Product Documentation

ICA policy settings

Sep 29, 2015

The ICA section contains policy settings related to ICA listener connections and mapping to the clipboard.

Client clipboard redirection

This setting allows or prevents the clipboard on the user device being mapped to the clipboard on the server.

By default, clipboard redirection is allowed.

To prevent cut-and-paste data transfer between a session and the local clipboard, select Prohibit. Users can still cut and paste data between applications running in sessions.

After allowing this setting, configure the maximum allowed bandwidth the clipboard can consume in a client connection using the Clipboard redirection bandwidth limit or the Clipboard redirection bandwidth limit percent settings.

Client clipboard write allowed formats

When the Restrict client clipboard write setting is Enabled, host clipboard data cannot be shared with the client endpoint but you can use this setting to allow specific data formats to be shared with the client endpoint clipboard. To use this setting, enable it and add the specific formats to be allowed.

The following clipboard formats are system defined:
  • CF_TEXT
  • CF_BITMAP
  • CF_METAFILEPICT
  • CF_SYLK
  • CF_DIF
  • CF_TIFF
  • CF_OEMTEXT
  • CF_DIB
  • CF_PALETTE
  • CF_PENDATA
  • CF_RIFF
  • CF_WAVE
  • CF_UNICODETEXT
  • CF_ENHMETAFILE
  • CF_HDROP
  • CF_LOCALE
  • CF_DIBV5
  • CF_OWNERDISPLAY
  • CF_DSPTEXT
  • CF_DSPBITMAP
  • CF_DSPMETAFILEPICT
  • CF_DISPENHMETAFILE
The following custom formats are predefined in XenApp and XenDesktop:
  • CFX_RICHTEXT
  • CFX_OfficeDrawingShape
  • CFX_BIFF8
  • HTML Format

HTML Format is disabled by default. To enable this feature:

  • Make sure Client clipboard redirection is set to allowed.
  • Make sure Restrict client clipboard write is set to enabled.
  • Add an entry for HTML Format (and any other formats you want supported) in Client clipboard write allowed formats.

Note: Enabling HTML format clipboard copy support (HTML Format) will copy any scripts (if they exist) from the source of the copied content to the destination. Check that you trust the source before proceeding to copy. If you do copy content containing scripts, they will only be live if you save the destination file as an HTML file and execute it.

Additional custom formats can be added. The custom format name must match the formats to be registered with the system. Format names are case-sensitive.

This setting does not apply if either Client clipboard redirection or Restrict client clipboard write is set to Prohibited.

Desktop launches

This setting allows or prevents non-administrative users in a VDA's Direct Access Users group connecting to a session on that VDA using an ICA connections. 

By default, non-administrative users cannot connect to these sessions.

This setting has no effect on non-administrative users in a VDA's Direct Access Users group who are using a RDP connection; these users can connect to the VDA whether this setting is enabled or disabled. This setting has no effect on non-administrative users not in a VDA's Direct Access Users group; these users cannot connect to the VDA whether this setting is enabled or disabled. 

ICA listener connection timeout

Note: This setting applies only to Virtual Delivery Agents 5.0, 5.5, and 5.6 Feature Pack 1.

This setting specifies the maximum wait time for a connection using the ICA protocol to be completed.

By default, the maximum wait time is 120000 milliseconds, or two minutes.

ICA listener port number

This setting specifies the TCP/IP port number used by the ICA protocol on the server.

By default, the port number is set to 1494.

Valid port numbers must be in the range of 0-65535 and must not conflict with other well-known port numbers. If you change the port number, restart the server for the new value to take effect. If you change the port number on the server, you must also change it on every Citrix Receiver or plug-in that connects to the server.

Launching of non-published programs during client connection

This setting specifies whether to allow launching initial applications through RDP on the server.

By default, launching initial applications through RDP on the server is not allowed.

Restrict client clipboard write

If this setting is Allowed, host clipboard data cannot be shared with the client endpoint. You can allow specific formats by enabling the Client clipboard write allowed formats setting.

By default, this is set to Prohibited.

Restrict session clipboard write

When this setting is Allowed, client clipboard data cannot be shared within the user session. You can allow specific formats by enabling the Session clipboard write allowed formats setting.

By default, this is set to Prohibited.

Session clipboard write allowed formats

When the Restrict session clipboard write setting is Allowed, client clipboard data cannot be shared with session applications, but you can use this setting to allow specific data formats to be shared with the session clipboard.

The following clipboard formats are system defined:
  • CF_TEXT
  • CF_BITMAP
  • CF_METAFILEPICT
  • CF_SYLK
  • CF_DIF
  • CF_TIFF
  • CF_OEMTEXT
  • CF_DIB
  • CF_PALETTE
  • CF_PENDATA
  • CF_RIFF
  • CF_WAVE
  • CF_UNICODETEXT
  • CF_ENHMETAFILE
  • CF_HDROP
  • CF_LOCALE
  • CF_DIBV5
  • CF_OWNERDISPLAY
  • CF_DSPTEXT
  • CF_DSPBITMAP
  • CF_DSPMETAFILEPICT
  • CF_DISPENHMETAFILE
The following custom formats are predefined in XenApp and XenDesktop:
  • CFX_RICHTEXT
  • CFX_OfficeDrawingShape
  • CFX_BIFF8
  • HTML Format

HTML Format is disabled by default. To enable this feature:

  • Make sure Client clipboard redirection is set to allowed.
  • Make sure Restrict session clipboard write is set to enabled.
  • Add an entry for HTML Format (and any other formats you want supported) in Session clipboard write allowed formats.

Note: Enabling HTML Format clipboard copy support (HTML Format) will copy any scripts (if they exist) from the source of the copied content to the destination. Check that you trust the source before proceeding to copy. If you do copy content containing scripts, they will only be live if you save the destination file as an HTML file and execute it.

Additional custom formats can be added. The custom format name must match the formats to be registered with the system. Format names are case-sensitive.

This setting does not apply if either the Client clipboard redirection setting or Restrict session clipboard write setting is set to Prohibited.