powered by Ecki's Place

July 11, 2010

32bit icon option missing from the XenApp farm properties

I recently stumbled uppon a really weired problem with 32bit icon support in XenApp. Under certain circumstances the AMC won’t show the option for 32bit icon support in the farm properties even if all prerequisites are perfectly met. We found out the reason for that behaviour only by accident.

The problem can be seen with all versions of Presentation Server 4.5 and XenApp 5.0 for w2k3 as well as for w2k8.

If the problem hits you, the farm properties won’t show the option for 32bit icon support, but there will only be a blank space 🙁

No 32bit icon support in the AMC

The reason for this odd behaviour can be found in the configuration of the farm-discovery. I sometimes use LOCALHOST as the hostname for discovery. This is helpful in situations where you have roaming profiles and IIS is not installed on the XenApp servers.

But if you configure discovery that way there will be no 32bit icon option in the AMC.

Configured with LOCALHOST

If you change the discovery option back to the local server

Konfiguriert mit "Local Server"

the missing option reappeares again.

32bit icon support available

You can toggle that behaviour as you like. Admittedly this is not a common problem but it is odd and if you happen to see it, you will be warned…


July 21, 2007

Web Interface 4.6 for Windows available

Yesterday Citrix released the new Web Interface 4.6 for Windows. This version is mandatory for several new features and enhancements introduced with the Rollup Pack 01 for Presentation Server 4.5.

Before installing Web Interface 4.6 you have to update your AMC (Access Management Console for Presentation Server 4.5) first. The new console snap-ins must be present before the new features can be installed successfully. The new AMC can be downloded here.

The download of Web Interface 4.6 and aditional informations can be found here.


May 23, 2007

AAC tuning, part 1

Is there any AAC admin happy with the way, EPA scans behave? Once you create just one EPA scan in the AMC (Access Management Console), the EPA scan gets started automatically on every LogonPoint, regardless whether this is wanted/needed or not.

This behavior is for example very annoying at OWA (Outlook Web Access) LogonPoints, that are created only to allow restricted access to the personal mail from anywhere. To operate “client less” from anyplace, anywhere, no EPA scans may be required. On a standard LogonPoint the EPA scan appears anyway with his download and installation directions. If you click on the “Skip Scan” button, you can proceed without scanning your PC, but the download of the EPA scan client still takes place in the background, steeling you valuable bandwidth. In addition, less computer versed users in an internet cafe with restricted PCs might end up trying to install the EPA scan client over and over without a chance to succeed…

Recently I stumbled upon an option that is able to stop this “misbehavior”. Well hidden and badly documented, the chances are good, that only few people discovered this option so far. The solution can be found in the “web.config” file in the root of the respective LogonPoint directory.

On a standard AAC server this is presumably:


There is an other version of this file in the “C:\Inetpub\wwwroot\CitrixLogonPoint\” directory which should stay untouched !

This file can be opened and edited with any editor like the Windows NotePad. In the last third of the file you can find a section <appSettings>, which gives you some interesting possibilities. Among other things you can disable EPA scans here. All it needs is to add the following line below the <appSettings> section:

<add key=”EndpointAnalysisDisabled” value=“true” />

The section should look like this afterwards:

<add key="DebugConsoleTrace" value="False" />
<add key="AdvancedGatewayClientDownloadUrl" value="" />
<add key="AdvancedGatewayClientActivationDelay" value="10" />
<add key="MaxConnectionsToAuthenticationService" value="20" />
<add key="LogonPointId" value="00000000-0000-0000-0000-000000000000" />
<add key="DeployedBy" value="LACONFIG" />
<add key="ExtendedSecurIdFunctionalityEnabled" value="true" />
<add key="SecondaryAuthenticationIsOptional" value="false" />
<add key="EndpointAnalysisDisabled" value="True" />
<!- -

After saving the changes, a user calling this manipulated LogonPoint will now be forwarded immediately to the login prompt without seeing any EPA “nag screen” 🙂

AAC tuning, part 2 >>

!!! Please read the first comment to this post !!!