Pointers for setting up, optimizing and customizing a Windows 11 Multi-Session image for Citrix DaaS

Introduction

In order to run Citrix Virtual Apps and Desktops with Multi-Session machine catalogues, one requirement has always been that the target machines must run a Windows Server operating system. Besides correct Citrix licenses, RDS CAL licenses were necessary as well for allowing the multi-session setup to come into existence.

Enter the dawn of Azure Virtual Desktop and the fact that a majority of my Citrix DaaS clients have already resorted to Azure as their resource location of choice, the playground has changed.
You see, when AVD released together with the Windows 10/11 multi-session SKU’s (unique to the Azure platform) the license requirement included the Microsoft 365 E3/E5 licenses, in which almost all of my Citrix DaaS clients already had for ensuring that their employees could use Microsoft 365/ Office apps.
To put it simply, it virtually became a no-brainer to migrate these clients’ Citrix DaaS workloads to a Windows 11 multi-session SKU, therefore cutting license costs by not needing to renew the expensive RDS CAL licenses anymore.

Having worked intensely with both Azure Virtual Desktop and Citrix DaaS with Azure as the resource location, I figured I would share some pointers, tips and lessons learned on what a baseline configuration of the Windows 11 multi-session image could consist of. This with the perspective of the image being used primarily in a Citrix MCS catalogue and in a non-persistent scenario.
Keep in mind that this is not a complete outline and that some recommendations could be irrelevant depending on your case. I have personally not seen a similiar writeup and merely want to share a guideline to lean against should this be a new type of setup for you! 🙂

Continue reading “Pointers for setting up, optimizing and customizing a Windows 11 Multi-Session image for Citrix DaaS”

Microsoft Access Driver Query is corrupt

INTRODUCTION

Today I was involved in a particular incident where Windows Updates did its thing and broke something. This time it involved an update for Access, a database program provided by Microsoft, causing specific queries to output that they are corrupt.
Due to its unclear nature at first, I thought I would write a quick blog post and hopefully spare other system administrators from at least some amount of head scratching.

Continue reading “Microsoft Access Driver Query is corrupt”

ClickOnce application suddenly blocked by AppLocker Group Policy

INTRODUCTION

With the release of the Windows 7 and corresponding server operating system, the AppLocker technology has become a quintessential tool for system administrators to utilize. Thanks to it, administrators can restrict or allow end-users to run certain applications based on its publisher value, file path or even its unique file hash, all within an On-premise Domain-wide level. In other words, it is a given implementation within an enterprise environment to further defend itself from the many and various threats that can stem from executing suspicious programs.
In this post however, I would like to share an isolated issue in which an already known application was suddenly blocked by an AppLocker Group Policy and how it being a ClickOnce executable required some creative thinking right on the spot.

Continue reading “ClickOnce application suddenly blocked by AppLocker Group Policy”