Industry-Wide Computer Processor Vulnerability – What To Know, What To Do

Citrix employee blogs - Thu, 01/04/2018 - 14:00

Google Project Zero, a team of security analysts at Google charged with identifying new vulnerabilities, reported a new class of security vulnerability in computer processors that have certain advanced optimization capabilities. This is an industry-wide issue with the processor …

  Related Stories
Categories: Citrix, Virtualisation

3 Pillars of DaaS Success — Webinar FAQ

Citrix employee blogs - Thu, 01/04/2018 - 13:00
Desktops-as-a-Service (DaaS) is a hot topic. Thank you to all that attended the December 13 webinar, Getting to the State of OPEX: 3 Pillars of DaaS Success, and for the insightful questions you raised.

Due to the great participation …

  Related Stories
Categories: Citrix, Virtualisation

The Top Technology Predictions for 2018

Theresa Miller - Thu, 01/04/2018 - 06:30

2017 was a great year in IT bringing much change in the focus of how businesses are consuming IT.  For example, cloud for many organization is no longer if but when.  We are also now looking at data analytics, virtual reality, artificial intelligence in new ways that benefit the business and not just in ways […]

The post The Top Technology Predictions for 2018 appeared first on 24x7ITConnection.

How To: Add a Server Identifier to the StoreFront Page Footer

Citrix employee blogs - Wed, 01/03/2018 - 21:00
In this blog post, I review the steps for customizing StoreFront to include a unique server identifier on the page footer. This is a common requirement for customers who have multiple StoreFront servers behind a load balancer. In this scenario, …   Related Stories
Categories: Citrix, Virtualisation

HTML5 Multimedia Redirection: State of the Union Part II

Citrix employee blogs - Wed, 01/03/2018 - 19:00
In the first installment in this series, we laid out the context for the latest set of technologies in HDX MediaStream Multimedia Redirection, and explained what’s in 7.16. In this post, we will explain the differences between HTML5 Video …   Related Stories
Categories: Citrix, Virtualisation

The Way We Work: How the Move to Cloud Services Is Transforming Citrix Procurement

Citrix employee blogs - Wed, 01/03/2018 - 15:00
You may have seen how Citrix has embraced the transformative power that cloud services can bring to a business. As we have shifted our focus, putting Citrix Cloud at the center of our product strategy, we are also seeing the …   Related Stories
Categories: Citrix, Virtualisation

Voting is Now Open for the 2018 Citrix Innovation Award for Partners!

Citrix employee blogs - Wed, 01/03/2018 - 13:00
Watch the finalist videos and vote now! Voting closes Tuesday, Jan. 9 at 12 pm PT.

Citrix partners are the under-sung heroes in helping business around the world bring digital transformations to life. In a recent blog post, Citrix …

  Related Stories
Categories: Citrix, Virtualisation

How Stratodesk and Citrix Help Customers Unify & Standardize VDI Endpoints

Citrix employee blogs - Tue, 01/02/2018 - 19:00

As a Citrix Ready partner, Stratodesk has been pioneering the cause of helping Citrix’ customer base enhance the user experience with endpoint devices. Today, I am pleased to bring you a guest post by Joseph Anderson from Stratodesk. Read on

  Related Stories
Categories: Citrix, Virtualisation

Knowledge Center Highlights – December 2017

Citrix employee blogs - Tue, 01/02/2018 - 18:08

Hello Citrix community! Welcome to the December 2017 edition of Citrix Knowledge Center Highlights. This is a collection of new and updated articles, trending articles, and other updates from the Citrix Knowledge Center team.

Knowledge Center Highlights

We have organized …

  Related Stories
Categories: Citrix, Virtualisation

Improving the Citrix User Experience

Citrix employee blogs - Tue, 01/02/2018 - 13:00
At the end of my last article on scalability, I mentioned that we’d recently changed our default ICA transport from TCP to something called Enlightened Data Transport, or EDT.

