Hi. I’m Farid.

I like to share some (sysadmin) stuff here.

Citrix Receiver fails to launch desktop/application after upgrading Firefox

Recently I came across a problem with starting my desktop/application through the Netscaler after updating to Mozilla Firefox 30.0 on my ArchLinux machine.

https://www.mozilla.org/en-US/firefox/30.0/releasenotes/

Seems Mozilla Firefox is blocking plugins from “Always Activate” to “Ask to Activate” (default blocked). Something I won’t mind, people have a lot of plugins enabled while don’t using them – or will enlarge the risk of files and (malicous) code being launched automatically within the browser.



Mozilla says the following about disabling the plugins:

We strongly encourage site authors to phase out their use of plugins. The power of the Web itself, especially with new technologies like emscripten and asm.js, makes plugins much less essential than they once were. Plus, plugins present real costs to Firefox users. Though people may not always realize it, we know plugins are a significant source of poor performance, crashes and security vulnerabilities.”

Our vision is clear: a powerful and open Web that runs everywhere without the need for special purpose plugins. This change will move us towards that vision, while still balancing today’s realities.

The best way would be for Citrix to request a whitelisting of their Citrix Receiver here in meanwhile: https://wiki.mozilla.org/Plugins/Firefox_Whitelist

You can read about these issues here:

https://bugzilla.mozilla.org/show_bug.cgi?id=1025627 https://community.reckon.com.au/reckon/topics/citrix_receiver_wont_launch_with_firefox_v30_0
http://www.tri-delta.com/about/blog/item/firefox-30-and-citrix-web-interface
https://support.mozilla.org/en-US/questions/1005650

Anyway, when you try to login your desktop/application you’ll see a small building block on the top left, if you click there and “Allow and Rember” the browser will automatically start the connection.

See here:



Another workaround is to enter ABOUT:ADDONS in the addressbar or through TOOLS > PLUGINS and change the Citrix Receiver from “Ask to Activate” to “Always Activate” like you can see here:




How to disable the Google Chrome (PPAPI) Pepper Flash plugin

On our Citrix servers we always tend to keep control of the plugins by updating them if possible, that goes for Oracle JAVA and of course Adobe Flash, but since update 21 Google Chrome has a strange behaviour in it’s built-in Flash plugin (FPP).

After every reboot or update it enables itself, very annoying. Google really should fix that because it’s a pain in the arse for quite some while and also the Flash plugin is out-dated, compared to our updated Adobe Flash plugin. Besides that FPP was exposed to several camera and/or audio related issues.

So yes but what now? If you open Google Chrome and type: chrome://plugins you’ll see a list of all plugins used in Google Chrome:



I’ve tried many ways to arrange that the FPP will be disabled at any time (even after a reboot or update), editting the Group Policy, removing the folder D:\Program Files (x86)\Google Chrome\PepperFlash and the above way by disabling in chrome://plugins.

Recently I found some Chromium flags (Chromium is the Open Source code for Google Chrome) which allows us to start Google Chrome with serveral commands, check them out here:

There’s a command that disables the bundled PPAPI version of Flash called: —disable-bundled-ppapi-flash

If you offer the desktop icon for Google Chrome by policy (or just the .lnk) then you’ll need to add an argument like you can see here:



Now after changing this you can check again for example the Rapid7 browserscan and you’ll notice an up-to-date Adobe Flash plugin being used and the FPP anymore. Hooray!




Receive Security Updates for End-of-Life Windows XP

As you might know many organisations buy thinclients, for example from HP. These devices are also being called embedded systems, just a Windows XP SP3 with another name.


Basically Microsoft has handed out a sheet with all the End-of-Life data about all their products. Support for Windows XP has been stopped mainstream support a month ago but the strange thing is that the Windows Embedded Systems (2009 and POSready) will receive extended support (security patches) until 2019

The URL and sheet here:

http://www.microsoft.com/windowsembedded/en-us/product-lifecycles.aspx



Nice, so what?


If you change your registry with the following key it means you trick the Windows Update engine and will receive the Embedded Systems 2009 / POSready security updates within your Windows XP. Please note: only x86 systems are supported.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001



Missing reconnect and disconnect button on Citrix Web Interface 5.4 with IE11

Microsoft’s browser Internet Explorer have undergo heavily changes to it’s security and behaviour. As for known now several application and resources can act strange on IE11, therefor you might consider downgrading to IE10.

However IE11 is much more same and downgrading the browser can be a real pain in the arse (warnings about having a browser installed while you don’t for example).

There are workarounds for this by putting the website in compatibility view, this works in IE11 for missing the reconnect button. But first of all you need to make sure you did enable the reconnect button in Workspace Control (on the server where you’ve installed Citrix Webinterface):



Well this looks promising, so now what happens if you don’t add the website in compatibility view:



Missing buttons right. To resolve this issue please do the following:

  • Open Internet Explorer.
  • Click Tools, and click Compatibility View settings.
  • Under Add this website, type the URL of your Web Interface site and click Add (normally you don’t need to enter the URL if you’re already on it)

Now close down the browser and rebrowse to your webinterface:



Solved, as for the buttons. As for the feature of automatically reconnecting sessions it’s still an issue with WI4.5 and IE11; it just won’t work. The best thing is to get rid of Webinterface at all and install StoreFront; it’s much better!


Citrix NetScaler documentation

Recently I came across a great documentation (powershell) script by Barry Schiffer for Citrix Netscaler. As you might know it’s a tough job to get all the settings and configuration well documentated for you- or your customers.

What is it?

Normally you’ll work a lot from the wizard like here:



But you can also work from terminal if you export the ns.conf or edit your settings:



Easy? No! The output isn’t readable, you might forget things and make mistakes. Also working from the official Citrix API won’t bring you far. So great job on the 5000 counting lines Powershell script Barry Schiffer!

From now on you can check out the script here: http://carlwebster.com/where-to-get-copies-of-the-documentation-scripts/. If you want know more about the author (Barry Schiffer) be sure to check out his website http://www.barryschiffer.com/netscaler-documentation/.

How to use

  • Copy content of AllCurrentScriptFiles.zip into a folder
  • Move away the scripts you don’t use
  • Make sure you use at least Powershell v2, v3 or v4
  • If you use a specific MUI/language of Powershell make sure your local system locale (PSCulture) is the same
  • Download or copy NS.conf from Citrix Netscaler
  • Put NS.conf in same folder as the scripts:


  • Run PS script:


  • Check out your full documentation: