Users logging on to a XenApp Server or XenDesktop are unable to execute files residing on client mapped drives and might receive one of the following error messages:
Error on Citrix Presentation Server 4.5 / XenApp 5.0:
“Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access them.”
Error on Citrix XenApp 6.0:
“Windows cannot access \\client\D$\setup.exe
You do not have permission to access \\client\D$\setup.exe. Contact your network administrator to request access.”
Error on Citrix XenDesktop 5.0:
“Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.”
As a security precaution, when a user logs on to a XenApp or XenDesktop session, by default, the server maps client drives without user execute permission. For users to be able to execute files residing on mapped client drives, editing the value of ExecuteFromMappedDrive in the registry on the XenApp server or XenDesktop machine to override the default behavior.Caution! Refer to the Disclaimer at the end of this article before using Registry Editor.
After installing XenApp, run regedit.
Find the following key:
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Cdm/ Parameters/ExecuteFromMappedDrive On Citrix XenApp 6.0, the registry location is different but still has the same values. The location on Citrix XenApp 6.0 is:
To deny users execute permission on mapped drives, which is the default, set ExecuteFromMappedDrive to 0.
Restart the server for the change to take effect.
After installing the Virtual Desktop Agent, run regedit.
Navigate to the registry key HKEY_LOCAL_MACHINE\Software\Citrix\GroupPolicy\Defaults\.
Create a new key, CDMSettings.
Create a new REG_DWORD value called ExecuteFromMappedDrive and modify the value to 1 (0 is the default value).
Restart the virtual desktop machine for the change to take effect.
This is a security measure, by design, to control unwanted applications being launched on the user session.