EDT is more closely related to UDP than TCP …

  Related Stories
Categories: Citrix, Virtualisation

Security Design Decisions — Part 5

Citrix employee blogs - Thu, 12/28/2017 - 13:00
Security Design Decisions Part 5 — Physical Layer

Welcome back to my blog series on Security Design Decisions where I explore the need for a solid security framework. As more and more companies invest in security automation, I will explain …

  Related Stories
Categories: Citrix, Virtualisation

How to use http delete, put, head, connections, connect with an Azure Web App

Nicholas Dille (Sepago) - Wed, 12/27/2017 - 11:26
I often use Azure Web Apps to deploy tools and programs running serverlessly. A few weeks ago, I deployed an MVC web site with a controller to handle file uploads to an Azure Storage Account. For the client site I used jquery-FileUpload, which also allows to trigger a controller to delete a...
Categories: , Citrix, Virtualisation

Folder Redirection to OneDrive on Windows 10 with Intune

Aaron Parker's stealthpuppy - Wed, 12/27/2017 - 11:15

If you’re deploying Windows 10 with Modern Management (Azure AD joined, MDM managed), you’ll likely have wondered about data protection – if users aren’t intentionally saving documents to their OneDrive folder, those documents are likely not synchronised and therefore not protected against data loss.

Traditionally managed PCs will have folder redirection (and offline files) so that user’s documents are synchronised when corporate network connectivity is restored. Some organisations will even have implemented folder redirection into the OneDrive folder via Group Policy, as a better alternative.

Implementing folder redirection for Windows 10 via Intune currently isn’t possible, so we need a creative solution to this challenge. With PowerShell scripts available to deploy via Intune, we can create a custom approach for redirecting important folders into OneDrive.

How Folder Redirection Works

Here’s an old, but a good article that covers how the Folder Redirection Extension works. It was written for Windows XP / Windows Server 2003, but the concepts are still the same in 2017. The article includes the following overview of folder redirection:

Folder Redirection processing contains five steps:

  1. Determine which user folders to redirect based on changes to Group Policy settings at the time of logon.
  2. Determine the target location specified for redirection and confirm the user has access rights to that location.
  3. If the target folder does not exist, the folder is created and the appropriate access control list (ACL) rights are set.
  4. If the folder exists, access rights and folder ownership are checked.
  5. If desired, the files contained within specified folders are moved to the new location, which also deletes them from the source folder if the source folders are local.

In this case, because we’re looking to redirect folders with the source and destination in the user profile on a local disk, we can skip steps 2, 3, and 4. Step 1 is obviously our main requirement and step 5 – moving existing data into the new folder on the same disk, should be quick and reasonably safe on modern PCs with SSDs.

Given that we don’t have Group Policy available to us, we need to implement steps 1 and 5 in such a way that we can be sure the redirection and move of data will be successful.

Implementing folder redirection in PowerShell 

A script that implements folder redirection using SHSetKnownFolderPath is available from here: SetupFoldersForOneDrive.ps1. This defines a function called Set-KnownFolderPath that can be used to redirect a known folder of your choosing to a target path and it works quite well. In its current iteration though, all it does is redirect the folder. 

Because we also need to move the folder contents, I’ve forked the script and added some additional functionality:

This version of the script updates the Set-KnownFolderPath function to ensure all known folders for Documents, Pictures etc. are covered and adds:

  • Get-KownFolderPath – we need to know what the existing physical path is before redirecting the folder
  • Move-Files – a wrapper for Robocopy.exe. Rather than implement the same functionality of Robocopy in PowerShell, the script references it directly to move the contents of the folder to the new location. This ensures that we also get a full log of all files moved to the new path.
  • Redirect-Folder – this function wraps some testing around the redirect + move functionality
  • Reads the OneDrive for Business sync folder from the registry to avoid hard-coding the target path
  • Implements redirection for the Desktop, Documents and Pictures folders.

My script could do with some additional error checking and robustness; however, it provides the functionality required to redirect specific folders into the OneDrive folder and can be re-run as required to ensure that redirection is implemented for each folder.

Deploying with Microsoft Intune

Intune allows you to deploy PowerShell scripts that run either in the user’s context or in the Local System context. 

Intune PowerShell script settings – user context. Not what we want.

Implementing the redirection script in the user context though fails when adding the SHSetKnownFolderPath class to the script session. Additionally, deploying the script in this manner will only run the script once – if the OneDrive client is not configured correctly when the script runs, the folder redirection will then never work.

Instead of deploying the folder redirection script with Intune, we can instead deploy a script that downloads the folder redirection script to a local path and creates a scheduled task that runs at user login to run the script. That way, we can be sure that the redirection script will run after the user has logged into the OneDrive client and set up the local sync folder in their profile. Additionally, this approach will enable folder redirection to run for any user logging onto the PC.

The script below will download the redirection script to C:\ProgramData\Scripts, create the scheduled task and output a transcript into the same folder.

Note that this downloads the redirection script from my public gist repository. If you implement this in production, I would highly recommend a more secure source for the redirection script.

Right now this script is quite simple – it will need to be updated to remove or update an existing script in the event you need to remove the script from Intune and re-add it.

To deploy the script via Intune, save it locally as Set-RedirectOneDriveTask.ps1 and add as a new PowerShell script under Device Configuration. Ensure that the script runs as Local System by setting ‘Run this script using the logged on credentials’ to No. This is required for creating the scheduled task. 

Adding the Create OneDrive Redirect Task script to Intune

Assign the script to a user or device group and track deployment progress in the Overview blade. A successful deployment will result in a scheduled task on the target PCs. 

OneDrive Folder Redirection Task Properties

When the script is downloaded and the task is created successfully, you’ll see the script and a transcript in C:\ProgramData\Scripts.

The downloaded folder redirection script

When the folder redirection script runs Robocopy to move documents, it will log those moves to %LocalAppData%\RedirectLogs.

Data copy/move logs

When implemented in this way, the script will run at user login and successfully implement folder redirection into the OneDrive for Business sync folder. The user will see a PowerShell script window (even though it’s set to hidden) – this could be fixed by pointing the scheduled task to a VBscript wrapper.

Configuring OneDrive

OneDrive should be configured for single sign-on for the best user experience. Not necessarily a requirement; however, it will make it quicker for users to be up and running and therefore quicker for the script to redirect the target folders.

Given the approach outlined in this article, it’s unlikely that the user’s folders will be redirected on the first login. Adding a delay to the scheduled task may allow redirection to work on the first run; however, this would require several tasks to run in order and Intune won’t necessarily run all tasks in the required order.


In this article, I’ve outlined an approach to implementing folder redirection with PowerShell, via Intune, into the OneDrive for Business sync folder. This uses a script deployed from Intune to Windows 10 Azure AD joined machines to download the folder redirection script and create a scheduled task that runs at user login to perform the redirection and data move.

Redirecting the Desktop, Documents and Pictures should provide protection for the key user folders. While redirecting additional documents is possible, they can often contain data that would be less this ideal for synchronising to OneDrive.

Redirected Documents folder in the OneDrive sync folder

The scripts I’ve posted here are provided as-is and I highly recommend testing carefully before implementing in production.


The folder redirection script will work for any enterprise file and sync tool, not just OneDrive for Business. For example, if you wanted to redirect folders into Citrix ShareFile, just read the PersonalFolderRootLocation value from HKCU\Software\Citrix\ShareFile\Sync to find the sync folder.

This article by Aaron Parker, Folder Redirection to OneDrive on Windows 10 with Intune appeared first on Aaron Parker.

Categories: Community, Virtualisation

Deploy Citrix Receiver to Windows 10 with Intune and PowerShell

Aaron Parker's stealthpuppy - Sat, 12/23/2017 - 01:47

If you’ve Windows 10 Modern Management you’ll know that some applications present a challenge for deployment via Intune (or any MDM solution), because Windows 10 MDM supports the deployment of Win32 applications via a single MSI only. Applications such as Citrix Receiver, that are a single EXE (that wraps multiple MSI files), can be particularly challenging. You can create a custom wrapper to deploy Receiver, but this requires a packaging tool and some specific knowledge on how to package applications.

