Error: “A Device Attached to the System is Not Functioning” While Reconnecting To Previous Session

Solution 1

KB2661332

Csrss.exe has a deadlock with Microsoft Excel or Microsoft Visio

https://support.microsoft.com/zh-cn/help/2661332/you-cannot-reestablish-a-remote-desktop-services-session-to-a-windows-server-2008-r2-based-server

Solution 2

KB2383928

The issue occurs because of a problem in the Win32k.sys driver.

If a remote desktop session exits before the session is completely initialized, the state change notification of the session is not sent to the third-party driver. In this situation, the driver can leak resources, such as a system thread, in the context of Csrss.exe because the third-party driver cannot unload. The leaked thread causes the remote desktop session not to exit completely. After the computer is running in this status for some time, the Local Session Manager (Lsm.exe) blocks new incoming connections. Additionally, these orphaned sessions also cause the shutdown process to stop responding. Therefore, you experience the issue that is described in the “Symptoms” section.

https://support.microsoft.com/zh-cn/help/2383928/remote-desktop-sessions-do-not-completely-exit,-and-you-cannot-establish-new-remote-desktop-sessions-to-a-computer-that-is-running-windows-server-2008-r2

Solution 3

https://support.microsoft.com/en-us/help/933664/error-message-when-you-try-to-connect-to-a-shared-resource-from-a-windows-vista-based-client-computer-a-device-attached-to-the-system-is-not-functioning

Solution 4

Configure session idle and disconnect policy in studio or MS policy for the VDI. That is logoff the session after disconnect for sometime

Related:

  • No Related Posts

Application disappears at “Please wait for the local session manager” stage. Session shows in Studio as in a pre-logon state

Set the following policies via group polcy and apply them to the VDA


Location: Administrative templateswindows componentsremote desktop servicesremote desktop connection client

Policy name: prompt for credentials on the client computer

Setting: disabled.

Location: Administrative templateswindows componentsremote desktop servicesremote desktop session hostsecurity

Policy name: always prompt for password upon connections-

Setting: disabled.

Related:

  • No Related Posts

Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability

A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment optimization.

This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacker to execute arbitrary code with the privileges of a targeted user.

Note: This vulnerability can be exploited only when Cisco Webex Meetings Desktop App is in a virtual desktop environment on a hosted virtual desktop (HVD) and is configured to use the Cisco Webex Meetings virtual desktop plug-in for thin clients.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-vdi-qQrpBwuJ

Security Impact Rating: High

CVE: CVE-2020-3588

Related:

  • No Related Posts

Error “Cannot start desktop” when you try to launch a published desktop

When you try to launch a published desktop, you may get the error message “Cannot start desktop” as shown in the screenshot below.

User-added image
Additionally, following events are recorded on the Delivery Controller and the StoreFront server:

Log Name: Application

Source: Citrix Broker Service

Event ID: 1101

Level: Warning

Description:

The Citrix Broker Service failed to broker a connection for user ‘CONTOSOadmin2’ to resource ‘Windows 7’. The Citrix Broker Service cannot find any available virtual machines.

Please add more virtual machines to the site. If the problem is due to existing virtual machines not becoming available, see Citrix Knowledge Base article CTX126992.

Log Name: Citrix Delivery Services

Source: Citrix Store Service

Event ID: 28

Level: Warning

Description:

Failed to launch the resource ‘Controller.Windows 7 $A17-5-CB719372-0001’ using the Citrix XML Service at address ‘http://MT-XenApp1/scripts/wpnbr.dll’. The XML service returned error: ‘no-available-workstation’.

Log Name: Citrix Delivery Services

Source: Citrix Store Service

Event ID: 0

Level: Error

Description:

No available resource found for user contosoadmin2 when accessing desktop group Windows 7. This message was reported from the Citrix XML Service at address http://MT-XenApp1/scripts/wpnbr.dll [NFuseProtocol.TRequestAddress].

