Install & Configure Citrix Desktop Lock

My first blog posting I want to start with a great piece of software called “Citrix Desktop Lock”. Im sure one or two heard about the plugin. What is Citrix Desktop Lock? Citrix Desktop Lock will convert your Windows FatClient/ThinClient into a Kiosk Appliance. After the user has entered his domain credentials he won’t see anything from the installed Windows OS and will automatically launch his assigned Published Desktop. When you login with a local admin account you will regain full control of the OS. Sounds lovely? It is 🙂

How is it done?

Citrix Desktop Lock is changing the default shell when a user is logging in.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

Windows OS Default

“Shell”=”Explorer.exe”

 

After installing Desktop Lock:

“Shell”=”C:\Program Files\Citrix\ICA Client\SelfServicePlugin\selfservice.exe”

“CtxBackupShell”=”Explorer.exe”

Requirements

  • Windows 10, Windows 8.1, Windows 8, Windows 7 (including Embedded Edition), Windows 7 Thin PC
  • Connects to StoreFront through native protocols only
  • Domain-joined end points
  • User devices must be connected to a local area network (LAN) or wide area network (WAN).

Features

  • 3Dpro, Flash, USB, HDX Insight, Microsoft Lync 2013 plug-in, and local app access
  • Domain, two-factor, or smart card authentication only
  • Flash redirection is disabled on Windows 8 and later versions. Flash redirection is enabled on Windows 7

 Step 1 – Preparation

Before you are going to install the Citrix Desktop Lock on a workstation you first need to install Citrix Receiver with the Single-Sign-On Parameter.

CitrixReceiver.exe  /includeSSON

In addition you need a configured StoreFront account on the machine, otherwise the installation of Desktop Lock will fail. Im doing this with Microsoft Group Policy.

Alternative:

CitrixReceiver.exe /includeSSON
STORE0=”DesktopStore;https://my.storefront.server/Citrix/MyStore/discovery;on;Desktop Store”

To make the autolaunch of the Published Desktop possible you need to configure Pass-Trough Authentication. Check CTX133982

Step 2 – Installation

Download the current release of Citrix Desktop Lock.

Silent

msiexec /i CitrixReceiverDesktopLock.msi /qn

Important: You always need the proper Citrix Receiver/Desktop Lock Version

 Step 3 – Test

Logon with a domain user and it should auto launch your published desktop.

Important – Good to Know

After you lock (Windows + L) the workstation the Published Desktop always will receive a logoff command.

Result: The user wants to unlock his computer and it took at least 15 seconds to access the desktop again (logon process). You can remain the ICA Session with setting a registry key on the client. It depends on your needs 😎

32-bit Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Dazzle
Name: LiveInDesktopDisconnectonLock
Type: REG_SZ
Value: False

64-bit Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\Dazzle
Name: LiveInDesktopDisconnectonLock
Type: REG_SZ
Value: False

 

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: