Citrix Policies Best Practices for XenApp 6.5 and XenDesktop 5.6
I’ve seen this issue time and again. As a CTP and a CCI, I talk with many customers and one thing I focus on in the XenApp 6.5 and XenDesktop 5.6 training classes is Citrix Policies. On the web you’ll find several articles such as the XenApp and Desktop Policy Planning Guide and the XenDesktop and XenApp Best Practices Reference Guide. These guides are great, but also looking at the built in templates provided by Citrix can do wonders for you’re environment. Therefore it’s important to take the time to understand the Citrix Policies, as you can improve user experience and better session control. This is not a discussion on where to manage the settings from, you choose either between setting these Policies in Citrix AppCenter / Citrix Studio or in GPMC.
We also use the same policies in our Demo Center, and this article is based on our setting that we have succsefull implemented into it, so that the customers that try the various scenarios get a good experience.
If you are having issues related to XenApp 6.5 AppCenter Console Policies Are Not Visible, please read the following CTX article from Citrix -> https://support.citrix.com/article/CTX134601
Also, to get a complete overview of the different XenDesktop policies, and what they do please take a look at the following edocs article from Citrix. https://support.citrix.com/proddocs/topic/xendesktop-rho/cds-policies-rules-quick-ref-rho.html
The policies below are from a collection from the Citrix guides mentioned above, and some are gathered from experience.
The following ICA/HDX protocol tuning options should be evaluated to optimize bandwidth consumption and virtual desktop resource utilization:
- Disable “View window contents while dragging”
- Enable “Windows Media Redirection”
- Enable “Flash acceleration” with client side content fetching
- Enable “Audio over UDP Real-Time Transport”. Please note that this configuration requires Audio quality to be set to “Medium – optimized for speech”
- Set “Progressive compression level” to “Low” or any higher value
- Enable “Extra Color Compression” in very low bandwidth scenarios. Please note that the “Extra Color Compression Threshold” should be configured to an appropriate value.
- Enable “Lossy compression” for image compression or “Heavyweight compression” in case image quality loss is not acceptable (more CPU intensive)
For more information, please refer to the Citrix Knowledgebase Article CTX131859 – Best Practices and Recommendations for Citrix Receiver 3 and HDX Technology with XenDesktop 5.x
New Policy Settings for XenDesktop 5.6 Feature Pack 1
New Policy Settings
XenDesktop includes the following new policy settings:
Setting ICA > Mobile Experience Automatic keyboard display
- Launch touch-optimized desktop
- Remote the combo box
ICA > Printing Printer assignments
ICA > Printing > Universal Print Server Universal Print Server enable
- Universal Print Server print data stream (CGP) port
- Universal Print Server web service (HTTP/SOAP) port
- Universal Print Server print stream input bandwidth limit (kpbs)
XenApp / XenDesktop Baseline User Policy:
Apply this policy as your baseline to all users connecting to your XenApp farm.
A key difference from previous version of XenDesktop is that from XenDesktop 5.6 Flash Redirection and other basic user experience policies are enabled by default via Citrix XenDesktop policy configurations. But, look into the policy options provided to get more control of the behavior of Flash and other Media related content, including Flash intelligent fallback as well as whitelist and blacklist capabilities. When configured, Flash Intelligent Fallback will automatically revert to server-side rendering in scenarios where client-side rendering would provide a poor end-user experience. When using intelligent fallback, there is no interruption or failure in the loading of the web page or the Flash application.
Here are the recommended Flash settings in Citrix HDX Policy.
ICA->Adobe Flash Delivery->Flash Redirection
Flash acceleration – Enabled
Flash default behavior – Enable Flash Redirection
Flash event logging – Enabled
Flash intelligent fallback – Enabled
Flash latency threshold – 30 milliseconds
ICA->Desktop UI
Desktop wallpaper – Allowed
Menu animation – Allowed
View window contents while dragging – prohibited
ICA->Audio
Audio Plug N Play – Allow
Audio quality – Medium
Client audio redirection – Allow
Client microphone redirection – Prohibit
ICA->Port Redirection
Auto connect client COM ports – Disable
Auto connect client LPT ports – Disable
Client COM port redirection – Disable
Client LPT port redirection – Disable
ICA->File Redirection
Client floppy drives – Prohibit
Client optical drives – Prohibit
Host to client redirection Disable
Read-only client drive access – Disable
Use asynchronous writes – Enabled
ICA->Printing
Client printer redirection – Allow
Default printer – Set to client’s main printer
Printer auto creation log preference – Errors
Wait for printers to be created (desktop) – Disabled
ICA->Printing->Client Printers
Auto-create client printers – Default printer only
Auto-generate generic universal driver – Disabled
Client printer names – Standard names
Direct connections to print servers – enabled
Retained and restored client printers – Allowed
ICA->Printing->Drivers
Automatic installation of in-bo printer drivers – Disabled
Universal driver usage – Use Universal Printing only if requested driver is unavailable
ICA->Printing->Universal Printing
Universal printing EMF processing mode – Spool to printer
Universal printing image compression limit – Best Quality
Universal printing optimization defaults – Standard Quality
Caching of embedded images
Caching of embedded fonts
Universal printing preview preference – Use for auto-generated and generic
ICA->Session Limits
Linger Disconnect Timer Interval – 5 Minutes
Linger Terminate Timer Interval – 10 Minutes
Pre-Launch Disconnect Timer Interval – 15 Minutes
Pre-Launch Terminate Timer Interval – 30 Minutes
ICA->Shadowing
Log shadow attempts – Allow
Notify user of pending shadow connections – Allow
Users who can shadow other users – Defined by security
ICA->Time Zone Control
Estimate local time for legacy clients – Enable
Use local time of client – Use Client time zone
ICA->TWAIN devices
Client TWAIN device redirection – Enabled
TWAIN compression level – low
ICA->Visual Display->Moving Images
Moving Image Compression – Enabled
Server Session Settings
Session importance – Normal
Single Sign-on – Disabled
XenApp Baseline Computer Policy Setting.
