Quick Post: ADC 13.0 Build 83.27 – Bug in RDP-Proxy

Quick Post: ADC 13.0 Build 83.27 – Bug in RDP-Proxy After upgrading a Citrix ADC environment where the RDP Proxy feature is used, we are facing the following error, when a user downloads the RDP connection file to initiate a remote connection. The System cannot find the file specified. This initial program cannot be started: DefaultAltShell During analyzing the issue and testing, Citrix Support confirmed there is a bug in…

Read More

Quick Post: How to use Citrix ADC shell commands in Citrix ADM jobs

Quick Post: How to use Citrix ADC shell commands in Citrix ADM jobs During the last weeks we had a lot of Citrix ADC upgrades and we were thinking about how to automate these to save time and money. As you all know Citrix ADM as build-in task for upgrading and such things. In the past I used those templates and it worked really well, as long as all requirements…

Read More

Public Tech Preview: Citrix Provisioning (PVS) on Microsoft Azure

Public Tech Preview: Citrix Provisioning (PVS) on Microsoft Azure Citrix Provisioning (PVS) , one of Citrix’ flagship product, now can run on Azure! Customers can easily setup and configure PVS infrastructure in the same way as on-premise and PVS Servers on Azure can stream VDAs from a single copy of a vDisk to all target VMs. One of the Top Features: These VDAs then can be exported to and power…

Read More

Citrix Gateway: Error „Relay State in Response does not match with rule in Action

CITRIX GATEWAY: ERROR „RELAY STATE IN RESPONSE DOES NOT MATCH WITH RULE IN ACTION With the latest Citrix ADC firmware a feature was implemented to validate the relay state of an incoming SAML request at Citrix ADC. In order to mitigate the potential risk from CVE 2020-8300, customers should implement this check after upgrading the firmware to 13.0-82.42 / 12.1-62.25, as recommended in https://support.citrix.com/article/CTX316577 This is working fine, as long…

Read More

Issue with Citrix VDA and 3Dconnexions Spacemouse Enterprise Display not working

ISSUE with Citrix VDA and 3Dconnexions Spacemouse Enterprise Display not working In a recent customer project we came in the situation, that newly bought 3Dconnexions Spacemouse Enterprise devices (https://3dconnexion.com/us/product/spacemouse-enterprise/) are not working correctly with Citrix Virtual Desktop Agent (VDA) and USB redirection on a Windows 10 virtual desktop. It seems the functionality of buttons and the rotation joystick is there and ok. But especially the LCD display is not working…

Read More

XenDesktop Upgrade: The SQL Server Express LocalDB version is lower than the minimum supported version

XenDesktop Upgrade: The SQL Server Express LocalDB version is lower than the minimum supported version During an upgrade last week, I was facing an (maybe for someone old 🙂 ) issue and noticed that it is still not really common, what to do and why this error occurs. So I want just to share my experience and my steps. Microsoft SQL Server Express LocalDB is a feature of SQL Server…

Read More

Citrix VDA 2006 + 2009: Citrix ICA could not configure Thinwire and switch to the remote ICA display

After an experimental upgrade on some VDAs in a customer’s environment experiencing issues when connecting to our Windows 10 virtual desktops. Desktop Viewer starts up, stuck for some seconds and closes without any error or event. We just see this window: After some minutes you just see the connection on the VM is closed due to the VDA timeout. Internal connections through Storefront are working fine all the time. So…

Read More

Citrix ADC 13.0-64-35 and Storefront “Cannot complete your request” (CVE-2020-8245, CVE-2020-8246 or CVE-2020-8247)

Starting with Citrix ADC feature release 13.0 build 64.35, some weak SSO types are dishonored globally. This affects Citrix XenDesktop Site and the Citrix Storefront authentication mechanism between Citrix Gateway and SF directly. These SSO types will be now disabled by default: Basic authentication Digest Access authentication NTLM without Negotiate NTLM2 Key or Negotiate Sign This means Single Sign-On (SSO) configuration in Citrix ADC and Citrix Gateway has to be…

Read More

Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update

On Sep 17, Citrix released CTX281474 article with three vulnerabilities which are fixed by new firmware releases on all supported version tracks. The following vulnerabilities are addressed here: CVE-2020-8245: An html injection attack against SSL VPN portal, CVE-2020-8246: A Denial-of-Service attack originating from the management network CVE-2020-8247: A escalation of privileges on the management interface. 8246 & 8287 are attacks on the management interfaces which should NOT be directly reachable from unauthorized…

Read More