Applying HDX Policy’s based on Access Gateway Connection

The following article illustrates how to apply certain policies (eg: disable access to local drive, printers, clipboard etc..) for users connecting from home (through Citrix Netscaler / Access Gateway)

Step 1

Ensure xendesktop controllers configured to trust requests sent to the Citrix XML service. This can be done by executing the following powershell command on the each controller

Set-BrokerSite -TrustRequestsSentToTheXmlServicePort $true

Step 2

Set Netscaler / Access Gateway as the point of authentication for your XenDesktop Web site.
Secure Access with Gateway Direct – CTX121360

Step 3

Create HDX User policy in Desktop Studio and Apply the following filter

Note: policy with lowest priority number always wins, In my case I made it Priority 1.

Testing


I tested this approach by creating two policies
1) WAN with Priority 1 and only applied to Access Gateway connections
2) Unfiltered with Priority 2

policy 1 had Extra Color Compression Enabled while Policy 2 had Extra Color Compression disabled

The policy worked as expected, when connected via Netscaler it had Extra Color Compression enabled and was disabled when connected internally.

A step further

Even more granular control over policies can be achieved by utilizing Access Gateway Session policies, refer to the following link for more information
http://support.citrix.com/proddocs/topic/xendesktop-rho/cds-policies-ag-rho.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s