Product documentation
Citrix Workspace app
View PDF

Troubleshoot Policy Tampering Detection

February 28, 2024
Contributed by: 
K

The following section describes some of the issues that you might face and how to troubleshoot them:

The ICA file is tampered and the session is still running

If the ICA file of a virtual app or desktop session that is enabled with the App Protection Policy Tampering Detection feature is tampered with, then the session must be terminated displaying one of the following error messages:

  • Citrix Workspace app for Linux

    Policy Tampering detection error - Linux

  • Citrix Workspace app for Mac

    Policy Tampering detection error - Mac

  • Citrix Workspace app for Windows

    Policy Tampering detection error - Windows

However, if the session is running even if the ICA file is tampered with and Policy Tampering Detection is enabled, then do the following steps:

  1. In the Virtual Delivery Agent, do the following:

    1. Run the following command and check if the ctxappprotectionsv service is running:

      sc query ctxappprotectionsvc

    2. If the ctxappprotectionsvc service isn’t running, then do the following steps to start the service:

      1. Change the startup type of the ctxappprotectionsvc service to automatic by running the following command:

        sc config ctxappprotectionsvc start=auto

      2. Start the service by running the following command:

        sc start ctxappprotectionsvc

  2. In the client, do the following:

    1. Check if the vdappp.dll file is in the installation location of the Citrix Workspace app. The default installation location of the Citrix Workspace app is as follows:

      • Windows - C:\Program Files (x86)\Citrix\ICA Client
      • Linux - /opt/Citrix/ICAClient
      • Mac - Not applicable

    2. For Citrix Workspace app for Windows, use procexp.exe and check if the vdappp.dll file is loaded in wfica32.exe.

    3. For Citrix Workspace app for Linux, check if the vdappp.dll file is loaded in wfica.exe.

  3. If the session is still running, then collect the logs and contact Citrix Technical Support. For more information about collecting logs, see Log collection.

Policy Tampering Detection stops working after rebooting Virtual Delivery Agent

If you reboot the Virtual Delivery Agent and the Policy Tampering Detection feature stops working, then it might be because the App Protection service isn’t running after reboot. Do the following steps on the Virtual Delivery Agent:

  1. Run the following command and check if the ctxappprotectionsvc service is running and set to automatic:

    sc query ctxappprotectionsvc

  2. If the ctxappprotectionsvc service isn’t running, then do the following steps to start the service:

    1. Change the startup type of the ctxappprotectionsvc service to automatic by running the following command:

      sc config ctxappprotectionsvc start=auto

    2. Start the service by running the following command:

      sc start ctxappprotectionsvc

  3. If the Policy Tampering Detection feature is still not working, then collect the logs and contact Citrix Technical Support. For more information about collecting logs, see Log collection.

Troubleshoot Policy Tampering Detection
February 28, 2024
Contributed by: 
K
February 28, 2024
Contributed by: 
K

In this article

Site feedback | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.