jnordeng
asked on
Where is the policy set that is preventing users from seeing their local drives + XenApp 7.15
Hello. We roll to production next week with our XenApp 7.15 environment running on Windows 2016, (And for all of you answering questions all year - thanks :))... I just discovered a variance and can't seem to pinpoint what is preventing this from working.
If you are in a published Remote Desktop Session the user can see the network drives but not their client drive (c on their client computer) which is preventing them from copying a file. We had this working in XenApp 6.5. I am looking at the GPO settings for XenApp 7.15 and I am allowing "Auto connect client drives" which is also set the XenApp 6.5 policies.
So trying to find the missing setting here that needs to be enabled.
Thanks in advance - last find...
If you are in a published Remote Desktop Session the user can see the network drives but not their client drive (c on their client computer) which is preventing them from copying a file. We had this working in XenApp 6.5. I am looking at the GPO settings for XenApp 7.15 and I am allowing "Auto connect client drives" which is also set the XenApp 6.5 policies.
So trying to find the missing setting here that needs to be enabled.
Thanks in advance - last find...
This is probably the solution to your problem:
https://support.citrix.com/article/CTX137342
https://support.citrix.com/article/CTX137342
ASKER
This CTX KB is for WIndows 2008 R2. On newer systems you cannot edit the RDP protocol directly, you would have to use a GPO instead.
Are you looking at Computer and not User?
I also think that you would have no other choice but to also configure the RDP client / connection properties on the client to mount/map the local drives.
It's a computer setting not user.
ASKER
You cannot "force" the drive redirection/mapping at the server level with RDP.
You have to configure this on your RDP client. Go to your RDP client (mstsc) options and map the drives.
https://www.nextofwindows.com/how-to-access-local-drive-files-from-remote-desktop-session
You have to configure this on your RDP client. Go to your RDP client (mstsc) options and map the drives.
https://www.nextofwindows.com/how-to-access-local-drive-files-from-remote-desktop-session
Do not allow drive redirectionEven if it says DO NOT ALLOW, if you disable this policy you will be ALWAYS ALLOWING the redirect, thus maybe reenabling the redirection if some other setting had disabled it.
If you disable this policy setting client drive redirection is always allowed
ASKER
Thanks Olivier, gave it a shot, it simply maps another Drive to the Server where the Published Application - RDP session is running and still is not picking up the Client's Workstation Drive.
What you are trying to do is I think a double hop drive mapping from Citrix to RDP.
You can try to enable the Legacy Drive Mapping on your Citrix server:
https://support.citrix.com/article/CTX127968?_ga=2.195128233.466549691.1604428382-1714200735.1592834922
To enable legacy client drive mapping on XenApp, the following registry key must be set on the server:
Caution! Refer to the Disclaimer at the end of this article before using Registry Editor.
And after that should be able to map the client drives in a published RDP connection via Citrix.
You can try to enable the Legacy Drive Mapping on your Citrix server:
https://support.citrix.com/article/CTX127968?_ga=2.195128233.466549691.1604428382-1714200735.1592834922
To enable legacy client drive mapping on XenApp, the following registry key must be set on the server:
Caution! Refer to the Disclaimer at the end of this article before using Registry Editor.
- Create this registry key if it does not exist:
HKEY_LOCAL_MACHINE\Software\Citrix\UncLinks\ - Under the key, create a DWORD: UNCEnabled.
- Set the value of UNCEnabled to “0”.
- Restart the server
And after that should be able to map the client drives in a published RDP connection via Citrix.
ASKER
Thanks for the suggestion, but still no go.. I must have a policy denying this some place.
ASKER
I have reviewed group policies and this is not explicitly denied... so still looking...
ASKER
Arana, I did try this.
check group policy setting “Do not allow drive redirection” must be disabled under following path.
Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection
I rebooted the host, but not change.
Thanks
check group policy setting “Do not allow drive redirection” must be disabled under following path.
Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection
I rebooted the host, but not change.
Thanks
ASKER
In doing a little testing today I have confirmed this issue is only when I published a Remote Desktop using the .rdp file. I started publishing out the .rdp file due to resolution - by default the 'desktop' will take the entire screen and shows up for all users, we need users to only have access to certain desktops. The users also want to use the Desktop in a 'window'. In XenApp 6.5, we got around this by setting a percentage of the screen size. This does not seem possible in XenApp 71.5 and was suggested to publish the .rdp file.
The Citrix policies work correctly when I launch an app such as notepad and look at the mapped drives, I can see the client. Also, as noted if I use the desktop Citrix generates, this will also map the client c drive.
If I go back to the RDP file, if I look at Local Resources, select more, and select Drives - this only gives me the Server's local drives and the mapped drives - this does not see a client drive at this point as it doesn't exist, is my guess.
Thoughts?
Thanks
The Citrix policies work correctly when I launch an app such as notepad and look at the mapped drives, I can see the client. Also, as noted if I use the desktop Citrix generates, this will also map the client c drive.
If I go back to the RDP file, if I look at Local Resources, select more, and select Drives - this only gives me the Server's local drives and the mapped drives - this does not see a client drive at this point as it doesn't exist, is my guess.
Thoughts?
Thanks
ASKER
So I went back and tried this again,
I also expanded the options visible when I initiated the connection, drives aren't listed here. Is there something else to do in combination with this UNC Setting?
- Create this registry key if it does not exist:
HKEY_LOCAL_MACHINE\Software\Citrix\UncLinks\ - Under the key, create a DWORD: UNCEnabled.
- Set the value of UNCEnabled to “0”.
- Restart the server
I also expanded the options visible when I initiated the connection, drives aren't listed here. Is there something else to do in combination with this UNC Setting?
ASKER
Thought - looking for the syntax for the equivalent in Windows 2016 for \\tsclient\c$\, then I could add this to a login script. However; can't seem to find appropriate syntax. Thoughts?
ASKER
I've tried \\tsclient\c$\ and \\Client\C$ as I noticed that when launching the native Remote Desktop session that is allowed via Delivery Controller group, but this is not working.
This is what I've tried adding to the script.
if not exist y:\ net use y:\ \\TSClient\C$ /PERSISTENT:YES >NUL
or
if not exist y:\ net use y:\ \\Client\C$ /PERSISTENT:YES >NUL
Thanks
This is what I've tried adding to the script.
if not exist y:\ net use y:\ \\TSClient\C$ /PERSISTENT:YES >NUL
or
if not exist y:\ net use y:\ \\Client\C$ /PERSISTENT:YES >NUL
Thanks
ASKER
This is solved - the real issue was presenting the Desktop - so I was able to move away from published .rdp files which allows Citrix policies to work correctly now.
Key article, https://robertsteeghs.wordpress.com/2018/06/26/configure-custom-screen-resolution-for-a-published-desktop-on-xenapp-7-x/
Basically the key here is once you've added your Published Desktop, to add this into your default.ica file by obtaining the correct ID giving in Citrix with powershell command, Get-BrokerEntitlementPolicyRule.
Key article, https://robertsteeghs.wordpress.com/2018/06/26/configure-custom-screen-resolution-for-a-published-desktop-on-xenapp-7-x/
Basically the key here is once you've added your Published Desktop, to add this into your default.ica file by obtaining the correct ID giving in Citrix with powershell command, Get-BrokerEntitlementPolicyRule.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks