Many of our customers are still running the Citrix Online Plug-in or Citrix Receiver Enterprise 3.4 because it allows them to place application shortcuts on a user’s Desktop and in the Start Menu. Later version of the Receiver require the use of the Citrix Launcher and do not allow Desktop or Start Menu shortcuts. The Citrix Receiver Enterprise 3.4 will not install on Server 2012 R2 RDP servers, so another solution is needed.

Citrix has recently reintroduced the ability to add application shortcuts to the user’s Desktop and Start Menu. The current version of the Citrix Receiver is 4.4 and includes an option to disable Self-Service Mode. There are a few other options that must be set to allow icons to appear on the Desktop, which can be set via a command line install or by editing the registry. 
An example command line to install the Citrix Receiver 4.4, enable single sign-on, configure the URL of a XenApp 6.5 farm, disable Self-Service Mode, add icons to the user’s Desktop, and allow adding a URL that is a HTTP address is below:

"CitrixReceiver.exe /includeSSON  /STORE0="PNAgent;http://storefront.domain.local/Citrix/PNAgent/config.xml;on;CustomerXenApp" SELFSERVICEMODE=false PutShortcutsOnDesktop=true AllowAddStore=A /silent"

CitrixReceiver.exe – Install file
/IncludeSSON – Enabled Single Sign-On
/STORE0= Path to XenApp 6.5 farm config URL
SELFSERVICEMODE – Set to false to disable the Citrix Launcher and enable Desktop and Start Menu application shortcuts
PutShortcutsOnDesktop – Set to true to add application shortcuts to the user’s Desktop
AllowAddStore – Set to A to allow the addition of a URL that is a HTTP address
/silent – Performs a silent install
After that command is run, the following command must also be run to complete the configuration to allow the use of a URL that is a HTTP address:

"reg add HKLM\SOFTWARE\Wow6432Node\Citrix\AuthManager /v ConnectionSecurityMode /t REG_SZ /d Any"
After these two commands are run, the Citrix Receiver will work as it did with the Citrix Online Plug-in and the Citrix Receiver Enterprise 3.4

0 Comments   Networking single sign on Citrix Receiver


I was helping out with a customer’s Active Directory migration and a different IT support group used a profile migration tool to help “ease” the transition between domains. But soon after the users started complaining that IE was not allowing them to save passwords. They would get prompted to store the credentials for a website and click yes, but as soon as they closed and reopened IE their stored credentials would disappear. Our suspicion was that the profile migration tool had corrupted the credential store in the registry.

I started a remote session with one of the users, checked the IE password store in the registry (HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2), and saw several of the user’s old entries. In order to allow the user to store passwords again, I had to delete this registry key, reopen IE, and save credentials for a website. Once I clicked “yes” to the prompt to save credentials, the registry key was automatically recreated and the credentials got stored.

0 Comments   Networking password Registry Internet Explorer Active Directory Windows


I recently attempted to upgrade a Dell Latitude laptop from Windows 7 to Windows 10. I started with a clean Win7 installation with most of the updated device drivers from Dell. The upgrade went smoothly … until it rebooted and I got the following error:
xC1900101 - 0x20017 Installation failed during safe OS phase with an error during boot operation
The good news was the installer backed out the upgrade and I was able to use the laptop with Win7. Researching this error code provided lots of suggestions related to hardware like removing RAM, disabling wireless and Bluetooth and so on. These worked for some people but not all so I kept digging.
Then I remembered that one of the things I didn’t upgrade was the BIOS. It was running version A06 and the current version from Dell was A16. Once I figured out I had to do a two-step upgrade (going directly to A16 did not work), I reran the upgrade tool and it worked, no boot error.
As a side note I found out that if you upgrade by downloading the installer from the Internet (rather than an ISO) the install files are stored in “c:\windows\$Windows.~BT”. You can run setup from this folder to avoid downloading the files again.

0 Comments   Networking Windows 10 Dell


For several months, I dealt with the occasional task of having to restart my laptop (Windows 8.1) because the memory usage would get close to 100%, even with no apps running. There were no processes in Task Manager indicating high memory usage, so I suspected I had a memory leak in a faulty driver.
I first ran rammap.exe from Microsoft Sysinternals ( This tool showed that the non-paged pool memory usage was very high. But this didn’t tell me what process was causing the leak.

Next I downloaded and installed the Windows Driver Kit 10 from Microsoft ( This kit supports Windows 7 through Windows 10. I had to reboot to complete the install then wait until my system was running low on memory before continuing my diagnosis. Once I noticed I was low on memory again, I ran "poolmon –b –p" from C:\Program Files (x86)\Windows Kits\10\Tools\x64. The –p switch enables using Non-paged and Paged pool memory  and the –b switch sorts descending by bytes. At the top of my list was the tag "AVDT".

So how do you figure out what the tag is referring to? I opened an admin command prompt and entered "findstr /s AVDT *.sys". This searched all *.sys files (most driver files are *.sys) in all subdirectories (/s) on the C: drive for the string "AVDT". This returned a screen full of mostly non-readable text which was the contents of *.sys files containing the string "AVDT". It was fairly easy to see a path "\Program Files\WIDCOMM\Bluetooth Software\bin\btwavdt.sys". Looking at the properties of the file indicated what was obvious from the path, it was related to Bluetooth.
Whenever I would connect my iPhone via Bluetooth to my laptop and play music (in order to use my external speakers), the driver would eat up non-paged pool memory to the "tune" of 1 MB every 5 seconds! By opening Task Manager and viewing Memory on the Performance tab, I could literally watch the consumption of non-paged pool memory increase with every measure. Just having the phone connected via Bluetooth didn’t cause this, only when music was playing. At a rate of 1 MB every 5 seconds, it consumed about 2.8 GB of memory to listen to music for half of the day!
I searched to find a solution to this bug but did not not find one. So until I can get an updated driver, I won’t listen to music from my phone on my PC via Bluetooth. Or if I do, I know I only have a few hours before a reboot is needed.

