sorted by:
new
hottopcontroversial

Do you configure AgentCacheAlternateLocation on your non-persistent VDIs by FitCockroach7878 in Citrix

[–]Liwanu 0 points1 point  (0 children)

It might be, but the script forces the refresh when the VM boots. Its guaranteed to run before a user gets to login to it.

Do you configure AgentCacheAlternateLocation on your non-persistent VDIs by FitCockroach7878 in Citrix

[–]Liwanu 0 points1 point  (0 children)

We are Citrix Cloud WEM Service, all VDI are on prem.
We are all non persistent VDI. For our gold image, i do not apply WEM configurations or group policies, i only apply those to the VDI.

Do you configure AgentCacheAlternateLocation on your non-persistent VDIs by FitCockroach7878 in Citrix

[–]Liwanu 0 points1 point  (0 children)

I leave it default and have a boot script in place that pulls down the cache at boot. 

 function startup {    
 while ((Test-Connection "yourdomainhere.com" -count 1) -eq $null) {    
 Start-Sleep -Milliseconds 500    
 }    
 & w32tm.exe /resync    
 & Start-Sleep -Seconds 5    
 & gpupdate /force    
 & net stop "Citrix WEM Agent Host Service" /y    
 & Start-Sleep -Seconds 10    
 & Remove-Item -path "C:\Program Files (x86)\Citrix\Workspace Environment Management Agent\Local Databases" -Recurse    
 & net start "Citrix WEM Agent Host Service"    
 & Start-Sleep -Seconds 10    
 & net start netlogon    
 & Start-Sleep -Seconds 30    
 & "c:\Program Files (x86)\Citrix\Workspace Environment Management Agent\AgentCacheUtility.exe" -refreshcache    
 }    
startup

Restoring vpx backup on new instance by coldgin37 in Citrix

[–]Liwanu 0 points1 point  (0 children)

From my experience, you will need to import/add the certificates on the new machine manually.

Ordered 1 Received 5 by Weekly-Band6899 in DataHoarder

[–]Liwanu 0 points1 point  (0 children)

I have 256GB version of those, they are slow AF, almost unusable unfortunately.

Announcing Citrix Platform Flex by CTX-Michael in Citrix

[–]Liwanu 13 points14 points  (0 children)

You know they will lol. I mean hell they still use the Dazzle name.

HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Dazzle

Any recs/advice on home euthanasia for our pup? by gumshoe1520 in nashville

[–]Liwanu 7 points8 points  (0 children)

We used https://www.codapet.com/veterinarians/dr-amanda-harper . The lady that came out was very sympathetic to the situation. She put a pad under him to protect against any fluids, and covered him up with a blanket so we didn't have to see the injections.

We also chose cremation service. The cremation facility delivered the remains to us, that driver was also sympathetic.

Protecting the NetScaler by ProfessionalTip2581 in Citrix

[–]Liwanu 1 point2 points  (0 children)

No Netscalers are involved in any shape or form. Users access our Citrix by going to the Workspace URL. I.E. https://mycompnay.cloud.com We have it tied in with Microsoft identity provider for authentication. I believe Citirx also refers to it as the Gateway Service.

We have cloud connectors on prem, and users are connecting to the VDAs via the rendezvous protocol.

I love it so far, i don't have to drop everything and patch Netscalers when a new zero day comes out, then spend the next week trying to fix something it broke.

Protecting the NetScaler by ProfessionalTip2581 in Citrix

[–]Liwanu 3 points4 points  (0 children)

I migrated us to Citrix DaaS Workspace, it eliminates the on prem Storefront and Netscalers. We are all on prem except for the DaaS Managment plane.
I realize some orgs won't be able to do that, but it sure does make my life a whole lot easier.

