Citrix Director: Configuring,Managing Alerts and Notifications

If you are a XenDesktop admin and trying to understand the usage of your XenDesktop deployment, you need to be alerted when the number of concurrent sessions crosses a threshold value. Before you even get to configuring alerts and notifications, you need to configure your notification subscription. With this, you can add an SMTP exchange server which can be later used to send emails from when there is an alert.

  1. You need to navigate to the Email Server Configuration page. On the dashboard click on the Alerts tab at the top and then in the Alerts page click on the Email Server Configuration sub-tab to get there.

    Director Configure

  2. The Email Server Configuration Page – in this page, you need to enter all of the mandatory values like-

  • Protocol: Choose which protocol your email server supports. Director supports multiple protocols to connect with your SMTP server. They include SMTP, SMTP-SSL and SMTP-TSL
  • Host: The host name or the IP address of the SMTP server
  • Port: The port with which you want to connect to with your SMTP server
  • Sender Email: The email address from which you want to send email from incase of an alert. It’s best advised to create a separate email address on the email server and name it as and use it to send your alert emails.
  • Does SMTP server require authentication: In case your SMTP server does not require authentication, you can set the value to NO and you would not need a username and password.
  • Username and Password: Credentials required to authenticate the SMTP server connection
  1. Before saving the settings it is advised to test it by sending out a test email. Click on the “Send Test Email” button and verify if you get a test email to the email address you provided in the Send Test Email wizard.

    send test message

  2. Send Test Email Wizard -In case you do not get an email, recheck the configuration parameters and use the “edit” button to modify any incorrect values.

Note: You cannot configure more than one SMTP server. If you want to remove an existing notification subscription, click on the Remove Settings button.

Configuring a policy

Navigate to the Create Policy Page. On the dashboard, click on the Alerts tab and then on the Create Policy sub tab. If you do not see this tab then you do not have sufficient privileges to create a new policy.

For example, you want to create a policy that has a condition that, if the number of “Peak Connected Sessions” goes above 10, a warning alert is generated and when the number of “Peak Connected Sessions” is above 15 a critical alert is generated. The instructions below state how to configure such a policy.

peak connected sessions

The main components of a policy are:

Name: The name of the policy that you want to create

Description: A brief description about the policy and its conditions. Limit your description to less than 50 words

Scope: The entity on which the policy will be applied on. For e.g.:- If my policy has a condition; “Alert me when the peak connected sessions hits 90 on all the machines in my delivery group xyz”, then here, the delivery group xyz is the scope.

In general, alert policies can be targeted at three different scopes:

  1. Site – Will apply to all the machines in the entire site and the alert threshold will be applied on the aggregate value of all the machines included.
  2. Delivery Group – Will apply to all the machines in the entire delivery group and the alert threshold will be applied on the aggregate value of all the machines included.
  3. Server OS – Will apply to all the machines in the delivery group but the alert threshold value will be applied to individual machines.

Notification Preference: Who should be notified with an email when there is an alert for this policy?

Conditions: A list of conditions that you can choose to create a policy. A policy can have multiple conditions or just one.

Condition Type Condition Checked
Peak Connected Sessions Detected when an instantaneous (one minute samples) number of peak connected sessions for the entire site of a particular delivery group exceeds a configured count threshold.
Peak Disconnect Sessions Detected when an instantaneous (one minute samples) number of peak disconnected sessions for the entire site of a particular delivery group exceeds a configured count threshold.
Peak Concurrent Sessions Detected when an instantaneous (one minute samples) number of peak concurrent (total) sessions for the entire site of a particular delivery group exceeds a configured count threshold.
Connection Failure Count Detected when the number of connections in a configurable time period fail across the entire site of a particular delivery group exceeds a configured count threshold.
Connection Failure Rate Detected when the ratio of connection failures to connection attempts in a configurable time period across the entire site of a particular delivery group exceeds a configured percentage threshold.
Failed Desktop OS Machines Detected when an instantaneous (one minute samples) number of desktop OS machines in a failure state for the entire site of a particular delivery group exceeds a configured count threshold.
Failed Server OS Machines Detected when an instantaneous (one minute samples) number of Server OS machines in a failure state for the entire site of a particular delivery group exceeds a configured count threshold.
Average Logon Duration Detected when the average session logon time in a configurable time period across the entire site or for a particular delivery group exceeds a configured duration threshold.
RDS Load Evaluator Index Detected when the configured threshold of load index value is sustained consistently for 5 minutes. For e.g. If we configure a threshold of 68 % then an alert will be triggered only when the threshold is above or = 68% for 5 minutes without a dip in between.

Go ahead and click on create policy and select a Site policy and give in the name, description, notification preference and the condition of your choice. The scope by default would be the name of the Site and hence it would be pre-selected for your ease.

Assign Delivery Group

Note: Alert polices are site specific! An alert policy cannot be applied across multiple XenDesktop sites

Note: While adding the notification preference you can choose the name of the user whom you want to send the email to and the email address would be automatically added. In case you want to add an email address of an user outside you domain simply type in the complete email address in the search box and click on the add button!

Note: You will not be able to add notification preference unless you have configured an Email SMTP server. When it comes to the conditions remember to follow these mandatory rules without which you will not be able to save your policy.

  1. The warning threshold should always be less than that of the critical threshold
  2. Both the warning and critical thresholds are mandatory
  3. Warning and critical thresholds cannot be zero or in negative.
  4. Certain conditions like “Peak Connected Session” do not accept fractions or decimal values
  5. The Alert re-notification and Alarm re-notification periods would be by default specified. In case you want to change them, go ahead.
  • Alert Re-notification – Duration after which the warning notification will be re-triggered
  • Alarm Re-notification – Duration after which the critical notification will be re-triggered6

Note: You can use the “Reset Value” link is to clear modifications done on an unsaved policy. Once it’s saved, it will reset to the last saved value and not default initial value. Hence, once the policy is saved, you can modify the threshold values but resetting brings it to the last saved value..

6. Once all of the mandatory rules are followed you will get a green tick next to your condition and if not you will get a red cross next to the conditions that are incorrect.

Note: In cases where there are multiple conditions in a policy, none of the conditions will be saved until all the errors are corrected.

Group Policy

Once you hit on save you have created your first policy.

Get Notified

Visualizing your alerts

If there is any issue you will be notified immediately on the Director web console and also receive an email.

The notification tip and slide bar

Once there is an alert, may it be warning or critical, an admin will be notified on the notification tip. The notification tip will be available on all the paged except on the user details page.

Data updated every minute - Director

The notification tip gives you the number of active alerts. In case you have configured SCOM along with proactive alerts and notifications, you get a sum of both the active alerts on the notification bar.

When you click on the notification tip you get the notification slide. The notification slide gives you the option of classifying your alerts based on the source i.e. Director or SCOM and also based on the severity i.e. Critical or Warning.

Alerts - Director

The notification slide bar will give you a list of all the active alerts including details like the time when it occurred and the rule and condition that triggered it.


If you subscribe to the notification preference of a condition that triggered an alert, then you would receive an email. The email is localized and you will get it in the language you prefer.

Citrix Director

Managing your policy

Once you are done creating policies you now need to know how to manage them. In case you need to modify a policy, navigate to the policy page, search for the name of the policy using the search box provided and click on the EDIT button.

When your XenDesktop site is in a maintenance period and you do not want any alerts, you can use the DISABLE button to disable the policy. This will prevent any new alerts from being created. Once you are done with the maintenance work, you can go ahead and ENABLE these policies.

If there are any old policies that you want to get rid of, choose the policy and click on the DELETE button.

Note: Deleting a policy will not delete the history of alerts that were triggered prior. You can still see them on the Alert Summary page

Directory Policy

When there is an alert, you get notified on the notification tip. You can click on the notification tip to get a slide bar that will have brief details of the alert. You can also group them into warnings and critical alert.

Director Dashboard Alerts

Managing alerts

If you want to know more about an alert, click on it and that would take you to the alert details page. The alert details page gives you a picture of the alert, its history and its present condition. You can edit the policy that created the alert from this page too.

Manage Director Alerts

If you do not want this alert to be shown as active, then you can go ahead and DISMISS it. Dismissing an alert is an irreversible action. Only when the condition becomes healthy and then breaches the warning or critical thresholds will you get an active alert. Till then you will not be notified.

Note: If you dismiss a critical alert, you will not receive warning alerts. But if you dismiss a warning alert, you will be notified when the condition breaches the critical threshold

If you want to view the history or the summary of all the alerts triggered, then you can use the alert summary page. The alert summary page lets you filter alerts based on the time period, the scope and the present condition of the alert. To navigate to the alert summary page, click on the Alert tab on the dashboard and then on the Citrix Alerts sub-tab.

Note: If a delivery group is deleted, you will still find it listed in the scope. This is to make sure history of alerts that were triggered with that particular delivery group as scope are not lost.

Citrix Alerts

In the alert summary page, you can DISMISS an alert, navigate to the details of the alert (alert details page) and also export the data.

You can search for history of alerts by using the filters provided.

Source: You get to choose the scope on which the rule was applied. In case of delivery group or server OS you get to search for the particular scope and apply your condition on it.

Director - All Alerts

Category: The category of policies for which you want to see the alerts

Director - All Alerts Menu

State: You get to choose between four different kinds of severity; Critical, Warning, Dismissed and Healthy. This will help you group your alerts, and action upon the required ones.

All Alerts - Director

Time Period: You can choose a time frame from last 2 hours, last 24 hours, last 7 days and even last month. When you select the end date as now, you will be shown the active alerts exactly till the moment you hit on apply.

Choose End Date

You can choose a custom end date and time too.

