Use the information in this article to configure an anonymous session. No special settings are required when installing the Linux VDA to use this feature.
When configuring anonymous sessions, consider that session prelaunch is not supported. This functionality is also not supported on Citrix Receiver for Android.
You must create an unauthenticated Store using StoreFront to support an anonymous session in the Linux VDA. Follow the instructions for creating an unauthenticated Store based on the version of StoreFront:
Unauthenticated users are supported beginning with StoreFront version 2.6.
After creating an unauthenticated Store, enable unauthenticated users in a Delivery Group to support an anonymous session. To enable unauthenticated users in a Delivery Group, follow the directions based on the version of XenDesktop:
Unauthenticated users are supported beginning with XenApp and XenDesktop 7.6.
An anonymous session has a default idle time-out of 10 minutes. This value is configured through the registry setting AnonymousUserIdleTime. Use the ctxreg tool to change this value. For example, to set this registry setting to 5 minutes:
sudo ctxreg update -k "HKLM\System\CurrentControlSet\Control\Citrix" -v AnonymousUserIdleTime -d 0x00000005
To set the maximum number of anonymous users, use the registry key MaxAnonymousUserNumber. This setting limits the number of anonymous sessions running on a single Linux VDA simultaneously. Use the ctxreg tool to configure this registry setting. For example, to set the value to 32:
sudo ctxreg update -k "HKLM\System\CurrentControlSet\Control\Citrix" -v MaxAnonymousUserNumber -d 0x00000020
It is essential that you limit the number of anonymous sessions. Too many sessions being launched simultaneously can create problems on the VDA, including running out of available memory.
Consider the following when configuring anonymous sessions:
sudo ctxreg read –k "HKLM\System\CurrentControlSet\Control\Citrix" –v MaxAnonymousUserNumber
This command checks whether the value of the registry is 0. A registry value of 0 indicates that the maximum number of anonymous sessions is 0. In order to successfully launch an anonymous session, the registry value should be larger than 0.
Verify that the ncsd service is running and is configured to enable passwd cache:
ps uax | grep nscd
cat /etc/nscd.conf | grep 'passwd' | grep 'enable-cache'
Set the passwd cache variable to no if it is enabled, then restart the ncsd service. You may might need to reinstall the Linux VDA after changing this configuration.
However, if the KDE Action Restrictions parameter is configured as immutable in a global wide kdeglobals file such as /usr/share/kde-settings/kde-profile/default/share/config/kdeglobals, the user configuration will have no effect.
To resolve this, either try to modify the system wide kdeglobals file to remove the [$i] tag at the [KDE Action Restrictions] section or directly use the system wide configuration to disable the lock screen button and menu. For details about the KDE configuration, see the KDE System Administration/Kiosk/Keys page.