A while ago I was doing some research for Magic Filter when I stumbled upon something interesting within Receiver.

Inside wfica32.exe is a function called _Eng_RunExecutableOnExit. That name caught my interest, I’ve made it a little more readable with Ida Pro:

So what’s the conclusion?

imageWe can create the following  registry values in HKLM\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\XenDesktop:

XDControlRunOnExit DWORD: 0 for off 1 for on
XDControlExe String or Expandable String: Executable including path to run, maximum length 260 characters. Environment variables can be used
XDControlArgs String: Commandline arguments, maximum length 260 characters

How is that useful?

An example is automatically locking the workstation when the Citrix session ends. Use the following settings:

XDControlRunOnExit 1
XDControlExe rundll32.exe
XDControlArgs user32.dll,LockWorkStation