Tag Archives: Citrix

Local Policy Session Printing With CVADS

Local Policy Session Printing With CVADS

Recently on site I came across my first requirement for a Citrix Session Printer Policy when migrating from an on-premises 7.15 Site to CVADS.

At first I simply tried copying the policy in to the Cloud Studio but when I came to select the printer it was unable to connect. The first step was to eliminate firewall rules as usual so I got the SMB ports opened between the Cloud Connectors and the Print Servers but this didn’t resolve the issue.

Luckily I was working with Citrix at the time and so a quick check through Slack turned up Citrix Article https://support.citrix.com/article/CTX220345 which says “Because limitation of Citrix Cloud and Connector, in certain scenarios, communication with some of the on premises components, there is a need for some customers to manage the Citrix polices locally”.

The article itself was straightforward enough and geared towards using an Active Directory Group Policy which was duly created but still failed to apply. Closer inspection showed that because the customer uses AppSense for user personalisation they didn’t have the “user group policy loopback processing mode” enabled.

Continue reading Local Policy Session Printing With CVADS

Citrix Depreciate On-Premises Cloud Support

Citrix Depreciate On-Premises Cloud Support

With the release of the latest Current Release (CR) of Virtual Apps and Desktops (CVAD) version 2003 Citrix has announced that they have deprecated on-premises support for VDA workloads hosted on the following Clouds:

  • Amazon Web Services (AWS)
  • Microsoft Azure
  • Cloud Platform
Continue reading Citrix Depreciate On-Premises Cloud Support

Citrix – Making CentOS Look Like Windows 10

Citrix – Making CentOS Look Like Windows 10

As part of my testing with the CVAD 1912 Linux VDA I came across the B00merang desktop themes which makes a Linux desktop look like Windows 10. I decided to explore whether the theme could be applied to Citrix sessions and after to some googling, got it up and running .

Continue reading Citrix – Making CentOS Look Like Windows 10

Citrix – Learning About The Linux VDA

Citrix – Learning About The Linux VDA

As part of taking the new Citrix Virtual Apps and Desktops (CVAD) LTSR release out for a spin, today I decided to look at the Linux VDA again.  It’s been a while since I tried it as my previous attempts weren’t successful but today I figured was the day to try again !

Many years ago I worked on a Citrix install for a school in Hull which used XenApp on Sun Solaris to provide Open Office to their students at home for doing their homework.  At the time I was greatly impressed but after putting a XenApp server on Solaris in for one of the previous companies I worked for, I haven’t seen anything *nix related since.

Continue reading Citrix – Learning About The Linux VDA

Citrix ADC Vulnerability CVE-2019-19781

Citrix ADC Vulnerability CVE-2019-19781

Last Wednesday I got an update email from the Citrix Heroes community ran by DJ Eshelman about a new vulnerability which has been found with Citrix ADC appliances.  Fortunately my home lab hasn’t been powered up much this past few weeks but today I decided to apply the mitigation steps to my VPX in case.

Continue reading Citrix ADC Vulnerability CVE-2019-19781

PN Agent Access Over The WAN

PN Agent Access Over The WAN


Citrix PN Agent is one of the delivery methods (Along with Program Neighourhood and Web Interface) through which Citrix XenApp Published Applications can be provided to users.

The PN Agent client provides the ability for Single Sign On and also the ability to integrate Published Application Icons in to a users Desktop and Start Menu.

With the introduction of Mobile Clients like the iPhone / iTouch Receiver client, this article provides the steps to deploy a PN Agent Site across the WAN through a Citrix Access Gateway.


  • A Citrix XenApp Server Farm
  • Published Applications
  • A Web Interface installation
  • A Citrix Access Gateway appliance

Creating The PN Agent Site

The PN Agent site creation is a straight forward task and does not need any additional steps performed to be configured to delpoy via a CAG.  The steps to configure PN Agent to deploy via a Citrix Access Gateway Appliance are explained in the section Editing The WebInterface.conf File further down.

To create a new PN Agent site perform the following steps :-

  • Launch the Citrix Access Management Console on the Web Interface Server
  • Click on Create Site in the Common Tasks box
  • When prompted select Program Neighborhood Agent Services Siteand click on Next
  • Configure the Path for the site E.G. /Citrix/PNAgent as the Default shows and click on Next
  • Select Local File(s) and click on Next
  • Confirm the settings by clicking on Next
  • Once the site has created click on Next to configure this site now

Configuring The PN Agent Site

Once the site is created it the Wizard will move on to the Site Configuration steps if you ticked the configure this site now option during creation.

To configure a basic PN Agent Site perform the following steps :-

  • Click on Next when prompted with the Welcome screen
  • Under the Specify Server Farm screen configure the Farm Name to the name of the Citrix Farm you will connect to (N.B. The Farm Name does not have to be the actual name of the Citrix Farm being used but helps with continuity)
  • Click on Add and enter the name of at least one Citrix Server or Data Collector in the Farm
  • Configure the Server Port to the XML Port number in use on the Citrix Servers
  • Click on Next and when prompted with the Select Application Typescreen select Remote and click on Next
  • Click on Finish to complete configuring of the Site

Editing The Webinterface.conf File

The actual integration with a Citrix Access Gateway is performed by editing the WebInterface.conf file for the Site and the following steps provide an explanation of this :-

  • Navigate to the Folder containing your new PN Agent Site – E.G. C:\Inetpub\Wwwroot\Citrix\PNAgent
  • Go in to the conf folder and edit the WebInterface.conf file with Notepad
  • Locate the line ClientAddressMap=*,normal and change it to the folowing :-


  • Locate the line # CSG_Server=[IP address or FQDN of the Secure Gateway server] and change it to the following :-

yourcagserver.domain.com – E.G. CSG_Server=portal.example.com

N.B. Remember to remove the # from the start of the line to uncomment it

  • Locate the line # CSG_STA_URL1=[URL for the Secure Ticketing Authority] and change it to the following :-


N.B. Remember to remove the # from the start of the line to uncomment it

  • Save and Exit the file

Testing The Implementation

Once the WebInterface.conf has been edited to test the implementation set-up a machine with the PN Agent client on it and when prompted point it to https://yourcagserver.domain.com E.G. –https://portal.example.com.

The PN Agent should prompt for logon and once the correct credentials and Domain have been supplied it should then connect you to the PN Agent Site and populate the Published Applications Icons in to the Agent Menu along with any configured to go to the Desktop or Start Menu of the machine.