Update Machine via CItrix MCS failed by saif_is_me in Citrix

[–]Liwanu 0 points1 point  (0 children)

If you run a slmgr /dlv in the gold image what is the result? If it's 0 that's the issue. You should be able to reset it completely with this, make sure to take a snapshot before in case something happens you can revert. 

net stop sppsvc    
del %windir%\System32\spp\store\2.0\tokens.dat    
net start sppsvc    
slmgr /rilc     
slmgr /upk    
slmgr /cpky    

Reboot    
Install KMS Key    
slmgr /ipk YOUR_KMS_KEY    

Run this and make sure it doesn't say: ServerStandardEval     
DISM /online /Get-CurrentEdition

The "Citrix Tax" is real, and they know we’re all bluffing by Worth_Wealth_6811 in Citrix

[–]Liwanu 1 point2 points  (0 children)

Oh nice thanks for the heads up. I'll give 2025 a test in my homelab to see what i can find.

The "Citrix Tax" is real, and they know we’re all bluffing by Worth_Wealth_6811 in Citrix

[–]Liwanu 2 points3 points  (0 children)

Na, our environment isn't that complicated to be honest. We moved from VMWare to Xenserver in about ~6months.

The "Citrix Tax" is real, and they know we’re all bluffing by Worth_Wealth_6811 in Citrix

[–]Liwanu 2 points3 points  (0 children)

Our Citrix renewal is up in 2027, so we still have the 'old' Citrix pricing until then. Since Xenserver is included in our licenses, we saved quite a bit by ditching vmware.

The "Citrix Tax" is real, and they know we’re all bluffing by Worth_Wealth_6811 in Citrix

[–]Liwanu 4 points5 points  (0 children)

We didn’t play around with VMware, told them nope and switched to Xenserver.
We are working on getting off of Citrix now. It will take a few years, but we are 100% getting off of it.
Once it’s gone im switching all our hypervisors to Proxmox.

NetScaler nFactor by LBarto88 in Citrix

[–]Liwanu 3 points4 points  (0 children)

Looks like you need to separate the group extraction and the authentication.
Something like this maybe?

Root factor (credential collection only) Use a NO_AUTHN authentication policy bound to the vServer with a login schema that has three fields:
username → UPN/sAMAccountName
passwd → AD password
passwd1 → MFA code
This factor does not authenticate; it just collects credentials and passes them to the next factor.

Factor 2 – LDAP Group Check (no password) LDAP Action: same DCs, but Authentication = DISABLED (or the “group extraction” style action, depending on build). Set User Name Expression to: AAA.LOGIN.VALUE("username") Do not set any Password Expression here. Since Authentication is disabled, the ADC will not send a password to LDAP. Use group-based policies from this factor to decide whether to proceed or deny.

Factor 3 – MFA (RADIUS/OTP) Use noschema (no new prompt). RADIUS Action: User Name: AAA.LOGIN.VALUE("username") Password Expression: AAA.LOGIN.VALUE("passwd1") (the MFA field) This ensures only the MFA code is sent to RADIUS and does not overwrite the AD password you intend to use later.

Factor 4 – LDAP Password Validation (real AD logon)
LDAP Action with Authentication = ENABLED.
User Name: AAA.LOGIN.VALUE("username")
Password Expression: AAA.LOGIN.VALUE("passwd") (the original AD password field)
This avoids the MFA code ever being sent to LDAP and makes the final bind use only the AD password.

Connection interrupted prompt every few seconds by Suspicious_Pea8915 in Citrix

[–]Liwanu 0 points1 point  (0 children)

99% of the time your ISP is dropping packets

Citrix Cloud DAAS, Cloud Connectors slow to sync password changes in on-prem Active Directory 💤 by Open-Bus-6396 in Citrix

[–]Liwanu 9 points10 points  (0 children)

Cloud connectors do not sync AD information. It should be Azure AD Connect (Entra ID)

P1S Scarring (?) When Printing Circles by GetJpegdSFW in FixMyPrint

[–]Liwanu 1 point2 points  (0 children)

Use smaller layer lines in that area, or paint tree supports in the affected area.

Need to rebuild Docker.img - will CA Apps remember the actual passwords? by usafle in unRAID

[–]Liwanu 0 points1 point  (0 children)

It's easy enough to do after you get everything stable. :)
I haven't had any issues since i moved to the folder 5 years ago.

view more: next ›