We help IT Professionals succeed at work.
Troubleshooting Question

Where is the policy set that is preventing users from seeing their local drives + XenApp 7.15

jnordeng
jnordeng asked
on
38 Views
Last Modified: 2020-11-06
Hello. We roll to production next week with our XenApp 7.15 environment running on Windows 2016, (And for all of you answering questions all year - thanks :))... I just discovered a variance and can't seem to pinpoint what is preventing this from working.

If you are in a published Remote Desktop Session the user can see the network drives but not their client drive (c on their client computer) which is preventing them from copying a file.  We had this working in XenApp 6.5.  I am looking at the GPO settings for XenApp 7.15 and I am allowing "Auto connect client drives" which is also set the XenApp 6.5 policies.  

So trying to find the missing setting here that needs to be enabled.

Thanks in advance - last find...  
Comment
Watch Question

Author

Commented:
Hm... Thanks Olivier for your quick response.  Looking at the policy currently I do not have defined, if I do look at the drop down, this appears to be related to the server drives, not the client mapped C drive which is what I need.  Can you please clarify?

Thanks

CERTIFIED EXPERT

Commented:
This is probably the solution to your problem:
https://support.citrix.com/article/CTX137342

Author

Commented:
Thanks Arana, this sounds like it but these Windows 2016 systems don't have this as an option for the local  Remote Desktop Session Host Configuration  settings and I do not have an entry available in Group Policy.  
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
This CTX KB is for WIndows 2008 R2. On newer systems you cannot edit the RDP protocol directly, you would have to use a GPO instead.

Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
Are you looking at Computer and not User?

Author

Commented:
No, I am looking at the User

Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
I also think that you would have no other choice but to also configure the RDP client / connection properties on the client to mount/map the local drives.
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
It's a computer setting not user.

Author

Commented:
I would agree this is likely at the server level so computer, but still not seeing anything to 'allow', everything is to disable.

Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
You cannot "force" the drive redirection/mapping at the server level with RDP.
You have to configure this on your RDP client. Go to your RDP client (mstsc) options and map the drives.

https://www.nextofwindows.com/how-to-access-local-drive-files-from-remote-desktop-session


CERTIFIED EXPERT

Commented:
Do not allow drive redirection
 Even if it says DO NOT ALLOW, if you disable this policy you will be ALWAYS ALLOWING the redirect, thus maybe reenabling the redirection if some other setting had disabled it.
If you disable this policy setting client drive redirection is always allowed

Author

Commented:
Thanks Olivier, gave it a shot, it simply maps another Drive to the Server where the Published Application - RDP session is running and still is not picking up the Client's Workstation Drive.
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
What you are trying to do is I think a double hop drive mapping from Citrix to RDP.

You can try to enable the Legacy Drive Mapping on your Citrix server:
https://support.citrix.com/article/CTX127968?_ga=2.195128233.466549691.1604428382-1714200735.1592834922

To enable legacy client drive mapping on XenApp, the following registry key must be set on the server:
 Caution! Refer to the Disclaimer at the end of this article before using Registry Editor.
 
  1. Create this registry key if it does not exist:
     HKEY_LOCAL_MACHINE\Software\Citrix\UncLinks\
  2.  Under the key, create a DWORD: UNCEnabled.
  3.  Set the value of UNCEnabled to “0”.
  4. Restart the server

And after that should be able to map the client drives in a published RDP connection via Citrix.

Author

Commented:
Thanks for the suggestion, but still no go.. I must have a policy denying this some place.

Author

Commented:
I have reviewed group policies and this is not explicitly denied... so still looking...

Author

Commented:
Arana, I did try this.

check group policy setting “Do not allow drive redirection” must be disabled under following path.

Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection 

I rebooted the host, but not change.

Thanks

Author

Commented:
In doing a little testing today I have confirmed this issue is only when I published a Remote Desktop using the .rdp file.  I started publishing out the .rdp file due to resolution - by default the 'desktop' will take the entire screen and shows up for all users, we need users to only have access to certain desktops.  The users also want to use the Desktop in a 'window'.  In XenApp 6.5, we got around this by setting a percentage of the screen size.  This does not seem possible in XenApp 71.5 and was suggested to publish the .rdp file.

The Citrix policies work correctly when I launch an app such as notepad and look at the mapped drives, I can see the client.  Also, as noted if I use the desktop Citrix generates, this will also map the client c drive.

If I go back to the RDP file, if I look at Local Resources, select more, and select Drives - this only gives me the Server's local drives and the mapped drives - this does not see a client drive at this point as it doesn't exist, is my guess.

Thoughts?

Thanks

Author

Commented:
So I went back and tried this again, 
  1. Create this registry key if it does not exist:
     HKEY_LOCAL_MACHINE\Software\Citrix\UncLinks\
  2.  Under the key, create a DWORD: UNCEnabled.
  3.  Set the value of UNCEnabled to “0”.
  4. Restart the server
I am still not seeing a change when I am logged into the Desktop.

I also expanded the options visible when I initiated the connection, drives aren't listed here.  Is there something else to do in combination with this UNC Setting?

Author

Commented:
Thought - looking for the syntax for the equivalent in Windows 2016 for \\tsclient\c$\, then I could add this to a login script.  However; can't seem to find appropriate syntax.  Thoughts?

Author

Commented:
I've tried \\tsclient\c$\  and \\Client\C$ as I noticed that when launching the native Remote Desktop session that is allowed via Delivery Controller group, but this is not working.

This is what I've tried adding to the script.

if not exist y:\ net use y:\ \\TSClient\C$ /PERSISTENT:YES >NUL
or
if not exist y:\ net use y:\ \\Client\C$ /PERSISTENT:YES >NUL

Thanks

Author

Commented:
This is solved - the real issue was presenting the Desktop - so I was able to move away from published .rdp files which allows Citrix policies to work correctly now.

Key article, https://robertsteeghs.wordpress.com/2018/06/26/configure-custom-screen-resolution-for-a-published-desktop-on-xenapp-7-x/

Basically the key here is once you've added your Published Desktop, to add this into your default.ica file by obtaining the correct ID giving in Citrix with powershell command, Get-BrokerEntitlementPolicyRule.


Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION