I’ve been researching on getting Webcam based applications setup over XenApp. I nail downed it to a level that webcam based applications like Adobe Presenter and Skype are failing to make use of WebCams via “Citrix HDX Web Camera” driver. Whereas using the same driver webcam access in Internet Explorer is working just fine.
The part of the reason for this applications not able to work with Citrix drivers is that they are very primary designed for desktop systems are thus may be failing to get into the HDX webcam channel data via Citrix.
Launching Adobe Presenter in ICA session in fact detects the existence and makes attempt to get access to the WebCam from client desktop
USB attached Webcam detected in XenApp session. IE is able to use the cam while the Presenter and Skype are failing
My laptop built-in Webcam detected in XenApp session. IE is able to use the cam while the Presenter and Skype are failing.
Below are the set of Citrix policies I’ve got configured for this setup:
Computer Configurationhide
Policiesshow
Windows Settingshide
Security Settingsshow
Account Policies/Password Policyshow
|
Policy |
Setting |
Winning GPO |
|
Enforce password history |
24 passwords remembered |
Default Domain Policy |
|
Password must meet complexity requirements |
Disabled |
Default Domain Policy |
|
Store passwords using reversible encryption |
Disabled |
Default Domain Policy |
Account Policies/Account Lockout Policyshow
|
Policy |
Setting |
Winning GPO |
|
Account lockout threshold |
0 invalid logon attempts |
Default Domain Policy |
Account Policies/Kerberos Policyshow
|
Policy |
Setting |
Winning GPO |
|
Enforce user logon restrictions |
Enabled |
Default Domain Policy |
|
Maximum lifetime for service ticket |
600 minutes |
Default Domain Policy |
|
Maximum lifetime for user ticket |
10 hours |
Default Domain Policy |
|
Maximum lifetime for user ticket renewal |
7 days |
Default Domain Policy |
|
Maximum tolerance for computer clock synchronization |
5 minutes |
Default Domain Policy |
Local Policies/Security Optionsshow
Network Accessshow
|
Policy |
Setting |
Winning GPO |
|
Network access: Allow anonymous SID/Name translation |
Disabled |
Default Domain Policy |
Network Securityshow
|
Policy |
Setting |
Winning GPO |
|
Network security: Do not store LAN Manager hash value on next password change |
Enabled |
Default Domain Policy |
|
Network security: Force logoff when logon hours expire |
Disabled |
Default Domain Policy |
Public Key Policies/Certificate Services Client – Auto-Enrollment Settingsshow
|
Policy |
Setting |
Winning GPO |
|
|
Automatic certificate management |
Enabled |
[ |
|
|
Option |
Setting |
||
|
Enroll new certificates, renew expired certificates, process pending certificate requests and remove revoked certificates |
Disabled |
||
|
Update and manage certificates that use certificate templates from Active Directory |
Disabled |
||
Public Key Policies/Encrypting File Systemshow
Certificatesshow
|
Issued To |
Issued By |
Expiration Date |
Intended Purposes |
Winning GPO |
|
administrator |
administrator |
8/30/2113 8:08:11 AM |
File Recovery |
Default Domain Policy |
For additional information about individual settings, launch Group Policy Object Editor.
Public Key Policies/Trusted Root Certification Authoritiesshow
Propertiesshow
|
Winning GPO |
[Default setting] |
|
Policy |
Setting |
|
Allow users to select new root certification authorities (CAs) to trust |
Enabled |
|
Client computers can trust the following certificate stores |
Third-Party Root Certification Authorities and Enterprise Root Certification Authorities |
|
To perform certificate-based authentication of users and computers, CAs must meet the following criteria |
Registered in Active Directory only |
Citrix Group Policyhide
|
Setting |
Value |
Winning GPO / Citrix Policy |
|
Windows Media Redirection |
Enabled |
Default Domain Policy/Unfiltered |
|
Multimedia conferencing |
Enabled |
Default Domain Policy/Unfiltered |
User Configurationhide
Citrix Group Policyhide
|
Setting |
Value |
Winning GPO / Citrix Policy |
|
Client microphone redirection |
Enabled |
Default Domain Policy/Unfiltered |
|
Client audio redirection |
Enabled |
Default Domain Policy/Unfiltered |
|
Client USB device redirection |
Enabled |
Default Domain Policy/Unfiltered |
|
Client USB Plug and Play device redirection |
Enabled |
Default Domain Policy/Unfiltered |
