A while ago I was doing some research for Magic Filter when I stumbled upon something interesting within Receiver.

Inside wfica32.exe is a function called _Eng_RunExecutableOnExit. That name caught my interest, I’ve made it a little more readable with Ida Pro:

So what’s the conclusion?

imageWe can create the following  registry values in HKLM\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\XenDesktop:

XDControlRunOnExitDWORD: 0 for off 1 for on
XDControlExeString or Expandable String: Executable including path to run, maximum length 260 characters. Environment variables can be used
XDControlArgsString: Commandline arguments, maximum length 260 characters

How is that useful?

An example is automatically locking the workstation when the Citrix session ends. Use the following settings:

XDControlRunOnExit1
XDControlExerundll32.exe
XDControlArgsuser32.dll,LockWorkStation