Ciaran McCarthy Posted October 28, 2021 Share Posted October 28, 2021 Hi, We are having an issue where user sessions are being terminted are logging on, the following box pops up: Quote The System cannot find the file specified This initial program cannot be started: DefaultAltShell We can connect to the RDP server locally just fine, it is only when going through the gateway that we have the above issue. I read that removing the reference DefaultAltShell in the RDP file may fix the issue but I am unable to determine how I edit this file for end users. Does anyone have any advice? Thanks Link to comment Share on other sites More sharing options...
Martin Meier Posted October 28, 2021 Share Posted October 28, 2021 I can confirm the same behavior with a customer on version 12.1 build 63.22 I only found this blog from Marco regarding bug in version 13.0 build 83.27 but unfortunately the workarround doesn't work for me Link to comment Share on other sites More sharing options...
Ciaran McCarthy Posted October 28, 2021 Author Share Posted October 28, 2021 1 hour ago, Martin Meier said: I can confirm the same behavior with a customer on version 12.1 build 63.22 I only found this blog from Marco regarding bug in version 13.0 build 83.27 but unfortunately the workarround doesn't work for me We are on the same version, still looking for a viable working solution. Link to comment Share on other sites More sharing options...
Jens Ostkamp Posted November 3, 2021 Share Posted November 3, 2021 what kind of rdp bookmark are you publishing? just normal rdp connections towards single machines or a whole rds farm with apps/desktops? Link to comment Share on other sites More sharing options...
Manuel Kolloff Posted November 5, 2021 Share Posted November 5, 2021 I have a customer with the exact same problem - Case with Citrix is open but progressing slowly and no bug aknowledgement as of now. Carls section on Bookmarks includes a passage on how you can alter the RDP file https://www.carlstalhood.com/citrix-gateway-rdp-proxy/#createrdpbookmarks However, with that it didnt replace but added and we ended up having two lines: Alternate Shell: explorer.exe or empty (our custom value) Alternate Shell: DefaultAltShell ...and RDP honored the second line - so error persisted. Link to comment Share on other sites More sharing options...
IT Team1709154876 Posted November 5, 2021 Share Posted November 5, 2021 same issue since the upgrade yesterday to 13.0 build 83.27 https://marcoklose.de/2021/10/26/quick-post-adc-13-0-build-83-27-bug-in-rdp-proxy/ workaround worked perfectly but of course not the best solution for users keep us updated if you have a solution from Citrix Support :) Link to comment Share on other sites More sharing options...
Bart Vermeersch Posted November 9, 2021 Share Posted November 9, 2021 CTX330728 (https://support.citrix.com/article/CTX330728) recommends to upgrade to 13.0 build 83.27. Any other options or workarounds for this bug? Link to comment Share on other sites More sharing options...
Jeroen Schouten Posted November 9, 2021 Share Posted November 9, 2021 Same issue after upgrading to 12.1 63.22 1 Link to comment Share on other sites More sharing options...
Anders Eriksson 2 Posted November 9, 2021 Share Posted November 9, 2021 This is causing a lot of issues, we cannot rely on the end-users to complete the workaround step to connect every day with the RDP Proxy feature. We were forced to rollback and cannot apply the CVE fix https://support.citrix.com/article/CTX330728 Link to comment Share on other sites More sharing options...
Jeroen Schouten Posted November 9, 2021 Share Posted November 9, 2021 (edited) On 11/9/2021 at 6:28 PM, Jeroen Schouten said: Same issue after upgrading to 12.1 63.22 I submitted the case to Citrix support, however no reply yet. In the mean time i attempted to solve it by setting the rdp parameter manually in the file llike Manuel mentioned. I also end up with two rows in the rdp file and the client only reading the DefaultAltShell. So i tried fixing it on the server side. I made a copy of explorer.exe to the windows folder and renamed it to exactly DefaultAltShell (without extension) Then i added this registry key: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services] "fAllowUnlistedRemotePrograms"=dword:00000001 It now succesfully starts the copy of explorer named DefaultAltShell However, please fix this Citrix Update the software of the ADC to 12.1.63.23 Edited November 17, 2021 by Jeroen Schouten update Link to comment Share on other sites More sharing options...
