ICA policy settings

Adaptive transport

This setting allows or prevents data transport over EDT as primary and fallback to TCP.

By default, adaptive transport is enabled (Preferred), and EDT is used when possible, with fallback to TCP. If it’s been disabled and you want to enable it, follow this procedure.

  1. In Studio, enable the policy setting, HDX adaptive transport. We also recommend that you do not enable this feature as a universal policy for all objects in the Site.
  2. To enable the policy setting, set the value to Preferred, then click OK.

Preferred. Adaptive transport over EDT is used when possible, with fallback to TCP.

Diagnostic mode. EDT is forced on and fallback to TCP is disabled. We recommend this setting only for troubleshooting.

Off. TCP is forced on, and EDT is disabled.

For more information, see Adaptive transport.

Application launch wait timeout

This setting specifies the wait timeout value in milliseconds for a session to wait for the first application to start. If the start of the application exceeds this time period, the session ends.

You can choose the default time (10000 milliseconds) or specify a number in milliseconds.

Client clipboard redirection

This setting allows or prevents the clipboard on the user device being mapped to the clipboard on the server.

By default, clipboard redirection is allowed.

To prevent cut-and-paste data transfer between a session and the local clipboard, select Prohibit. Users can still cut and paste data between applications running in sessions.

After allowing this setting, configure the maximum allowed bandwidth the clipboard can consume in a client connection. Use the Clipboard redirection bandwidth limit or the Clipboard redirection bandwidth limit percent settings.

Client clipboard write allowed formats

When the Restrict client clipboard write setting is Enabled, host clipboard data cannot be shared with the client endpoint. You can use this setting to allow specific data formats to be shared with the client endpoint clipboard. To use this setting, enable it and add the specific formats to be allowed.

The following clipboard formats are system defined:

  • CF_TEXT
  • CF_BITMAP
  • CF_METAFILEPICT
  • CF_SYLK
  • CF_DIF
  • CF_TIFF
  • CF_OEMTEXT
  • CF_DIB
  • CF_PALETTE
  • CF_PENDATA
  • CF_RIFF
  • CF_WAVE
  • CF_UNICODETEXT
  • CF_ENHMETAFILE
  • CF_HDROP
  • CF_LOCALE
  • CF_DIBV5
  • CF_OWNERDISPLAY
  • CF_DSPTEXT
  • CF_DSPBITMAP
  • CF_DSPMETAFILEPICT
  • CF_DISPENHMETAFILE
  • CF_HTML

The following custom formats are predefined in XenApp and XenDesktop and Citrix Virtual Apps and Desktops:

  • CFX_RICHTEXT
  • CFX_OfficeDrawingShape
  • CFX_BIFF8

HTML format is disabled by default. To enable this feature:

  • Ensure that Client clipboard redirection is set to Allowed.
  • Ensure that Restrict client clipboard write is set to Enabled.
  • Add an entry for CF_HTML (and any other formats you want supported) in Client clipboard write allowed formats.

You can add more custom formats. The custom format name must match the formats to be registered with the system. Format names are case-sensitive.

This setting does not apply if either Client clipboard redirection or Restrict client clipboard write is set to Prohibited.

Note

Enabling HTML format clipboard copy support (CF_HTML) copies any scripts from the source of the copied content to the destination. Check that you trust the source before proceeding to copy. If you do copy content containing scripts, they are live only if you save the destination file as an HTML file and execute it.

Restrict client clipboard write

If this setting is Allowed, host clipboard data cannot be shared with the client endpoint. You can allow specific formats by enabling the Client clipboard write allowed formats setting.

By default, this setting is Prohibited.

Restrict session clipboard write

When this setting is Allowed, client clipboard data cannot be shared within the user session. You can allow specific formats by enabling the Session clipboard write allowed formats setting.

By default, this setting is Prohibited.

Session clipboard write allowed formats

When the Restrict session clipboard write setting is Allowed, client clipboard data cannot be shared with session applications. You can use this setting to allow specific data formats to be shared with the session clipboard.

The following clipboard formats are system defined:

  • CF_TEXT
  • CF_BITMAP
  • CF_METAFILEPICT
  • CF_SYLK
  • CF_DIF
  • CF_TIFF
  • CF_OEMTEXT
  • CF_DIB
  • CF_PALETTE
  • CF_PENDATA
  • CF_RIFF
  • CF_WAVE
  • CF_UNICODETEXT
  • CF_ENHMETAFILE
  • CF_HDROP
  • CF_LOCALE
  • CF_DIBV5
  • CF_OWNERDISPLAY
  • CF_DSPTEXT
  • CF_DSPBITMAP
  • CF_DSPMETAFILEPICT
  • CF_DISPENHMETAFILE
  • CF_HTML

The following custom formats are predefined in XenApp and XenDesktop and Citrix Virtual Apps and Desktops:

  • CFX_RICHTEXT
  • CFX_OfficeDrawingShape
  • CFX_BIFF8

HTML format is disabled by default. To enable this feature:

  • Ensure that Client clipboard redirection is set to Allowed.
  • Ensure that Restrict session clipboard write is set to Enabled.
  • Add an entry for CF_HTML (and any other formats you want supported) in Session clipboard write allowed formats.

You can add more custom formats. The custom format name must match the formats to be registered with the system. Format names are case-sensitive.

This setting does not apply if either the Client clipboard redirection setting or Restrict session clipboard write setting is set to Prohibited.

Note

Enabling HTML format clipboard copy support (CF_HTML) copies any scripts from the source of the copied content to the destination. Check that you trust the source before proceeding to copy. If you do copy content containing scripts, they are live only if you save the destination file as an HTML file and execute it.

Desktop starts

This setting allows or prevents connections to a session on that VDA using an ICA connection by non-administrative users in a VDA Direct Access Users group.

By default, non-administrative users cannot connect to these sessions.

This setting doesn’t affect non-administrative users in a VDA Direct Access Users group who are using an RDP connection. These users can connect to the VDA whether this setting is enabled or disabled. This setting doesn’t affect non-administrative users who are not in a VDA Direct Access Users group. These users cannot connect to the VDA whether this setting is enabled or disabled.

ICA listener connection timeout

This setting specifies the maximum wait time for a connection using the ICA protocol to be completed.

By default, the maximum wait time is 120000 milliseconds, or two minutes.

ICA listener port number

This setting specifies the TCP/IP port number used by the ICA protocol on the server.

By default, the port number is set to 1494.

Valid port numbers must be in the range of 0-65535 and must not conflict with other well-known port numbers. If you change the port number, restart the server for the new value to take effect. If you change the port number on the server, you must also change it on every Citrix Workspace app or plug-in that connects to the server.

Keyboard and Input Method Editor (IME)

This setting enables or disables dynamic keyboard layout synchronization, Input Method Editor (IME), Unicode keyboard layout mapping, and hides or shows the keyboard layout switch notification dialog message.

  1. In Studio, select Keyboard and IME.
  2. Select Client keyboard layout synchronization and IME improvement to control the dynamic keyboard layout synchronization and generic client Input Method Editor (IME) features in the VDA. You can configure:

    Disabled - dynamic keyboard layout synchronization and generic client Input Method Editor (IME).

    Support dynamic client keyboard layout synchronization - enables dynamic keyboard layout synchronization.

    Support dynamic client keyboard layout synchronization and IME improvement - enables both dynamic keyboard layout synchronization and generic client Input Method Editor (IME).

  3. Select Enable Unicode keyboard layout mapping to enable or disable Unicode keyboard mapping.
  4. Select Hide keyboard layout switch pop-up message box to allow or prohibit whether a message displays that the keyboard layout is synchronizing when the user changes the client keyboard layout.

Default settings:

  • Client keyboard layout synchronization and IME improvement
    • Disabled in Windows Server 2016 and Windows Server 2019.
    • Support dynamic client keyboard layout synchronization and IME improvement in Windows Server 2012 and Windows 2010.
  • Disable Unicode keyboard layout mapping
  • Show keyboard layout switch pop-up message box

This policy replaces the registry settings that are listed in the Description section of the policy settings.

Logoff checker startup delay

This setting specifies the duration to delay the logoff checker startup. Use this policy to set the time (in seconds) that a client session waits before disconnecting the session.

This setting also increases the time it takes for a user to log off from the server.

Loss tolerant mode

Important:

  • The feature requires a minimum of Citrix Workspace app 2002 for Windows. This version of the VDA will support it when it becomes available.

  • Loss tolerant mode is not supported on Citrix Gateway or Citrix Gateway Service. This mode is available only with direct connections.

This setting enables or disables loss tolerant mode.

By default, loss tolerant mode is Allowed.

When allowed, the mode is entered when the packet loss and latency are above a threshold. You can set the thresholds using the loss tolerant thresholds policy.

For more information, see Loss tolerant mode.

Loss tolerant thresholds

When the loss tolerant mode is available, this setting specifies the network metrics thresholds at which the session switches to loss tolerant mode.

The default thresholds are:

  • Packet loss: 5%
  • Latency: 300 ms (RTT)

For more information, see Loss tolerant mode.

Rendezvous protocol

This setting changes how HDX sessions are proxied when using the Citrix Gateway Service. When enabled, HDX traffic no longer flows through the Citrix Cloud Connector. Instead, the VDA establishes an outbound connection directly to the Citrix Gateway Service (enhancing Cloud Connector scalability).

Important:

This feature is controlled by a feature toggle in Citrix Cloud and an HDX policy setting. The Citrix Cloud feature toggle is enabled by default while the HDX setting is disabled by default. The HDX setting affects only HDX sessions established though the Citrix Gateway Service. This setting does not affect sessions established directly between client and VDA or through an on-premises Citrix Gateway.

For information, see Rendezvous protocol.

Starting of non-published programs during client connection

This setting specifies whether to allow starting initial applications through RDP on the server.

By default, starting initial applications through RDP on the server is not allowed.

Tablet mode toggle policy settings

Tablet mode toggle optimizes the look and behavior of Store apps, Win32 apps, and the Windows shell on the VDA. It does so by automatically toggling the virtual desktop to Tablet mode when connecting from small form factor devices like phones and tablets, or any touch enabled device.

If this policy is disabled, the VDA is in the mode the user sets it to and maintains the same mode throughout, irrespective of the type of client.