Remko Weijnen's Blog (Remko's Blog)

About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like

Archive for the ‘Uncategorized’ Category

Google Earth fix for XenApp, RDSH & Horizon

Google Earth LogoBoth Google Earth and Google Earth Enterprise do not work correctly for multiple users on shared Hosted Shared Desktops (I still prefer to call it Server Based Computing but that’s likely because I’m an oldtimer).

Problem summary
So let’s look at the actual issue: the first user on a server is able to launch Google Earth but for any subsequent users on the same server Google Earth fails silently.

Problem details
Google Earth uses various synchronization objects such as Events and Mutexes but registers those in the \Global namespace instead of the \Local namespace.



Citrix NetScaler LogoRecently I switched over my blog from a hoster to a self hosted VM. In my setup I am using Citrix NetScaler as a reverse proxy.

Simular to when you’re using a 3rd party reverse proxy such as CloudFlare you will see the IP address from the reverse proxy instead of the actual Client IP Address on your webserver.

This means that your logging will all show the same, internal, IP address and that IP Based Access Rules will not work.

Fortunately this is easy to solve by having NetScaler add the Client IP Address in the headers and rewriting the address on your webserver.


  • 1 Comment
  • Filed under: Uncategorized
  • Blog improvements

    When I started this blog in 2007 (wow that’s almost 10 years ago) I went for a cheap web hoster with a reasonable performance to host it.

    In the beginning performance was acceptable but over the years it has degraded and of course user experience standards have changed.

    I decided it was time to do something about it so I’ve moved the blog from a shared platform to my own server.

    This server is running on optimized flash storage  where most writes are DeDuplicated and never actually hits the flash disks:



    Twitter Analytics and AdBlock Plus

    Twitter has opened access to Analytics for all users. However when you use an Ad Blocker, like Adblock Plus, you’ll get the following error:

    A problem occurred while loading the page. To use this site, you need to disable AdBlock or any other ads-blocking extension you are using, or customize it to show ads on this site

    For Adblock Plus you can fix this by adding a filter: go to Filter Preferences and on the "Custom filters" tab add a new filter within a filter group (or create a filter group for this rule).

    Use this as a filter rule:



    And don’t forget to Enable the rule!

    EDIT: Twitter user @Ertraeglichkeit mentioned a different method:


    System Center Operations Manager LogoIn a SCOM Management Pack Custom Properties can be used for Alert Description and Notification as described in this blog by Kevin Holman.

    In my case I wanted to add the Display Name and the Performance Counter Value in a Performance Threshold Monitor. In XML it would look this this:

    But how to add these parameters when using the System Center 2012 Visual Studio Authoring Extensions?


    Sophos UTM IconI am currently implementing Sophos UTM and I quite like this solution. It is free up for home usage and can easily be installed on a hypervisor.

    I wanted to scan encrypted traffic (ssl) as well so I activated the "Decrypt and scan" option:


    When testing this on one of my iPad’s I noticed that the App Store didn’t work properly anymore.

    When I tried to update applications I got the following error: "Cannot connect to iTunes Store". Additionally when I searched for Apps the search would return no results.


    System Center Operations Manager LogoToday I encounterd what seems to be a bug in the System Center 2012 Visual Studio Authoring Extensions. I wanted to define a Performance Collection Rule that reads out the percentage of free memory from an SNMP device.

    Since the device returns only the percentage of used memory I needed to use the ComputedPerfProvider provider to substract the used memory percentage from 100.

    I could of course report used memory instead of free memory but I wanted the resulst to appear in the default SCOM Performance View, which only lists Free Memory:

    System Center Operations Manager | Default Performance View


    System Center Operations Manager LogoI am currently working on a Management Pack for SCOM and I have studies a few examples on adding processor and memory counters.

    These examples all reference a Management Pack named "" but this Management Pack is not bundled with the System Center 2012 Visual Studio Authoring Extensions.


    Aaron Parker was talking about the uninstall guid in his session “Hands off my Golden Image Redux” at Citrix Synergy.

    I remembered that I had written a small PowerShell script to read out the uninstall GUID from an MSI file. This way you do not need to actually install the software to determine the uninstall GUID.

