ISSUE with Citrix VDA and 3Dconnexions Spacemouse Enterprise Display not working In a recent customer project we came in the situation, that newly bought 3Dconnexions Spacemouse Enterprise devices (https://3dconnexion.com/us/product/spacemouse-enterprise/) are not working correctly with Citrix Virtual Desktop Agent (VDA) and USB redirection on a Windows 10 virtual desktop. It seems the functionality of buttons and the rotation joystick is there and ok. But especially the LCD display is not working…
Read MoreXenDesktop Upgrade: The SQL Server Express LocalDB version is lower than the minimum supported version
XenDesktop Upgrade: The SQL Server Express LocalDB version is lower than the minimum supported version During an upgrade last week, I was facing an (maybe for someone old 🙂 ) issue and noticed that it is still not really common, what to do and why this error occurs. So I want just to share my experience and my steps. Microsoft SQL Server Express LocalDB is a feature of SQL Server…
Read MoreI am awarded as Citrix Technology Advocate (CTA)
I am awarded as Citrix Technology Advocate (CTA) Last week at lunch an email arrived to my private mail account, with a short message that I was selected to be part of the CTA program at Citrix. This means I named as one of few Citrix Technology Advocates (CTA) in Germany. I am really proud and is a great pleasure for me, as I was trying to give my knowledge…
Read MoreCitrix VDA 2006 + 2009: Citrix ICA could not configure Thinwire and switch to the remote ICA display
After an experimental upgrade on some VDAs in a customer’s environment experiencing issues when connecting to our Windows 10 virtual desktops. Desktop Viewer starts up, stuck for some seconds and closes without any error or event. We just see this window: After some minutes you just see the connection on the VM is closed due to the VDA timeout. Internal connections through Storefront are working fine all the time. So…
Read MoreCitrix ADC 13.0-64-35 and Storefront “Cannot complete your request” (CVE-2020-8245, CVE-2020-8246 or CVE-2020-8247)
Starting with Citrix ADC feature release 13.0 build 64.35, some weak SSO types are dishonored globally. This affects Citrix XenDesktop Site and the Citrix Storefront authentication mechanism between Citrix Gateway and SF directly. These SSO types will be now disabled by default: Basic authentication Digest Access authentication NTLM without Negotiate NTLM2 Key or Negotiate Sign This means Single Sign-On (SSO) configuration in Citrix ADC and Citrix Gateway has to be…
Read MoreCitrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
On Sep 17, Citrix released CTX281474 article with three vulnerabilities which are fixed by new firmware releases on all supported version tracks. The following vulnerabilities are addressed here: CVE-2020-8245: An html injection attack against SSL VPN portal, CVE-2020-8246: A Denial-of-Service attack originating from the management network CVE-2020-8247: A escalation of privileges on the management interface. 8246 & 8287 are attacks on the management interfaces which should NOT be directly reachable from unauthorized…
Read MoreLDAP channel binding changes in 2020
Microsoft announced an update that is going to disable unsigned LDAP by default. What does this mean for administrators? Long story short, but you can no longer use bindings to domain controllers over port 389. After the installation of the update you have to use either LDAPS over port 636 or using StartTLS on port 389. Both scenarios still require to add a certificate on the domain controllers. Microsoft has…
Read MoreCitrix Synergy 2019 – my thoughts and my personal review
Right back from Citrix Synergy 2019 in Atlanta I was thinking about a personal conclusion of the great event and the days with a lot of insights into the strategy and Citrix‘ ideas for the future of work. First of all, I try to list the great announcements and product upgrades Citrix gave at the keynote. David Hanshall (CEO) and PJ Hough presented a very good overview and gave a…
Read MoreCTX232387 – Citrix Studio Error: You have read only access to the license server
Note In addition to this Citrix KNB article I found in some environments it is not enough to set the LimitRequestFieldSize like described, but you can set the value higher. See below the size I tested and validated (24k). A higher value 36k or 48k was not accepted and you will see errors in Citrix Studio for all users. Symptoms or Error When Licensing node is selected in Studio: Error…
Read MoreNetscaler – AD Group permission check on vserver level
In a Netscaler project I came to a requirement, to check if an user is member of an specific Active Directory group before the request is forwarded to the load balancing vServer. The customer has multiple lb vservers, which are protected by an simple AAA authentication server. The authentication domain was set to the top level domain, e.g. fabric.com. The following subdomains are representing the other applications: sharepoint.fabric.com jira.fabric.com documentcenter.fabric.com …
Read More