Apply this policy as your “baseline” to all Servers in your XenApp farm.
ICA
ICA listener connection timeout – 120000 ms
ICA listener port number – 1494
ICA->Auto Client Reconnect
Auto client reconnect – Allow
Auto client reconnect authentication Not required Require
Auto client reconnect logging Disabled
ICA->End User Monitoring ( Not required, but a good feature to enable!)
ICA round trip calculation – Enable
ICA round trip calculations for idle connections – Disable
ICA->Graphics
Display memory limit 32768 KB
Display mode degrade preference – Degrade Color Depth First
Dynamic Windows preview – Enabled
Image caching – Enabled
Maimum allowed color depth 32 bit
Notify user when display mode is degraded – Disabled
Queuing and tossing – Enabled
ICA->Graphics Caching
Persistent Cache Threshold – 3000000 Kbps
ICA->Session Reliability
Session reliability connections – Prohibited
ICA Shadowing
Shadowing – Allow
ICA->Keep Alive
ICA keep alive timeout – 60 seconds
ICA keep alives – Enabled
ICA->Multimedia
Windows Media Redirection – Allowed
Licensing
License server host name – License Server name ( I recommend using FQDN!)
License server port – 27000 ( change it to another port if you want to )
Server Settings
DNS address resolution – Enabled
Full icon caching – enabled
Server Settings->Health Monitoring and Recovery
Health Monitoring – Enabled
Health Monitoring tests – Use Defaults (please configure as you see fit.)
Server Settings->Memory/CPU
CPU Management server lever – preferential load balancing
Memory optimization – Enabled
Memory optimization interval – enabled
Server Settings->Reboot Behaviour
Reboot logon disable time – Choose a value to suit your clients
Reboot Schedule frequency – Choose a value to suit your clients
Reboot Schedule start date – Reboot Schedule Choose first day of the reboot
Reboot Schedule time – Choose time to restart server
Reboot warning interval – Choose interval which the users are notified about pending restart
Reboot warning users – enabled
Scheduled Reboots – enabled
XML Service
Trust XML requests – enabled
XML server port – 8080
XenApp WAN – For users connecting from outside/External User Policy.
Apply this policy for users working from branch offices or remote locations with low bandwidth and/or high latency connections.
ICA->Adobe Flash Delivery->Flash Redirection
Flash acceleration – Enabled
ICA->Audio
Audio quality – Medium (in the event of extreme latency conditions, you might want to also try setting it to Low)
ICA->Client Sensors->Location
Allow applications to use the physical locations of the client device – allowed (Android Tablet / iPad/iPhone Devices) This feature also includes Windows 8 in Citrix Avalon Excalibur Tech Preview.
ICA\Desktop UI
Desktop wallpaper – prohibited
Menu animation – prohibited
View window contents while dragging – prohibited
ICA->File Redirection
Use asynchronous writes – Enabled
ICA->Mobile Experience (Please not that there is a Mobility Pack from Citrix available also)
Automatic Keyboard Display – Enabled (Tablet Devices)
Launch touch-optimized desktop – Enabled (Tablet Devices)
Remote the combo box – Enabled (Tablet Devices)
ICA->Printing Wait for printers to be created (desktop) – Disabled ( In some cases you need to enable this one for certain applications, but the overall rule is TO DISABLE it! )
ICA->Printing->Universal Printing
Universal printing optimization defaults – Standard Quality
Caching of embedded images
Caching of embedded fonts
ICA->TWAIN devices
Client TWAIN device redirection – Disabled
ICA->Visual Display
Max Frames per Second – 15 FPS ( If you want to tweak this to a higher frame rate per second, then please do, but to get the best user experience for users over a WAN connection leave it to this recommended setting)
ICA->Visual Display->Still Images
Extra Color Compression – Enabled
Extra Color Compression Threshold – 8192 kbps
Lossy compression level – High
Lossy compression level threshold value – Unlimited
These Policies best practise settings applie to XenDesktop 5.5 and newer and XenApp 6.5 and newer. Please note that some Policies have changed names from older version of XD and XA.
{loadposition content_starwind600}