This article describes all the checks that can be performed when running into issues with Ivanti Workspace Control and Citrix Publishing.
With Citrix XenApp Publishing integration, you can integrate Citrix XenApp published applications and published content into the user workspace, and manage it from the Ivanti Workspace Control Management Console. A Citrix XenApp published application is an application that runs on a Citrix XenApp server, but which behaves as if it were running on the user's local computer. When you configure a Citrix XenApp published application in the Management Console, this will create the published application in the Citrix XenApp environment, including all options and access control types that have been configured in the Management Console. For more information on Citrix XenApp Publishing, please refer to the Admin guide: Ivanti Workspace Control Administration Guide 10.2
If a Published Application is not started correctly in an Ivanti Workspace Control session there are several steps which can be taken to identify the cause and solve the issue.
When starting a Published Application generates an error message "Application can't be started" check the following;
1. Make sure the Citrix Receiver is installed and configured correctly for Pass-Through Authentication by following the steps outlined in this Citrix article: https://support.citrix.com/article/CTX134341. Use the "Configuration Checker" in the Advanced Preferences of the Citrix Receiver to verify if the Receiver is correctly configured for Pass-Through Authentication. NOTE: The "Configuration Checker" is available in Citrix Receiver 4.5 and later.
2. Make sure Receiver.exe is not created as RES ONE Workspace managed application. Receiver.exe and SelfService.exe are meant as system processes and not as managed applications.
3. If managed Application Security is enabled make sure Receiver.exe and Selfservice.exe (and related processes) are not being blocked. It is recommended to allow *.exe in the folders where Receiver.exe and Selfservice.exe are located.
4. The Run key at [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] should contain default Citrix keys. It is not recommended to clear the Citrix entries here. The entries in the Run key may vary per operating system.
5. A non-secure store is used (HTTP instead of HTTPS). By default, only HTTPS stores are allowed. To bypass this limitation follow the steps outlined in the following Citrix Article: https://support.citrix.com/article/CTX134341
6. Ivanti Workspace Control uses the Citrix SelfServicePlugin (SSP) to launch Published Applications in an Ivanti managed user session. To be able to construct the proper command line a Citrix Store cache file needs to be available in the %LOCALAPPDATA%\citrix\selfservice directory. A cache file is created per provider and is decorated with the internal store name. This file records the last enumeration details and allows SSP to start up quickly and is created when SSP exits. In Ivanti Workspace Control 10.0.x.x and earlier the creation and refresh of the cache file was done by a method which could lead to a delay in the creation of the file. When starting a Published Application before the cache file is present leads to the "Application can not be started" message.
7. In order for the Published Application to be registered correctly in the Citrix Store Cache it needs to be published through the Ivanti Workspace Control Console. To check if the Published Application is registered correctly, open the Citrix Store Cache (e.g. with a text editor) and look at the format of value for the PublisherResourceID. This should be <applicationname>_<application_id>. When the _<applicationID> suffix is missing, the application has not been published correctly through the Ivanti Workspace Control Console and cannot be started. If this is the case un-publish the application and publish it again through the Ivanti Workspace Control Console.
8. The detection of Citrix SelfService Plugin is bypassed by setting the following registry key in the Ivanti Workspace Control Hive:
By setting this key it is possible to fall back to the use of ICA files (used in conjunction with Citrix Receiver versions prior to 4.0).
It is recommended by both Ivanti and Citrix to integrate Citrix Receiver with Citrix Storefront and refrain from using ICA files, therefore the use of this registry key should be avoided.
9. Polling the Citrix Published Applications can be done with a variety of settings (refer to Driving the Citrix Receiver Self-Service Plug-in Programmatically for more information). Depending on the Version of Ivanti Workspace Control installed the Citrix Selfservice.exe command is run with either the -ipoll or -poll command. From RES ONE Workspace 10.1.0.0 and later the default command is "-poll", earlier versions use the "-ipoll" command.
This will poll the Citrix Published Applications and will create the Citrix Store cache file. With the -ipoll switch stub files are created for every published app that will be integrated into the system. Using the "-poll" command the all the entries for these stub files are not created.
It is possible to change the command by configuring a registry key in the Ivanti Workspace Control Hive:
Data: yes or no (see below for behaviour resulting from the different values)
This registry setting will work from RES ONE Workspace 2016 SR1 revision 3 (22.214.171.124) and RES ONE Workspace v10 (10.0.0.0) and higher by setting the value of the key to "yes" which will run the command "-poll"
From RES ONE Workspace 10.1.400.0, the SelfServicePoll registry value can be configured to use the '-ipoll' command instead of the '-poll' command by setting the value of the key to "no".
Ivanti recommends configuring the behaviour in such a way that the "-poll" command is used in combination with Citrix Receiver 4.3 up to Citrix Receiver 4.9.