This article is intended for Citrix administrators and technical teams only.
Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information.
Not able to give users pre-configured device.
Tag: Desktop virtualization
Error: “A Device Attached to the System is Not Functioning” While Reconnecting To Previous Session
Solution 1
KB2661332
Csrss.exe has a deadlock with Microsoft Excel or Microsoft Visio
https://support.microsoft.com/zh-cn/help/2661332/you-cannot-reestablish-a-remote-desktop-services-session-to-a-windows-server-2008-r2-based-server
Solution 2
KB2383928
The issue occurs because of a problem in the Win32k.sys driver.
If a remote desktop session exits before the session is completely initialized, the state change notification of the session is not sent to the third-party driver. In this situation, the driver can leak resources, such as a system thread, in the context of Csrss.exe because the third-party driver cannot unload. The leaked thread causes the remote desktop session not to exit completely. After the computer is running in this status for some time, the Local Session Manager (Lsm.exe) blocks new incoming connections. Additionally, these orphaned sessions also cause the shutdown process to stop responding. Therefore, you experience the issue that is described in the “Symptoms” section.
Solution 3
Solution 4
Configure session idle and disconnect policy in studio or MS policy for the VDI. That is logoff the session after disconnect for sometime
Related:
Application disappears at “Please wait for the local session manager” stage. Session shows in Studio as in a pre-logon state
Set the following policies via group polcy and apply them to the VDA
Location: Administrative templateswindows componentsremote desktop servicesremote desktop connection client
Policy name: prompt for credentials on the client computer
Setting: disabled.
Location: Administrative templateswindows componentsremote desktop servicesremote desktop session hostsecurity
Policy name: always prompt for password upon connections-
Setting: disabled.
Related:
Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability
A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment optimization.
This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacker to execute arbitrary code with the privileges of a targeted user.
Note: This vulnerability can be exploited only when Cisco Webex Meetings Desktop App is in a virtual desktop environment on a hosted virtual desktop (HVD) and is configured to use the Cisco Webex Meetings virtual desktop plug-in for thin clients.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-vdi-qQrpBwuJ
Security Impact Rating: High
CVE: CVE-2020-3588
Related:
Error “Cannot start desktop” when you try to launch a published desktop
When you try to launch a published desktop, you may get the error message “Cannot start desktop” as shown in the screenshot below.
Additionally, following events are recorded on the Delivery Controller and the StoreFront server:
Log Name: Application
Source: Citrix Broker Service
Event ID: 1101
Level: Warning
Description:
The Citrix Broker Service failed to broker a connection for user ‘CONTOSOadmin2’ to resource ‘Windows 7’. The Citrix Broker Service cannot find any available virtual machines.
Please add more virtual machines to the site. If the problem is due to existing virtual machines not becoming available, see Citrix Knowledge Base article CTX126992.
Log Name: Citrix Delivery Services
Source: Citrix Store Service
Event ID: 28
Level: Warning
Description:
Failed to launch the resource ‘Controller.Windows 7 $A17-5-CB719372-0001’ using the Citrix XML Service at address ‘http://MT-XenApp1/scripts/wpnbr.dll’. The XML service returned error: ‘no-available-workstation’.
Log Name: Citrix Delivery Services
Source: Citrix Store Service
Event ID: 0
Level: Error
Description:
No available resource found for user contosoadmin2 when accessing desktop group Windows 7. This message was reported from the Citrix XML Service at address http://MT-XenApp1/scripts/wpnbr.dll [NFuseProtocol.TRequestAddress].