Related:

Citrix Virtual Desktops Licensing – Increment Lines Explained

Note: The Citrix License Administration Console has reached end of life and end of support in Citrix Licensing 11.16.3. Use the Citrix Licensing Manager

This article contains information about the increment line in Citrix Virtual Desktops Licensing. XenDesktop has been rebranded as Citrix Virtual Desktops

Background

Because of different technical requirements for Citrix Virtual Desktops deployments, Citrix Virtual Desktops licenses appear twice on your License Administration Console based on these two increment lines in the license file:

INCREMENT XDS_ENT_CCS

INCREMENT XDT_ENT_CCS

INCREMENT XDS_ENT_UD

INCREMENT XDT_ENT_UD

Where,

CCS – Concurrent System

UD – User/Device System

To allow Citrix Virtual Desktops licenses’ to work with all Citrix Virtual Desktops deployments, the license is configured with two different increment lines:

  • INCREMENT XDS

    The first increment line (XDS) is compatible with XenDesktop 3, 4 and 5 however; not with XenDesktop 5 Service Pack 1 and XenDesktop 5.5.
  • INCREMENT XDT

    The second increment line (XDT) is only compatible with XenDesktop 5 Service Pack 1 and XenDesktop 5.5.

Note: Per the End User License Agreement (EULA), only the amount of users purchased and the type of license purchased can be used, that is, if 10 User/Device licenses were purchased, the selection of User/Device licenses must be selected when configuring the product on initial setup and although the two separate line items display in the License Administration Console, only 10 users will be consumed.

Related:

Need the Right to Sign in through RDS

When users are logging into published desktops, they are getting the following message:

“To sign in remotely, you need the right to sign in through Remote Desktop Services. By default members of the Administrators group have this right. If the group you’re in does not have the right, or if the right has been removed from the Administrators group, you need to be granted the right manually.”

Related:

How to Configure “TreatAsApp” in XenDesktop 7.8 and 7.15

Because of the change in architecture, in Xendesktop delivery groups we have to make changes in the Desktop tab and in 7.6 we need to make changes in User Settings.

If Keywords:TreatAsApp is not used:

Then also we can achieve same thing using command line

=================================================

use commandline on the StoreFront ​

1. asnp Citrix*

2. & “C:Program FilesCitrixReceiver StoreFrontScriptsImportModules.ps1”

3. Set-EnhancedEnumerationOptions -siteId 1 -storeVirtualPath /Citrix/Store -treatDesktopsAsApps $true

Explanation

1. Creation of Delivery Group:

created a delivery group here:


User-added image

Edited Desktop:

User-added image

User-added image

Browsed Site:

User-added image
If we set “TreatAsApp” in keyword, it will get our desktop in Apps tab. However to removed “Desktop” field we need to make changes in storefront:

Now, to set from Storefront 3.5

User-added image

User-added image

User-added image

In StoreFront 3.5 this is added in GUI, however earlier we used to do same by editing the config file:

This is configurable via web.config under the Receiver for Web site, normallyC:inetpubwwwrootCitrixStoreWeb. Open this file in your favorite text editor and locate the following segment:

<uiViews showDesktopsView=”true” showAppsView=”true”

defaultView=”desktops” />

Change the value of defaultView to be apps:

<uiViews showDesktopsView=”true” showAppsView=”true”

defaultView=”apps” />


Difference between XD 7.8 and XD 7.6:

XenDesktop 7.8:

User-added image
User Settings: is only for Administrator:

User-added image

XenDesktop 7.6:

In Server OS delivery Group:

User-added image
In Desktop OS delivery group:

User-added image

So because of this change in architecture, in XenDesktop delivery groups we have to make changes in the Desktop tab in 7.8 and in 7.6 we need to make changes in User Settings.


If Keyword:TreatAsApp is not used: Then also we can achieve same thing

==========================================================

use commandline on the storefront

1. asnp Citrix*

2. & “C:Program FilesCitrixReceiver StoreFrontScriptsImportModules.ps1”

3. Set-EnhancedEnumerationOptions -siteId 1 -storeVirtualPath /Citrix/Store

-treatDesktopsAsApps $true

Related: