I noticed something interesting today: I needed to generate a Code Signing certificate from a Windows 2003 CA Server.

However the default Code Signing Template does not allow us to export the private key. I found a nice trick however that enables us to request a code signing certificate WITH private key.

To do this I first needed to enable the Code Signing template on the CA Server. This can be done using the Certification Authority MMC Snap-in: right click on the Certificate Templates node and select New | Certificate Template to Issue | Code Signing:

(more…)

This time a car topic: using VCDS you can change the picture that it’s shown on the navigation headunit to match your car.

In my case it’s a VW Passat Variant B7/3AA and it can be coded with VCDS:

Open Module 76 – Park Assist:

Then select Coding – 07 and enable Bit 4 of Byte 0 (with correct labels you can Enable "Optical Illustration active"):

Then goto Byte 2 and select the correct Model:

Now it’s correct:

This blog is about an issue with VMware ThinApp and Office 2010 I discovered a while ago.

Environment
Customer is using Office 2003 natively on a Citrix XenApp 5 environment. Some users had a business need for Office 2010, therefore a ThinApp with Office 2010 was created (this customer uses ThinApp for App-Virt).

To make the picture complete: Thinapp version is 4.7.2-771812 and Office version is 2010 SP1 (14.0.6024.1000) .

Symptoms
Users complained that Office 2010 was very slow. Most noticeable was Outlook 2010 which was completely unusable.

Outlook startup time was minutes rather than seconds and while starting it seemed to delay on loading profile.

When Outlook was finally started, switching between folders and layouts felt really sluggish.

For example when switching from Calendar to Inbox took a few seconds, after which it would take almost 20 seconds for the e-mails to show. Switching between e-mail would take 2-3 seconds to display the contents in the reading pane.

(more…)

Today I was asked to assist in getting an Excel Add-In to work on Citrix XenApp.

The application was packaged into a Thinapp by one of our package engineers.

However when testing the Add-In on Citrix XenApp the following message appeared:

Apparently this application does a license check that fails when run from another server (how bad).

Disclaimer
Before we go on: I would like to make clear that my goal is not to be able to use an application without license. I am just trying to make it work within the customer’s environment.

(more…)

Background
Customer uses Citrix XenApp 5 with ThinApp, RES Workspace Manager and RES Workspace Extender.

An application integration strategy is defined, the picture below displays the strategy and preferred order:

Question
Customer wanted to know the type (1..7) for all applications currently defined in RES Workspace Manager.

I decided to export all the Applications from RES WM as Building Blocks. This results in a folder with XML files. I decided to parse the XML files with a PowerShell script.

(more…)

Another interesting issue today with an application that runs on Citrix XenApp.

Environment
Customer has a Citrix XenApp 5 environment running on Windows Server 2003. Clients are all Windows XP and run the Citrix Online Plugin 12.3 full screen.

RES Workspace Extender is used to integrate locally installed application into the XenApp Session. Users have no access to the local desktop.

Symptoms
This particular application scans invoices using a USB scanner attached to the client and runs them trough a workflow.
Whenever the Start scan button was pressed the application froze.

(more…)

Some applications use the computer’s name as a unique identifier, rather than using the user name. In a single-user-per-computer environment, this strategy works well.

However, in a Multi User environment such as Citrix XenApp or Microsoft’s Remote Desktop Services (Terminal Server), all connected users report the same computername.

If the application relies on unique computernames to handle tasks such as file and record locking, then the application will fail.

We can however set an Application Compatibility Flag in the registry to return the username instead of the computername.

To demonstrate this behaviour I wrote a small Test Application called TestAppCompatFlags.exe.

(more…)

On Windows 2000, XP and Server 2003 a mechanism called Windows File Protection (WFP) is used to protect system integrity.

How does WFP Work?
Inside SFCFILES.DLL a list of files is kept that are monitored for changes. When a monitored file gets deleted, modified or overwritten WFP will restore the original from one of the following locations:

• Cache Folder (%systemroot%\System32\DllCache)
• Network Installation Path
• Windows CD (or i386 folder on harddisk)

But what if we need to replace such a file? You could write a batch file that copies the modified file to the cache folder, installation path and destination. And this may work if it’s quick enough.

A more reliable method is to use an undocumented export from sfc_os.dll called SfcFileException (only exported by ordinal #5).

(more…)

Scanners attached to client machines can be used from within a Citrix XenApp session via a mechanism called Twain Redirection.

For this mechanism to work correctly the file twain_32.dll must be present in the Windows directory.

On Windows 2008 this dll should be copied from winsxs (side by side) to the windows directory as described in CTX123981.

On Windows 2003 the dll is already in the correct directory, however applications that are not Terminal Server Aware cannot find this dll because the Windows directory is redirected to the user profile. Citrix recommends copying twain_32.dll to each user’s profile directory but this will take up unnecessary space.

So what alternatives do we have?

(more…)