Author: Manuel Winkel

MSIX App Attach with Windows 10 Version 2004 in Citrix Environments

With the latest version of Windows 10 (version 2004) it is finally possible to use MSIX App Attach in Citrix without any special adaptation.

MSIX App Attach allows you to store applications for virtual environments outside a virtual machine in a VHD/X file. Such an application can thus be integrated into the user session if required.

What is MSIX App Attach ?

MSIX App Attach is based on the concept where the application is stored in MSIX format in a central location and integrated into the operating system. After embedding, applications look like locally installed applications to both the user and the operating system. When combining FSLogix Profile Containers and MSIX App Attach, the Golden Master Image’s operating system remains completely clean and data, profiles and applications are completely separated.

Continue reading “MSIX App Attach with Windows 10 Version 2004 in Citrix Environments”

FSLogix App Masking in Citrix Environments

What is App Masking and what do we need it for?

App Masking minimize the number of Golden Images required, by allowing all applications to be installed in a single Golden Image. The mapping and separation of applications (as well as printers, fonts, office add-ins, Internet Explorer plug-ins, etc.) is done without packaging, sequencing, backend infrastructure or virtualization.

FSLogix App Masking

This is achieved by granular access control of the installed applications through App Masking Rules. These rules can be used to completely hide the application in an user runtime, so that it no longer appears in the file system, registry or under programs and features.

Because no additional ressources are required by the system when using the rules, applications run at their native speed.

Continue reading “FSLogix App Masking in Citrix Environments”

Citrix Virtual Apps and Desktops & WEM 2003 is released

The new current releases of Citrix Virtual Apps and Desktops, Workspace Environament Management & Citrix Provisioning are now available. They contains many new features compared to the last LTSR.

Citrix Virtual Apps and Desktops 2003
Continue reading “Citrix Virtual Apps and Desktops & WEM 2003 is released”

ADV190023 – Enable LDAPS in Windows DC and Citrix ADC

Important Info:
The scheduled update (ADV190023), regarding LDAP Signing and Channel Binding for new and existing domain controllers, scheduled for March 10, 2020, has been postponed to the second half of calendar year 2020. The March 2020 update will only provide additional auditing capabilities to identify and configure LDAP systems before they become inaccessible with the later update.

The later update results in no more connections to the domain controller, via unsigned / Clear Text LDAP on port 389. Then it is only possible to use either LDAPS via port 636 or Signed LDAP (StartTLS) on port 389.

Continue reading “ADV190023 – Enable LDAPS in Windows DC and Citrix ADC”

Checklist for Citrix ADC CVE-2019-19781

Citrix has released a critical vulnerability warning (CVE-2019-19781) in all Citrix ADC & Gateway systems one week before Christmas. Several working exploits have been released since Jan. 10, 2020 and are available to everyone.

Important ! The fix from Citrix with the Responder Policy does not work on systems with version 12.1.51.16/51.19, 50.31 and older. If this version is in use, please update to the latest 12.1 version.

The exploits allow remote code to be executed anonymously, allowing unauthenticated attackers to take over the various machines with root privileges.

Continue reading “Checklist for Citrix ADC CVE-2019-19781”