Category Archives: Windows Server

Remove the “Protected Mode” pop-up from Internet Explorer 11 – Win 2012 R2

A published IE application may show the following pop-up when starting a web page:

Image
Such pop-up appears each time, even if you click on the ‘Don’t show this message again’.
The solution is to set the user registry value that prevents this pop-up from appearing (this can be done through GPO, logon script, etc…)
The value is “NoProtectedModeBanner”, DWORD, and must be set to 1.
It must be located under HKCU\Software\Microsoft\Internet Explorer\Main
Image

Getting rid of the ‘Internet Explorer Enhanced Security Configuration is enabled’ page when publishing IE through XenApp

Environment: Citrix XenApp 6.5, Windows Server 2008 R2, Internet Explorer 8.

Scenario: you published IE as a XenApp application, you turned IESEC off through GPOs (or through the Server Manager) and you configured a default home page for all users through a GPOs.

Problem description: at their first logon, your users get the ‘res://iesetup.dll/HardAdmin.htm’ start page which says something like ‘Internet Explorer Enhanced Security Configuration is enabled’. You don’t understand why this happens as you are sure you correctly set the default home page and disabled IESEC. Anyway, when users log on a second time they see their correct home page. This problem might be very annoying when every user has a local profile which is deleted and then needs to be recreated each time.

Problem cause: this problem happens if you disable IESEC after installing XenApp and enabling Remote Desktop Services, in fact, when you do so, the NTUSER.DAT file located in the Default User folder retains some settings that bring you to the ‘res://iesetup.dll/HardAdmin.htm’ on your first logon.

Problem resolution: to avoid this problem disable IESEC before installing XenApp. If it’s too late and you have already installed XenApp without disabling IESEC first, you can replace the NTUSER.DAT file located in the Default User folder with a correct one; to do so follow step #4 described in this Microsoft article: http://support.microsoft.com/kb/933991

Acrobat Reader 9 script pop-up removal

Environment:  Windows Server 2003 Service Pack 2, Citrix XenApp 5 Roll Up Pack 7, Citrix User Profile Management 3.2, VMware ESX 4.0.

Problem description: every time an application tries to open, through a script, a pdf file with Acrobat Reader (from version 9 on), a pop-up alert notifies the user of the action. This pop-up can be annoying when multiple pdf files need to be open during a session. The pop-up can be acknowledged and avoided for future uses, but usually users tend to ignore its content and click on “ok”.

Problem cause: the pop-up alert is a security feature introduced by Adobe since Acrobat Reader version 9.

Problem solution: when the “do not show this message again” check box is checked, a new registry key is created into the registry. To discover the key created by the process I used a free tool called “RegFromApp.exe”. The key is:

[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader
\9.0\AVAlert\cCheckbox\cAcrobat]"iWarnScriptPrintAll"=dword:00000001

To solve the problem I created an ADM template which I’ve imported and enabled through the GPO management console. The template is the following (please note that it modifies also another registry key: …\9.0\AdobeViewer]”EULA”= dword:00000001, which is useful to avoid the adobe contract to appear each time a new user opens acrobat reader):

;template creato da Sebastiano Ingallo
;per disabilitare il pop-up di alert
;di acrobat reader e la
;visualizzazione del contratto al primo avvio
CLASS USER
CATEGORY !!Reader
        POLICY !!DisAlert
            KEYNAME "Software\Adobe\Acrobat Reader\9.0\
                     AVAlert\cCheckbox\cAcrobat"
           EXPLAIN !!DisAlertExplain
                VALUENAME "iWarnScriptPrintAll"
                    VALUEON NUMERIC 1
                    VALUEOFF NUMERIC 0
        END POLICY
       POLICY !!DonotdisplayEULA
            KEYNAME "Software\Adobe\Acrobat Reader\9.0\AdobeViewer"
           EXPLAIN !!DonotdisplayEULAexplain
                VALUENAME "EULA"
                    VALUEON NUMERIC 1
                    VALUEOFF NUMERIC 0
        END POLICY
END CATEGORY
[strings]
Reader="Adobe Reader 9.0"
DisAlert="Disabilita Alert Stampa"
DisAlertExplain="Se abilitato non visualizza l'alert
durante la stampa inziata da uno script"
DonotdisplayEULA="Non visualizzare contratto"
DonotdisplayEULAexplain="Se abilitato non fa
visualizzare il contratto al primo avvio"

 

PS: comments are written in Italian.

Support Articlesfrickelsoft.net; nirsoft.net

 

 

XenApp 6 – Disconnecting ICA session attempts to restart the server

System: XenApp 6 on Windows 2008 R2

Event description:

“The attempt by user domain\user to restart/shutdown computer XXXXXXXXXXX failed”

Event id: 1073 Source USER32

This event is generated when a user logs off from an ICA or RDP session. There is no actual attempt to restart or shutdown by a user or apps. The event is generated immediately after the log off.

Workaround:

  • Open the RemoteApp Manager (Under Administrative tools – Remote Desktop Services) as admin user. 
  • Close the RemoteApp Manager Console.
  • Clear the system log from event viewer.
  • Now you should not see the event anymore.
This temporary workaround has been found by Colm Naish:  http://forums.citrix.com/

XenApp 6 How To: force the ICA listener on one NIC in multihomed installations

Sometimes, if you have your XenApp 6 servers in a multihomed environment, you may need to force the ICA listener to listen on only one NIC. For example it might happen that your web interface returns an ICA.launch which includes the wrong IP address.

The following steps shows how to perform the required configuration:

  • Then you have to set the binding order of your network card, putting the one you want to be associaated with the ICA listener at the bottom of the list, to do so:
      1. Open “Control Panel”
      2. Open “Network and Sharing Center”
      3. Click on “Manage Network Connection”
      4. Press “Alt” on your Keyboard
      5. Click on “Advanced” and then on “Advanced Settings”
      6. Put the connection you want to use at the bottom (XenApp 6 binds in descending order)
  • Open “ICA Listener Configuration”

  • Click on “Edit” –> “Network Adapter” and select the adapter you want
  • Click “OK” and close the console.
  • Restart the IMA service

  • Open a command prompt and run “qfarm”, you will see that your server is not listed along the others (here is explained why: http://support.citrix.com/article/CTX126871 )
  • Open the ICA listener console and put all NIC to listen again
  • Restart the IMA service again
  • Run “qfarm” again, now you’ll see that your server is listed twice and the first row contains the IP of the NIC you chose to use for the ICA listener

 

How to delete a newly created predefined dhcp option – windows server 2003

OS: Windows Server 2003

Service: DHCP Server

Problem: sometimes you might need to create a predefined dhcp option on your Windows 2003 dhcp server.



and sometimes you might select a wrong data type for your option.

The problem is that when you try to delete the newly created option the delete button is inactive!!!!

 

Solution: from the command line run the following:

netsh dhcp server \\servername delete optiondef optionnumber

Where:

  • servername = name of your server
  • optionnumber = number of the newly created option