    How does that work?

    There is a logical relation between the MSI Product Code property and the install guid. In this example I’ve taken install_flash_player_11.8.800.174_active_x.msi as an example.

    The Uninstall key is HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A2E504D3D31C0D5409F28F3FDD565AD9

    The interesting part of it is the GUID:


    If we look into the MSI properties with (Super)Orca we see:


    If we compare those GUIDS:

    Uninstal    {A2E504D3-D31C-0D54-09F2-8F3FDD565AD9}

    Product Code{3D405E2A-C13D-45D0-902F-F8F3DD65A59D}

    We can see that we need to apply the following logic:

    · First 8 bytes must be swapped right to left

    · Next 4 bytes (skipping the hyphen) also swapped right to left

    · Next 4 bytes (skipping the hyphen) also swapped right to left

    · Next 4 bytes (skipping the hyphen) also swapped right to left

    · Last 12 bytes must be byte swapped per byte (F8 -> 8F, F3 -> 3F etc).

    Knowing that we can make life easier with PowerShell:

    [posh]function Get-Property ($Object, $PropertyName, [object[]]$ArgumentList)


    return $Object.GetType().InvokeMember($PropertyName, ‘Public, Instance, GetProperty’, $null, $Object, $ArgumentList)


    function Invoke-Method ($Object, $MethodName, $ArgumentList)


    return $Object.GetType().InvokeMember($MethodName, ‘Public, Instance, InvokeMethod’, $null, $Object, $ArgumentList)


    function GetMsiProductCode([string]$path)


    $msiOpenDatabaseModeReadOnly = 0

    $Installer = New-Object -ComObject WindowsInstaller.Installer

    $Database = Invoke-Method $Installer OpenDatabase @($path, $msiOpenDatabaseModeReadOnly)

    $View = Invoke-Method $Database OpenView @(“SELECT Value FROM Property WHERE Property=’ProductCode'”)

    Invoke-Method $View Execute | Out-Null

    $Record = Invoke-Method $View Fetch

    if ($Record)


    Write-Output (Get-Property $Record StringData 1)




    $path = “c:\Users\rweijnen\Desktop\install_flash_player_11.8.800.174_active_x.msi”

    $item = “” | Select-Object Path, ProductCode, UninstallGuid, UninstallRegistry

    $item.Path = $path

    $item.ProductCode = (GetMsiProductCode $item.Path)

    $DestGuid = ([regex]::Matches($item.ProductCode.Substring(1,8),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring(10,4),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring(15,4),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring(20,2),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring(22,2),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    for ($i=25 ; $i -lt 37 ; $i = $i + 2)


    $DestGuid += ([regex]::Matches($item.ProductCode.Substring($i,2),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”


    $item.UninstallGuid = “{” + ([Guid]$DestGuid).ToString().ToUpper() + “}”

    $item.UninstallRegistry = “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\{0}” -f $DestGuid

    $item | Format-List

    Sample output:

    Path              : c:\Users\rweijnen\Desktop\install_flash_player_11.8.800.174_active_x.msi

    ProductCode       : {3D405E2A-C13D-45D0-902F-F8F3DD65A59D}

    UninstallGuid     : {A2E504D3-D31C-0D54-09F2-8F3FDD565AD9}

    UninstallRegistry : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A2E504D3D31C0D5409F28F3FDD565AD9


    My presentation at E2EVC in Rome

    imageI will be presenting a session at E2EVC in Rome next weekend.

    Recently I published an article on my blog that shows how to run an executable of choice when the Citrix Receiver exits.

    SNAGHTML29bc6f22In this session I will show you how to find such undocumented features in applications step by step. Using this example we will open the Citrix Receiver in Ida Pro and disassemble it.

    Using public resources such as the Citrix Public Symbol Server we can analyze, understand and finally make the code more readable.

    I will try to make this session not an “enter the matrix one” but one that could be considered as an intro into using Ida Pro for reverse engineering and app compat fixing.

    Hope to see you all in Rome, my session is scheduled Friday November 1 from 18.30 – 19.15. There will be room for questions so feel free to take your own Crapplication™ and ask about it after the session.

    See you in Rome!