Today I was troubleshooting the application “Harmony Client” which crashed upon exiting:

The application had been thinapped and the error only appeared when starting the thinapped version.

(more…)

The video below shows a Proof of Concept of bypassing Application Security in RES Workspace Manager .

Please note that at this time the code is not publicly available so please don’t ask for it.

EDIT 2: I added a video that I received from someone who tried my Excel Sheet with AppSense Application Manager.

EDIT: I wanted to clarify a couple of things regarding this post.

First of all I would like to explain why I wrote this code and why I choose to test it with RES WM.

I had the idea about this approach a long time ago but I never got around to actually do it. The main reason was that I needed to convert Delphi code to VBA and especially converting some Windows headers was a lot of work. Then suddenly I noticed that someone had already converted the headers, so I all I had to do was rewrite the code that used it to VBA.

The choice for RES was made because of two reasons:

1. If you want to beat something, you want to beat the best and I most certainly consider RES WM to be one of the top products.
2. At the time I wrote the POC code I had access to an enviroment with RES in it.

I would like to emphasize that RES contacted me very quickly after publishing this blog. I’ve had contact with RES and they showed a very constructive approach with their primary goal being a fix or guidance for their customers. Hats of to RES taking a constructive approach and I will be working together with RES on this issue.

Finally I would like to state that I didn’t expect this post to draw this much attention, if I did I would have probably taken another approach.

(more…)

Earlier this week I was asked to investigate a problem with the Xerox Universal Printer Driver. Users complained that printing to a Xerox printer was much slower than printing to an HP printer.

I received a reference document from a user, a rather complex Excel sheet. When selecting multiple tabs it took almost a minute to generate a print preview in Excel 2007 running on Windows 2003 with XenApp 5.

I was aware of a bug in the Xerox Universal Driver where almost 9.000 files were copied into the user’s profile directory (I wrote about that in an earlier post). But this seemed to be another problem.

(more…)

Today I troubleshooted an old DOS application that needed to run on a 32 bit Citrix XenApp Server. The last time I saw an actual DOS application in a production environment must be years ago.

When starting the application, the WOW subsystem (NTVDM) crashed with the message: “NTVM encountered a hard error.”:

After spending some time troubleshooting I remembered a similar issue from a few years ago where a DOS application worked fine from the Console but refused to work from an RDP or ICA session.

(more…)

I was testing a Script I wrote to launch a Citrix XenApp session using the Ica Client Object. Typical code to do this may look like this:

On my testmachine it ran nicely but on a customer machine the script failed with the error 2312 “The Citrix online plug-in received a corrupt ICA File. The ICA File has no [ApplicationServer] section“:

(more…)

I was deploying virtualized Citrix XenApp Servers on HP BL460c G6 servers and somehow the storage (direct attached) responded very slowly.

I had expected reduced performance (see my earlier post) since I didn’t have the  Battery Backed Write Cache module installed.
I did order them but had to start deployment before they arrived.

I did not however expect such an extreme bad performance. Deployment took ages or sometimes failed completely and when logging in to a VM it responded very sluggish.

Disk Latency

I looked in the vSphere console what the Disk Latency was. Latency under 10ms is usually considered good while a latency between 10 and 20ms is a potential performance problem.

I was shocked to notice that the Disk Latency was much higher with peaks toward 2.000 ms (2 seconds!):

(more…)

I had a very interesting issue today on a new Citrix XenApp 5 farm. We went into production yesterday and we noticed a number of issues:

• Printing in general was slow, especially when a user connects to a printer for the first time.
• User Profiles were rapidly growing in size (from the expected 1-2 MB to over 40 MB).
• Logons took much longer then in the testing period (and since we use a Full Screen Desktop the user doesn’t see any progress).
• Performance monitoring showed CPU spikes in Word, Excel and IE processes.

I took a look at the profiles first and noticed that the size growth was due to a Xerox subfolder in %APPDATA%:
(more…)

I wanted to create a Scheduled Task on my Citrix Servers to have the reboot every other night.

The idea is that half of the servers will reboot in a night and the other half the following night.

The TSSHUTDN tool is handy since it can issue a warning to logged on users, log them out after a certain period and finally issue the reboot.

Since I needed to add a scheduled task to many servers I wanted to do this with a script.

WMI Exposes the Win32_ScheduledJob Class and it’s Create Method.

(more…)

On a Citrix XenApp 5 environment a user reported that he was unable to start a Full Screen session on a Dual Monitor Configuration.

He received this error message:

Citrix has a KB Article: “How to Allow More Memory for Session Graphics on Windows Server 2003” that explains exactly how we can solve this.

We need to change the MaxLVBMem registry value and we can use the Excel Sheet from the KB Article to calculate the proper value.

Please don’t set this value too high because a higher value means you will restrict other kernel memory pools.

You also need to deny the SYSTEM account the SetValue permission on the HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management key to prevent the Citrix IMA service from overwriting the new value.

So I wrote a small PowerShell script to change the permission and set the value:

I wrote a PowerShell script to install all printer drivers on a Citrix or Terminal Server.

Actually the script isn’t specific to Citrix or Terminal Server but on such environments we need to preload all drivers because users do not have the permissions to do that.

I have chosen for PowerShell because you can do it in a one-liner which makes it easy to run this script from my Altiris server on all Citrix Servers.

The idea is that we enumerate all the shared printers on a Printer Server and make a connection to each printer. This will make sure that the driver is installed if it wasn’t already present.

The script could even be scheduled to enforce that newly added printer drivers are added to each Citrix Server.

(more…)