Microsoft Intune now supports deploying PowerShell scripts to Windows 10 machines, which can provide a more flexible framework for deploying complex applications. For Citrix Reciever, we can use this approach to target Windows 10 PCs for downloading the latest version of Receiver directly from Citrix and install it with any required command line options. This ensures that devices always install the latest version and the Intune administrator only ever has to create a single deployment option via a PowerShell script.

Installing Citrix Receiver

Here’s a simple script to detect whether Receiver is installed and if not, download and install Receiver using a specific set of command line options.

The script could be extended with some additional error checking and logging to provide some additional auditing of the installation, but I have tested this successfully.

Deploying via Intune

Deploying the script via Intune is done just like any other PowerShell script. Save the script locally and then in the Azure Portal, Intune blade, under Device Configuration / PowerShell scripts, add a new script and upload the saved script.

Adding the Install-CitrixReceiver.ps1 script to Intune

Assign the script to an Azure AD group for target users or devices. Your script should then be listed as an assigned script. 

Install-CitrixReceiver.ps1 alongside other PowerShell scripts

Once deployed, we can track successful installations in the Overview blade. Note that the script will only run once per target device – it should be unlikely that the device will receive the script and have it fail (e.g. fail to download the CitrixReceiver.exe), but there could be edge cases where installation fails as a result of some very specific circumstances.

Citrix Receiver deployment overview

Post-deployment, we can rely on the updater functionality built into the latest Receiver releases to keep end-points up to date.


We used a simple approach to the deployment of a non-MSI application to Windows 10 via Intune with a PowerShell script. A simple example that enables deployment of Citrix Receiver with no special packaging and we can be sure that because the end-point downloads Reciever directly from Citrix, the latest version will be deployed each time.

This article by Aaron Parker, Deploy Citrix Receiver to Windows 10 with Intune and PowerShell appeared first on Aaron Parker.

Categories: Community, Virtualisation

The 12 Days of Citrix

Citrix employee blogs - Fri, 12/22/2017 - 15:00

Since late November, my house has been filled with the sounds of Brenda Lee, Nat King Cole, Bing Crosby, Dean Martin, and yes, even Mariah Carey. I’ll admit it: I’m an unabashed lover of Christmas music. From Christmas Wrapping to …

  Related Stories
Categories: Citrix, Virtualisation

Multi-Domain Considerations with NetScaler Gateway and StoreFront — Part 2

Citrix employee blogs - Fri, 12/22/2017 - 13:00

In Part 1 of this series, we discussed different options of configuring NetScaler Gateway authentication policies for XenApp and XenDesktop in a multi-domain environment. In this article, we will focus on multi-domain configuration options for NetScaler Gateway session policies. The …

  Related Stories
Categories: Citrix, Virtualisation

Understanding Contextual Access — Login and Access Methods Can Make Sense

Citrix employee blogs - Thu, 12/21/2017 - 18:30

Are you frustrated every time you have to login or access new computing resources? Cumbersome credentials, onerous IT requirements, and the inability to leverage your own technologies can may help security, but at the expense of productivity — and that …

  Related Stories
Categories: Citrix, Virtualisation

XenApp 7.15 LTSR – Now Target Platform for Epic Hyperspace!

Citrix employee blogs - Thu, 12/21/2017 - 17:00

Recently, Epic added XenApp 7.15 LTSR (with Windows Server 2012 R2 VDAs) as a Target Platform for Hyperspace 2015 and 2017! As my colleague Nick Rintalan has said, XenApp and XenDesktop 7.15 is the biggest release in company history, …

  Related Stories
Categories: Citrix, Virtualisation

What’s Your Cloud’s Superpower?

Citrix employee blogs - Thu, 12/21/2017 - 16:01
Pay attention to technology prognosticators (yes, like me) for long and you’ll hear one word repeated again and again and again: Cloud. Specifically, hybrid cloud.

Hybrid cloud technology unifies all the applications from all the platforms, whether they happen to …

  Related Stories
Categories: Citrix, Virtualisation


Subscribe to aggregator - Virtualisation