Citrix UPM has killed your start menu
Citrix User Profile Manager is great, until it kills your start menu in a published desktop or stops functioning and causes profile failures.
As a Citrix Consultant at Insentra I deliver a high number of designs, assessments and builds over the course of a year and often come across what I affectionately call an ‘interesting feature enhancement’ (IFE; AKA killer bug).
One IFE we have seen in a couple of environments lately is where users on a XenApp 7.15 CU2 desktop delivered on Windows Server 2016 lose the ability to access the Start Menu and notification area in their desktop. This can present as just the Start menu access failing for a user, or the server presenting a grey screen to all users and admins when they access it.
For those who find this one, or anyone building a XenApp environment on LTSR 7.15 CU2, check out the Citrix article https://support.citrix.com/article/CTX235399 – it says limited release for XenDesktop but, as per normal Citrix KB articles, it also fixed the issue under XenApp 7.15 CU2 and 7.17 for Windows Server 2016 and Windows 10.
The issue is that the Citrix User Profile Manager removes the keys that the users use for part of the customisation of their Start Menu but it’s a HKLM hive entry that’s altered so the impact is server wide:
“HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion” “AppReadiness” and “AppxAppxAllUserStore”
Citrix indicate a workaround to just recreate the keys on the impacted server, but this doesn’t help the user experience while you deploy and test the new version of UPM. So, in addition to the Citrix workaround, you can also block the rights for the system from removing the hives through group policy deployment. This way you can implement a quick fix while the new image release is being tested and should reduce the amount of reactive work you will need to perform with recreating the hives.
The entry in the GPO needs to be under the following:
- Hive: Computer Configuration Policies Windows Settings Security Settings Registry
- Object name: MachineSoftwareMicrosoftWindowsCurrentVersionAppxAppxAllUserStore
- Security Policy Settings: Configure this key then: propagate inheritable permissions to all subkeys
So, if you are looking at delivering published desktops from XenApp or XenDesktop in the LTSR or CR channels this patch is a must, and if you are already seeing random failures in your published desktops, or UPM stopping randomly, put the reactive and proactive workarounds in place until Citrix release CU3 (which we hope will have this and a few other fixes in place).