0 Comments   Networking Bluetooth memory leak drivers Windows


The Microsoft Assessment Planning (MAP) Toolkit is a useful utility that can be used to gather hardware and software information for workstations and servers. After installing the toolkit, you can provide domain credentials which it uses to poll each device in Active Directory and gather information about the devices it finds. This data can be viewed through various Excel reports and can help to shorten the time it takes to fill out an audit questionnaire.
The toolkit can be downloaded from:

0 Comments   Networking Microsoft audit


Like many new laptops, the new Apple MacBooks are too thin to have an onboard Ethernet adapter. After setting up a local account and connecting it to the internal wireless network (using WPA2 Enterprise), I was able to join the Macbook to the Active Directory domain without issues. However I quickly discovered that I couldn’t login to a domain account because by default wireless connections are not connected before login – remember, no Ethernet.
The immediate “fix” was to purchase a USB3 gigabit Ethernet adapter, but after some research later I discovered it's possible to enable WiFi before login. Here are the basic steps:

  • Install the Apple Configurator utility from the App Store. This app is designed to create deployment profiles for iOS devices but can also be used to create 802.1x profiles for OS X systems.
  • Run the Configurator and create a new profile. Update the WiFi section with the required connection information.
  • Save this profile locally.
  • Open the profile with a text editor and add XML text as outlined at This article is for an older version of OS X and refers to the discontinued iPhone Configuration Utility (which was replaced by the Apple Configurator), but the manual edits still apply to OS X 10.10 and 10.11.
  • Double-Click the edited profile to import into System Preferences. You can see the loaded profile by going to the 802.1x section of the Network->Advanced settings in System Preferences.
  • Logoff or reboot and you should be good to go.

0 Comments   Networking wireless OS X 802.1x Mac


While rebooting a Cisco 2960 switch to back out some configuration changes, I was not able to route traffic through the switch. After some troubleshooting, I noticed the following the error (with "terminal monitor" enabled):
%ILET-1-AUTHENTICATION_FAIL: This Switch may not have been manufactured by Cisco or with Cisco's authorization.  This product may contain software that was copied in violation of Cisco's license terms.  If your use of this product is the cause of a support issue, Cisco may deny operation of the product, support under your warranty or under a Cisco technical support program such as Smartnet.  Please contact Cisco's Technical Assistance Center for more information.
A quick search revealed this to be an IOS bug (actually 3 related issues). The switch shipped with 15.0(2)EX5 code. The immediate work-around was to power-cycle the switch instead of doing a soft boot (reload). The root cause of the issue is related to the "internal i2c bus" getting into a bad state. Once it does, the bus maintains power through a soft boot, so a reload does not resolve the issue. A power-cycle is required.
An upgrade to 15.2(2)E3 (MD) or 15.2(4)E (ED) or later will resolve this issue.

0 Comments   Networking Cisco IOS


During preparation for a meeting with a bank customer, I searched their name to investigate any new Internet presence not previously documented. I found a Facebook page (unofficial) that contained postings from May 2012 related to someone “checking in” at the bank’s location. At that time, if a Facebook page was nonexistent and someone checked-in, Facebook would create an “Unofficial Page” to act as a container for the associated comments.

Further research indicated this was a common Facebook practice at the time but is no longer being done. However, if there are pages that were dynamically created they continue to exist. When I shared this information with the bank they had no knowledge of this Facebook page.

There is a potential for reputational risk if someone makes negative comments and the institution has no way to remove the negative comments from the page since they have no administrative access.

Information on "claiming" these pages is located at


0 Comments   Security and Compliance facebook Social Network


I am constantly right-clicking the Outlook icon in the taskbar and choosing what I want from the jump list. However, after upgrading to Outlook 2016, this feature became unavailable. I followed the steps below to get the jump list working again.

  1. Unpin the Outlook 2016 icon from the taskbar
  2. Exit Outlook 2016
  3. Delete the HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\LastUILanguage registry key
  4. Start Outlook 2016, and then re-pin the icon

0 Comments   Networking Microsoft Office Outlook 2016


Cisco IOS XE devices boot into a Linux kernel first, then load IOS as a module. If you just power off the device (as we are used to doing with IOS devices), you will see disk-errors (assuming you are connected and monitoring the console) when you power it up that get auto-corrected (hopefully). This happens because log files related to the Linux kernel are still in use when you power off the device.
To avoid this, the documentation states to issue a reload before powering down to ensure all the log files are closed correctly, but it isn't clear at what point you can then power off. Of course if you dont, it come-back up as a result of the reload command.
I found a link online that recommends issuing the 'reload pause' command instead. When the device gets to the pause, it will show you a 'Enter [continue]…' prompt. At this point, you can safely power off the device and it will not have any disk errors when it boots up again.
This assumes you are connected to the console. Not a bad assumption as it is a bit hard to physically power down a router or switch remotely. But if you are not on the console (maybe you have a customer that will to pull the plug for you), you can still issue the reload pause command and wait about 60 seconds. That should be enough time for the device to get to that pause.

0 Comments   Networking Cisco IOS