Related:
Citrix Virtual Desktops Licensing – Increment Lines Explained
Note: The Citrix License Administration Console has reached end of life and end of support in Citrix Licensing 11.16.3. Use the Citrix Licensing Manager
This article contains information about the increment line in Citrix Virtual Desktops Licensing. XenDesktop has been rebranded as Citrix Virtual Desktops
Background
Because of different technical requirements for Citrix Virtual Desktops deployments, Citrix Virtual Desktops licenses appear twice on your License Administration Console based on these two increment lines in the license file:
INCREMENT XDS_ENT_CCS
INCREMENT XDT_ENT_CCS
INCREMENT XDS_ENT_UD
INCREMENT XDT_ENT_UD
Where,
CCS – Concurrent System
UD – User/Device System
To allow Citrix Virtual Desktops licenses’ to work with all Citrix Virtual Desktops deployments, the license is configured with two different increment lines:
- INCREMENT XDS
The first increment line (XDS) is compatible with XenDesktop 3, 4 and 5 however; not with XenDesktop 5 Service Pack 1 and XenDesktop 5.5. - INCREMENT XDT
The second increment line (XDT) is only compatible with XenDesktop 5 Service Pack 1 and XenDesktop 5.5.
Note: Per the End User License Agreement (EULA), only the amount of users purchased and the type of license purchased can be used, that is, if 10 User/Device licenses were purchased, the selection of User/Device licenses must be selected when configuring the product on initial setup and although the two separate line items display in the License Administration Console, only 10 users will be consumed.
Related:
Need the Right to Sign in through RDS
When users are logging into published desktops, they are getting the following message:
“To sign in remotely, you need the right to sign in through Remote Desktop Services. By default members of the Administrators group have this right. If the group you’re in does not have the right, or if the right has been removed from the Administrators group, you need to be granted the right manually.”
Related:
For Desktoplock client, VDI gets disconnected once launching XenApp app in current ICA session
For Desktoplock client, even with Workspace Control Reconnect disabled, VDI still gets disconnected once launching XenApp app in current ICA session.
Related:
PVS Machine not Shutdown During OffPeak Hours, Power Management Policy is Not Applied
For both random and static desktop, power management policy only apply when there is no session on the desktop.
For static desktop, machine will shutdown at non-peak hours and start at peak hours (if no session run on the machine), regardless of the Buffer Size Percent.
Related:
How to Configure “TreatAsApp” in XenDesktop 7.8 and 7.15
Because of the change in architecture, in Xendesktop delivery groups we have to make changes in the Desktop tab and in 7.6 we need to make changes in User Settings.
If Keywords:TreatAsApp is not used:
Then also we can achieve same thing using command line
=================================================
use commandline on the StoreFront
1. asnp Citrix*
2. & “C:Program FilesCitrixReceiver StoreFrontScriptsImportModules.ps1”
3. Set-EnhancedEnumerationOptions -siteId 1 -storeVirtualPath /Citrix/Store -treatDesktopsAsApps $true
Explanation
1. Creation of Delivery Group:
created a delivery group here:
Edited Desktop:
Browsed Site:
If we set “TreatAsApp” in keyword, it will get our desktop in Apps tab. However to removed “Desktop” field we need to make changes in storefront:
Now, to set from Storefront 3.5
In StoreFront 3.5 this is added in GUI, however earlier we used to do same by editing the config file:
This is configurable via web.config under the Receiver for Web site, normallyC:inetpubwwwrootCitrixStoreWeb. Open this file in your favorite text editor and locate the following segment:
<uiViews showDesktopsView=”true” showAppsView=”true”
defaultView=”desktops” />
Change the value of defaultView to be apps:
<uiViews showDesktopsView=”true” showAppsView=”true”
defaultView=”apps” />
Difference between XD 7.8 and XD 7.6:
XenDesktop 7.8:
User Settings: is only for Administrator:
XenDesktop 7.6:
In Server OS delivery Group:
In Desktop OS delivery group:
So because of this change in architecture, in XenDesktop delivery groups we have to make changes in the Desktop tab in 7.8 and in 7.6 we need to make changes in User Settings.
If Keyword:TreatAsApp is not used: Then also we can achieve same thing
==========================================================
use commandline on the storefront
1. asnp Citrix*
2. & “C:Program FilesCitrixReceiver StoreFrontScriptsImportModules.ps1”
3. Set-EnhancedEnumerationOptions -siteId 1 -storeVirtualPath /Citrix/Store
-treatDesktopsAsApps $true