Darran Wheeldon Posted November 10, 2021 Share Posted November 10, 2021 15 hours ago, Jeroen Schouten said: I submitted the case to Citrix support, however no reply yet. In the mean time i attempted to solve it by setting the rdp parameter manually in the file llike Manuel mentioned. I also end up with two rows in the rdp file and the client only reading the DefaultAltShell. So i tried fixing it on the server side. I made a copy of explorer.exe to the windows folder and renamed it to exactly DefaultAltShell (without extension) Then i added this registry key: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services] "fAllowUnlistedRemotePrograms"=dword:00000001 It now succesfully starts the copy of explorer named DefaultAltShell However, please fix this Citrix That didn't work for us. What worked for me was to modify UserInit under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Added the explorer.exe path at the end so it looks like this: C:\Windows\system32\userinit.exe,c:\windows\explorer.exe The error still appears but the desktop loads. No obvious issues with that so far Removing the DefaultAltShell line also works but it wasn't ideal for our users. Link to comment Share on other sites More sharing options...
Patrick Wagner1709162069 Posted November 10, 2021 Share Posted November 10, 2021 Both workarounds don´t work for our systems. Citrix doesnt answer to the escalated cases of our customers! 1 Link to comment Share on other sites More sharing options...
Matt Allen1709159628 Posted November 10, 2021 Share Posted November 10, 2021 I've upgraded to 12.1 63.22 and RDP Proxy is working fine for me. So that's a bit odd / unsettling. I do have the alt shell/shell working directory code within the file. 1 Link to comment Share on other sites More sharing options...
Jens Ostkamp Posted November 11, 2021 Share Posted November 11, 2021 Same for one of my clients for latest 13.0 release to mitigate the critical CVE. While troubleshooting and comparing different setups one more information: when connecting to a Desktop directly via RDP Proxy, everything works (even with the two additional lines within the rdp file downloaded, when downgrading the netscaler again, these lines are not inserted into the rdp file!!). When connecting to a Terminalserver Desktop (server with terminal server role installed) the connection fails with the mentioned issues regarding DefaultAltShell. So this issue only persists when using Terminalserver Desktops. Static Desktops without terminalserver role are not affected as far as I could test everything deleting the two additional lines within the rdp file worked, but obviously thats not a workaround suitable for clients Link to comment Share on other sites More sharing options...
Roman Gruzdev Posted November 12, 2021 Share Posted November 12, 2021 Any updates from anyone? Link to comment Share on other sites More sharing options...
Richard Cowan1709159918 Posted November 15, 2021 Share Posted November 15, 2021 I have a customer with this issue using 13.0 release but I was wondering has anyone tested 13.1 firmware? In my case the deleting of the lines from the rdp file do not work but i get an internal error. This has been very frustrating and citrix support I expect are being slow. Link to comment Share on other sites More sharing options...
CarlStalhood Posted November 15, 2021 Share Posted November 15, 2021 The newest ADC builds have fixed issue for "Users may observe RDP session launch failure when there is an upgrade to the latest version." 4 Link to comment Share on other sites More sharing options...
Bart Vermeersch Posted November 16, 2021 Share Posted November 16, 2021 Yes, 13.0 build 83.29 fixes the issue for us. 1 Link to comment Share on other sites More sharing options...
Jeroen Schouten Posted November 16, 2021 Share Posted November 16, 2021 Finally got a reply from support "You are advised to upgrade to we would request you to update the software of the ADC to 12.1.63.23 which can be downloaded thru this special access link" 1 Link to comment Share on other sites More sharing options...
Richard Cowan1709159918 Posted November 18, 2021 Share Posted November 18, 2021 the latest firmware fixed the issue for me. 1 Link to comment Share on other sites More sharing options...
OM Kaewsaenchai Posted December 13, 2021 Share Posted December 13, 2021 Just upgrade ADC firmware for customer for the latest CVE fixes. Found same problem with 13.0 83.27nc Upgrade to 13.0 83.29nc fixes the problem. Link to comment Share on other sites More sharing options...
Steven Miller1709158406 Posted March 8, 2022 Share Posted March 8, 2022 We are on 13.0 built 83.27 and seeing issues with RDP connections from a small subset of remote users. If we upgrade to build 83.29, are we still insulated from that critical CVE from November? Link to comment Share on other sites More sharing options...
Richard Cowan1709159918 Posted March 8, 2022 Share Posted March 8, 2022 3 hours ago, Steven Miller1709158406 said: We are on 13.0 built 83.27 and seeing issues with RDP connections from a small subset of remote users. If we upgrade to build 83.29, are we still insulated from that critical CVE from November? The upgrade to 29 has the bug fix for the rdp and latest patches 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now