8 Citrix Virtual Apps and Desktops Policies You Should Consider Tweaking

citric-app-balaYou have just deployed a new Virtual Apps and Desktops Site for your customer. You thought about what policies should apply in the environment, however you can’t possibly know them all. So, what you will want to do is to before deploying anything to end-users is shift through all the Citrix Policies on offer and configure them appropriately based on business needs and end-user requirements.

There are many policies available. Luckily, you will likely not need to touch 80% of them. Most default policy settings work out of the box for the majority of deployments and it is only under certain circumstances that you need to change a default setting.

There are a couple of policy settings, though, that I’d like to make you aware of specifically. These are settings that I normally like to review with each of my deployments with the view of implementing them.

Without further delay, I present the 8 policy settings I like to tweak for my Virtual Apps and Desktops deployments:

1

Citrix Policy Name Default Setting My Suggested Setting
Audio quality High – High definition audio Medium – Optimized for Speech

If I need audio in my deployment, I normally will set the quality to Medium – Optimized for Speech. Often my deployments will include the publishing and use of Skype for Business, so a policy setting that is optimized for speech is just what I will be after. You are also required to use the Medium setting when using the HDX RealTime Optimization Pack.

2

Citrix Policy Name Default Setting My Suggested Setting
Auto client reconnect logging Do not log auto-reconnect events Log auto-reconnect events

With this recommended policy setting, the Event Log will have a record of auto client reconnection failures or successes. This can be useful in troubleshooting scenarios. Automatic client reconnection is a feature to help when a user loses connection to their Virtual Apps or Desktops. When the connection is repaired, the HDX session resumes without the need for manual intervention from the end-user.

3

Citrix Policy Name Default Setting My Suggested Setting
Automatic keyboard display Prohibited Allowed

This policy setting enables or disables the automatic display of the soft keyboard on mobile devices. You will agree that Citrix deployments today are almost always accessed by one or more mobile devices. That could be a personal or corporate Android tablet, for example. When a user is working within a published application, such as Skype for Business or a word processing app, a better experience for the end-user is for their mobile keyboard to display automatically when they click into a text field, which is what this policy helps with.

4

Citrix Policy Name Default Setting My Suggested Setting
Auto-create PDF Universal Printer Disabled Enabled

My focus with this policy is on Workspace app for HTML5 (formerly Receiver for HTML5). With an HTML5 connection method, the end-user device does not need a locally installed Workspace app client to be available. Instead, the end-user connects to their Virtual Apps and Desktops directly from their HTML5 capable browser such as Chrome, Internet Explorer or Firefox. Once connected, and if the user wants to print from their remote session, enabling this policy setting will map a PDF printer to their session. This allows the user to print to PDF first and they can then choose to print to a physical printer afterwards.

5

Citrix Policy Name Default Setting (7.15 LTSR) My Suggested Setting
HDX Adaptive Transport Off Preferred

Are you already running Virtual Apps and Desktops 7.16 or above? If so, the suggested setting of Preferred will already be set. However, a lot of customers are running the Long Term Service Release version 7.15 and this setting is not enabled by default. Adaptive Transport is the newest HDX virtual channel data transport engine designed to combat latent connections to published applications and desktops. Traffic is designed to reach the destination quicker, which will result in a better user experience. Read here for more information on HDX Adaptive Transport.

6

Citrix Policy Name Default Setting My Suggested Setting
Use local time of client Use server time zone Use client time zone

This policy setting determines the time zone of the user session. By default, the VDA server time zone is kept. However, your organization’s workforce may move among countries for meetings or conferences, or you may simply have offices spread across different countries.

Allowing the VDA time zone to be in sync with the client’s time zone will offer a better experience to your end-users.

Note: You must also allow time zone redirection. To do that, via Group Policy, see User Configuration Administrative Templates Windows Components Remote Desktop Services Remote Desktop Session Host Device and Resource Redirection.

7

Citrix Policy Names Default Settings My Suggested Settings
Session idle timer
Session idle timer interval
Disconnected session timer
Disconnected session timer interval
Enabled
1440 minutes
Disabled
1440 minutes
Configure according to business requirements

Firstly, do note that these settings apply only to Desktop OS VDAs when configured from Citrix Studio. To configure Server OS VDA timeouts, that is done via Group Policy using the readily available Remote Desktop Services settings.

Configuring timeout settings makes better use of your resources

I very much recommend you configure timeout settings. This makes better use of your compute resource and fairer shares it with active users. End-users often do not log off their published desktops, but resources continue to be held and used for the duration of the session.

By implementing shorter Session Limits, you can end user sessions to release system resources, which also works particularly well to free up desktops for new sessions when using non-persistent pools.

8

Citrix Policy Names Default Settings My Suggested Settings
Client audio redirection
Client clipboard redirection
Client drive redirection
Client fixed drives
Client network drives
Client printer redirection
Client removable drives
Allowed
Allowed
Allowed
Allowed
Allowed
Allowed
Allowed
Configure according to business requirements

I am not suggesting you enable or disable all of these policies, however, just be aware of them and that you may not need them all. It is likely that you will have some enabled and some disabled under certain circumstances.

For example, if you have no need for Client Drive Mapping and Audio redirection, it would be better to disable them, which disables the HDX virtual channel. This will reduce bandwidth and footprint on your infrastructure, as well as, in some cases, bettering your environments security posture.

To deal with client lockdowns and virtual channels, I recommend deploying a base Global Policy that will deny these policy settings. You can then define more granular policies higher up the chain for particular sets of users, which allow select virtual channels as required.

Policy settings are also critical to ensure high performance of your Citrix apps and desktops. Consider using Citrix performance monitoring and configuration change tracking solutions to understand if and when any settings get changed and affect Citrix performance.

I hope this guide was informative and it helps your existing and future Virtual Apps and Desktops deployments. Thanks for reading!

George Spiers is a leading Citrix Administrator and top technical manager.George Spiers (https://www.jgspiers.com/) is a Citrix architect with rich experience in consulting and implementing Citrix technologies for organizations in various sectors. We have invited George to write this guest blog and enlighten us on the topic of configuring policies in Citrix Virtual Apps and Desktops. Check out these educational webinars that eG Innovations conducted with George:
Citrix Troubleshooting 101: A Must-Watch Webinar for Citrix Pros
How to Make Citrix Logons 75% Faster?