Webster

The first question usually asked by the Accidental Citrix Admin is "what is citrix?".  There are two ways the term "citrix" is used: as a specific product or as the name of a company which provides that product.  Usually when "citrix" is mentioned, the term is referring to software used to allow multiple user access to one or more applications hosted on another computer (normally a server).  The company, Citrix, refers to that capability as Application Virtualization. The product which provides that capability is now called XenApp, and it was rebranded to that name in February 2008.  Before then it was called:

• Presentation Server (2005)
• MetaFrame XP Presentation Server (2003)
• MetaFrame XP (2001)
• MetaFrame (1998)
• MultiWin (1997)
• WinFrame (1995)
• WinView (1993)
• Citrix Multi-User (1991)
• Citrix MULTIUSER OS/2 (1990)

Looking at this product name timeline, we can expect a different name in 2010!

Citrix, the company, was founded in 1989 and I started working with MULTIUSER OS/2 in late 1989 or early 1990.  There were still vertical market application vendors using that product as late as the summer of 2003.  Citrix is primarily known for their Application Virtualization product XenApp but there are 22 distinct products listed on the MyCitrix.com web page:

• Citrix Cloud Center
• Citrix Delivery Center
• Access Essentials
• Access Gateway
• Application Firewall
• Branch Repeater
• Command Center
• EasyCall
• EdgeSight
• GoToAssist
• GoToMeeting
• GoToMyPC
• GoToWebinar
• NetScaler
• Password Manager
• Provisioning Server Datacenters
• Provisioning Server Desktops
• WANScaler
• Workflow Studio
• XenApp
• XenDesktop
• XenServer

What is Citrix?  Citrix is a company that offers a wide range of products to serve almost any application delivery need a business may have.  From the smallest business to the largest global spanning corporations, Citrix has products to help deliver your applications to your users in the most cost efficient manner possible.

During the design phase of a XenApp server installation, a common question is whether to remap the server's drive letters.  If a server has one hard drive partition and one CD-ROM drive the driver letters assigned by Windows are C and D respectively.  The Accidental Citrix Admin may find his users confused when they go to save files when they don't see their local hard drive as Drive C.  The default behavior for Citrix XenApp is to remap the Client's drives starting with the letter V.  The client's local drive C becomes V, drive D becomes U and so on.

If the Accidental Citrix Admin needs to change the Client Remapped Drive letter from V to something else like Y, there is a simple server registry key to affect the change.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following to view the article in the Microsoft Knowledge Base:

On EVERY XenApp server, start Regedit and navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Citrix

 Right-click in the right pane, select New, String Value

A new value is created

Name the new value, InitialClientDrive

Enter the new client drive letter you want remapping to start with, Y: in this example

Your registry key should now look like

This is an immediate change on the server.  All a logged in user needs to do to see the change is restart the published application they are running.  They will now see the drive letter change.

Remember, this registry change must be made to every XenApp server in the Farm.

What happens if InitialClientDrive is set to C?  It appears the XenApp server gets confused and the user will not see the server's drive or any of their local hard drives.  In the example below, all the user sees is the local CD-ROM drive.  Both local hard drive partitions are now missing.

This was tested using XenApp 5.0 on Server 2003 using Citrix XenApp Plugin for Hosted Apps Client 11.000.

Citrix XenApp Server products allow Farm Administrators and Users to interact with other user sessions.

Shadowing can be a useful tool for user collaboration, training, troubleshooting and monitoring. This capability is useful for supervisors, help desk personnel, teachers, and anyone else who may need to examine another user's session.  During Setup, you can limit or disable shadowing.  You can disable shadowing of ICA sessions on all servers in a farm if, for example, legal requirements prohibit shadowing of user's sessions.  Or, you may want to disable shadowing on servers that host sensitive applications such as Human Resources or Payroll.

During Setup, you will see this dialog box:

The decision made on this screen cannot be changed without reinstalling XenApp.  This is from page 66 of the XenApp 4.5 with Feature Release 1 (AKA XenApp 5.0 on Server 2003):

<quote>

Important: Shadowing restrictions are permanent. If you disable shadowing or
enable shadowing but disable certain shadowing features during Setup, you
cannot change the restrictions later. Any user policies you create to enable user-to-
user shadowing are subject to the restrictions you place on shadowing during
Setup. Do not disable shadowing as a substitute for user- and group-specific
connection policies.

Prohibit shadowing of user sessions on this server. Select this option to
permanently disable shadowing of user sessions on the server. If you disable
shadowing during Setup, you cannot enable it using other Citrix Presentation
Server configuration utilities or by creating connection policies.

</quote>

The problem that an Accidental Citrix Admin will have is how to tell if shadowing is Allowed or Prohibited on a server they now manage?  Whether shadowing is Allowed or Prohibited, all shadowing components are still installed. 

• The cshadow.* and wshadow.* program files are still installed in C:\Program Files\Citrix\System32
• The Shadow Taskbar is enabled
• Citrix policies for shadowing can still be created and applied.

So how does the Accidental Admin determine if shadowing is Allowed or Prohibited? Well, you will start with the Terminal Services Configuration Console. Within the console, under the Connections node, examine the Property sheet for the ICA-tcp object. When the Property sheet is displayed, click on the ICA-settings tab. 

The following screen shot shows what the ICA Settings look like when shadowing is Allowed:

In the bottom area there is a Shadowing section that allows Shadowing to Inherit user config or set to:

• is disabled
• is enabled: input OFF, notify OFF
• is enabled: input OFF, notify ON
• is enabled: input ON, notify ON

When shadowing is prohibited:

When shadowing is Prohibited during the installation of XenApp, the Shadowing section of the ICA Settings is grayed out.

This was tested in my lab using XenApp 5.0 on Server 2003.

The webica.ini file is used by the Citrix Windows client software for the purpose of providing more reliable security and user-configurable client drive file security.

Depending on the version of the client software used, Citrix policies applied to a user or from the Citrix Connection Center systray icon, the user will see:

Users can configure file access types to one of the following File Security settings:

No Access
Read Access
Full Access

Also, users can configure whether or not a file security pop-up window appears when they access the same server again with the following options:

Always ask me
Never ask me again for this server
Never ask me again

The Default answers are No Access and Always ask me.