs – set this to Debug level 10 or 15 (preferred)
  • Your APNs tenant ID
  • Screenshots of the badge count and AppController policy settings

Additional Resources

CTX200971 – How to Prepare Secure Mail for APNs XenMobile App

CTX201025 – FAQ: Badge Behavior and Notifications Behavior for End Users

Citrix Blog – Mobility Experts: A Step-by-Step Guide to Configuring Secure Mail APNS

XenMobile How Do I

Related:

Multi-forest consideration for published resources in Citrix Cloud

Users and resources in separate forests (with trust) with a single set of Cloud Connectors

In this scenario, one forest (forest1.local) contains your resource domain and one forest (forest2.local) contains your user domain. A trust exists between these forests that allows users to log on to resources. One set of Cloud Connectors is deployed in a single resource location and joined to the forest1.local domain.

• Trust relationship: Forest trust

• Domains listed in Identity and Access Management: forest1.local

• User logons to Citrix Workspace: Supported for forest1.local users only

• User logons to an on-premises StoreFront: Supported for all users Note: The trust relationship between the two forests needs to permit the user in the user forest to be able to log on to machines in the resource forest.

Because Cloud Connectors can’t traverse forest-level trusts, the forest2.local domain is not displayed on the Identity and Access Management page in the Citrix Cloud console.

This carries the following limitations:

• Resources can only be published to users and groups located in forest1.local in Citrix Cloud. However, forest2.local users may be nested into forest1.local security groups to mitigate this issue.

• Citrix Workspace cannot authenticate users from the forest2.local domain. To work around these limitations, deploy the Cloud Connectors as described in Users and resources in separate forests (with trust) with a set of Cloud Connectors in each forest.


Users and resources in separate forests (with trust) with a set of Cloud Connectors in each forest

In this scenario, one forest (forest1.local) contains your resource domain and one forest (forest2.local) contains your user domain. A trust exists between these forests that allows users to log on to re sources. One set of Cloud Connectors is deployed within the forest1.local domain and a second set is deployed within the forest2.local domain.

• Trust relationship: Forest trust

• Domains listed in Identity and Access Management: forest1.local, forest2.local

• User logons to Citrix Workspace: Supported for all users

• User logons to an on-premises StoreFront: Supported for all users

Related:

  • No Related Posts

Server 2019: File Explorer “Explorer.exe” Not Refreshing data when Published as an App

Create this Registry Key:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionApp PathsEXPLORER.EXE

DWORD: DontUseDesktopChangeRouter

Value: 1

https://docs.microsoft.com/en-us/windows/win32/shell/app-registration

DontUseDesktopChangeRouter Is mandatory for debugger applications to avoid file dialog deadlocks when debugging the Windows Explorer process. Setting the DontUseDesktopChangeRouter entry produces a slightly less efficient handling of the change notifications, however. The entry is of theREG_DWORDtype and the value is 0x1.

If this registry key does not help resolving the issue, try creating that one:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlCitrixwfshellTWI

Create a new DWORD called SeamlessFlags

Set the value to 2000 (Hexadecimal)

Related:

  • No Related Posts

Server 2019: File Explorer “Explorer.exe” Not Refreshing data when Published as an App

Create this Registry Key:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionApp PathsEXPLORER.EXE

DWORD: DontUseDesktopChangeRouter

Value: 1

https://docs.microsoft.com/en-us/windows/win32/shell/app-registration

DontUseDesktopChangeRouter Is mandatory for debugger applications to avoid file dialog deadlocks when debugging the Windows Explorer process. Setting the DontUseDesktopChangeRouter entry produces a slightly less efficient handling of the change notifications, however. The entry is of theREG_DWORDtype and the value is 0x1.

If this registry key does not help resolving the issue, try creating that one:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlCitrixwfshellTWI

Create a new DWORD called SeamlessFlags

Set the value to 2000 (Hexadecimal)

Related:

  • No Related Posts

Server 2019: File Explorer “Explorer.exe” Not Refreshing data when Published as an App

Create this Registry Key:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionApp PathsEXPLORER.EXE

DWORD: DontUseDesktopChangeRouter

Value: 1

https://docs.microsoft.com/en-us/windows/win32/shell/app-registration

DontUseDesktopChangeRouter Is mandatory for debugger applications to avoid file dialog deadlocks when debugging the Windows Explorer process. Setting the DontUseDesktopChangeRouter entry produces a slightly less efficient handling of the change notifications, however. The entry is of theREG_DWORDtype and the value is 0x1.

If this registry key does not help resolving the issue, try creating that one:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlCitrixwfshellTWI

Create a new DWORD called SeamlessFlags

Set the value to 2000 (Hexadecimal)

Related:

  • No Related Posts