All Alerts Director

Now let us take a look at the grid shown in the alert summary page.

User-added image

Time: Time and date when the alert was first triggered

Action: Any action that has to be performed. e.g.: Dismiss

Status: The current status of the alert. Is it healthy, critical, and warning or is it dismissed. If the policy that triggered the alert is deleted, then the history of the alerts will still be available but will be shown in the dismissed state.

Alert Policy Name: The name of the alert policy that was given when the policy was created

Scope: Where was the policy applied on? Was it on a delivery group level, was it on the site level or was it on a server OS level?

Source: The drilled down source that actually triggered the alert.

Category: What king of policy was it? It reflects the template that you took while creating the alert rule.

Description: Gives you a brief of what was the exact condition that triggered the alert.

Note: Proactive Notification and Alerting are Platinum features. More information about features and editions can be found in the links below. Please see Additional Resources.


Citrix Files for Outlook “File You're Attaching is Bigger Than the Server Allows….Sending a Link Instead”

Using OLP, the user adds a large attachment to their email message (expecting it to automatically convert to a SF attachment) and receives the following error:

“The file you’re attaching is bigger than the server allows. Try putting the file in a shared location and sending a link instead.”

User-added image


Email not delivered in time or expired

I do not need a solution (just sharing information)


I have an on going problem recieving emails from a client, this has really been an issue for at least 6months

Sometime they dont get there at all or sometime 1 week later.

I’ve done a search for my clients MX record and they are using

Who can I contact for help, I tried sending an email with the ip address and bounce back details but the support email doesnt work anymore.

I can’t open a ticket because I’m not a symantec client.

Thanks in advance.



DLP Pop-Up (Endpoint Prevent) sends email even if cancelling or waiting out the timer

I do not need a solution (just sharing information)

Has anyone seen the situation where the DLP Pop-Up functionality is enabled, and even if “Cancel” or waiting out the timer, the follow-on email is distributed?  We have our system configured to pop-up, and if the individual selects one of the programmed radio buttons and then selects “allow”, that an email would be sent to their manager and cc them, which describes the alert situation encountered, date/time details, machine source, etc.  However, if the end user selects “Cancel”, or waits out the countdown timer, which then states the action has been blocked, the email still gets sent to their manager and cc’s them.  This is not ideal or even necessary, as the end user did not send the email.

Any thoughts on how to address this?  Thanks.



External emails are received by outside recipient domains as spam

I do not need a solution (just sharing information)


I have strange behviour it might be caused by misconfiguration of Symantec Messaging Gateway.

Whenever the users send emails to the outside (external) recipients, the receipients are reporting that all the emails coming from my organization email are treated as spam emails.

What could be the the issue with SMG? what are the configuration needed to be changed to solve the issue?



How to Change License Renewal Files Using the New License Portal to Work with License Server 11.3 or Older

a. Log on to My Account.

b. Renew your licenses as normal and wait to receive your order confirmation email.

Note: Do not use the link provided in the order confirmation email as it will not work on the older license server.

c. From My Account navigate to and select the All Licensing Tools.

d. Select Reallocate.

e. Choose the license(s) that you just renewed and select Continue.

f. Do not change any information on the “configure” step. Just select Continue (you are essentially reallocating this license to the same license server).

g. select Continue again on the “confirmation” step.

h. You will get a confirmation that your “Reallocation was successful”. Select OK to download the new license file.

i. Proceed as normal to save the license file and then install on your license server.

Note: This work around must be performed every time a license is renewed after November 6, 2011, as long as the License Server version is 11.3 or older.


Need Solution for Phishing Emails

I need a solution

Recently we had a phishing attack where attacker triggered each email from different email ID with different Subject. Here the common point is he sent .pdf in all emails and password for each file is again different. here is the details format

Sender address:

Subject: firstname.lastname : password (here firstname and lastname are reciepient’s)

Is there any way to block these type of emails in future?



Mailings from our servers and containing some text blocked

We are and we are experiencing a problem due to what seems to be a set of rules in Symantec Email Security. We’ll explain the situation here.

Our product is an online email platform like Mailchimp, targeted at sending out press release emails for mainly corporate clients. The goal is to reduce spam towards email recipients by maximizing relevance of the sent news releases. So the fact that our clients use our product for their press releases, should improve deliverability. Many of our clients use Symantec’s security software in their email clients.

The problem now, is that Symantec seems to block or blacklist emails sent from our email servers. The software even blocks emails that merely contain “” in both headers and email content. This is causing us major damage and is endangering us as a business. Obviously, also Symantec’s clients are suffering from this, as their press releases cannot be delivered because of this false positive in Symantec’s source code. We have been able to reproduce this by sending out emails with and without containing references to ‘’ from personal Gmail accounts.

All emails sent from our product, are sent from IP The IP is not blacklisted, as can be checked here:

Another possibility could be that our mail server is marked as a spamming threat, even though we are not blacklisted. Please help us out. Thank you very much.