Hotfix package name: GPCSExt170W2K8R2X64009.zip
For: Computers running XenApp 6.5, Feature Pack 1, on Windows Server 2008 R2 with the Citrix Group Policy Client-Side Extension installed
Replaces: All previous versions 
Date: April, 2017
Languages supported: English (US), German (DE), Spanish (ES), French (FR), Japanese (JA), Simplified Chinese (SC)
Readme version: 1.00

Readme Revision History

Important Notes about This Release

Caution! This release may require you to edit the registry. Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

Important Disclaimer - Limited Release Hotfix

If the Download link is not available on this page and you wish to obtain this limited distribution release, visit our support site at http://www.citrix.com/support and open a support case using your Citrix account credentials, or contact your reseller at http://www.citrix.com/partners/locator.

Testing of this release was targeted only at the affected functionality, and regression and stress testing were minimal. Introduce this release to a test environment for evaluation before deploying it to a production environment.

TO THE EXTENT PERMITTED BY APPLICABLE LAW, CITRIX AND ITS SUPPLIERS MAKE AND YOU RECEIVE NO WARRANTIES OR CONDITIONS, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, AND CITRIX AND ITS SUPPLIERS SPECIFICALLY DISCLAIM WITH RESPECT TO THE HOTFIX ANY CONDITIONS OF QUALITY, AVAILABILITY, RELIABILITY, SECURITY, LACK OF VIRUSES, BUGS OR ERRORS, OR SUPPORT AND ANY IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE. TO THE EXTENT PERMITTED BY APPLICABLE LAW, NEITHER CITRIX, NOR ITS SUPPLIERS SHALL BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, MULTIPLE, PUNITIVE OR OTHER DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF DATA, LOSS OF INCOME, LOSS OF OPPORTUNITY, LOST PROFITS, COSTS OF RECOVERY OR ANY OTHER DAMAGES), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, AND WHETHER OR NOT FOR BREACH OF CONTRACT, NEGLIGENCE OR OTHERWISE, AND WHETHER OR NOT CITRIX, ITS SUPPLIERS, OR LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Where to Find Documentation

This document describes the issue(s) resolved by this release and includes installation instructions. For additional product information, see Citrix Product Documentation.

New Fixes in This Release

1. Citrix group policies stored in Active Directory are removed from the machine on the next GPO refresh or when you run GPUpdate /Force.

   [From GPCSExt170W2K8R2X64009][#LC5204]

Fixes from Replaced Hotfixes

1. Removing Authenticated Users from the Security Filtering of Group Policy Objects (GPOs) in the Group Policy Management Console and applying different Security Filtering for the GPOs can cause the GPOs to fail.

   [From GPCSExt170W2K8R2X64001][#LA0641]

2. The Group Policy engine (CitrixCseEngine.exe) process can cause the CPU to spike unexpectedly and prevent new sessions from starting.

   [From GPCSExt170W2K8R2X64001][#LA2544]

3. When a user logs on, the Citrix Group Policy Engine (CitrixCseEngine.exe) can cause the CPU to spike to 100% for an excessive amount of time while performing Group Policy checks.

   With this fix, the CPU time of the Group Policy engine (CitrixCseEngine.exe) process is reduced significantly.

   [From GPCSExt170W2K8R2X64001][#LA2903]

4. The Citrix Group Policy Engine Service can exit unexpectedly on systems with a group policy rollback file (rollback.gpf) of a zero byte size.

   [From GPCSExt170W2K8R2X64003][#LA0706]

5. Under certain circumstances, Citrix policies might not be applied correctly and can fall back to the default values.

   [From GPCSExt170W2K8R2X64003][#LA4028]

6. When reconnecting to a XenApp session using a different connection method than for the initial session (for example, with and without using the Access/NetScaler Gateway), Citrix policies are not reevaluated for the reconnected session.

   Note: This fix requires you to delete all entries in the following locations on the XenApp server. Do not delete the registry keys and files below unless you are affected by the issue as described:

   • Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Citrix
   • Folder: C:\ProgramData\Citrix\GroupPolicy\*.*

   [From GPCSExt170W2K8R2X64003][#LA5051]

7. The Citrix Policy processing might stop responding, which causes user sessions to become unresponsive. When this occurs, connection requests to Receiver and Remote Desktop (RDP) fail.

   [From GPCSExt170W2K8R2X64004][#LA4969]

8. With this feature enhancement, the Citrix Group Policy Engine generates additional event log messages while processing Citrix policies.

   [From GPCSExt170W2K8R2X64005][#LA5374]

9. "Session printers" policies that are set without adding network printers can block the creation of session printers specified in other "Session printers" policies.

   [From GPCSExt170W2K8R2X64005][#LC0705]

10. Policy processing might take a long time if servers have access only to a Read-Only Domain Controller.

    [From GPCSExt170W2K8R2X64005][#LC0828]

11. If latency is high, the Group Policy engine (CitrixCseEngine.exe) can cause delays during logon.

    To enable this fix, create the following registry keys:

    • HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\GroupPolicy
      Name: GpoCacheEnabled
      Type: REG_DWORD
      Value: 1
    • HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\GroupPolicy
      Name: CacheGpoExpireInHours
      Type: REG_DWORD
      Value: 5 to 24

    [From GPCSExt170W2K8R2X64006][#LC1987]

12. Attempts to install Citrix Group Policy client-side extensions might fail with errors.

    [From GPCSExt170W2K8R2X64006][#LC2260]

13. The Citrix Policy Engine might cause the server to become unresponsive. When this occurs, Citrix Receiver and RDP connection requests fail.

    [From GPCSExt170W2K8R2X64007][#LC1817]

14. When restarting the IMA SQL server while the IMA datastore is unavailable, ICA and RDP connections to the XenApp servers might fail.

    To enable this fix, install both XenApp 6.5 Hotfix XA650R05W2K8R2X64026 (or its replacement) and Group Policy Client Side Extension Hotfix GPCSExt170W2K8R2X64007 (or its replacement) for Fix #LC3477.

    [From GPCSExt170W2K8R2X64007][#LC3477]

15. Citrix Desktop Director might display incorrect Citrix policies in session details.

    [From GPCSExt170W2K8R2X64008][#LC4956]

Installing and Uninstalling this Release

Notes:

• This release is packaged as a .zip file containing the replacement CitrixCse_x64.msi file. For more information about deploying msi files, see Microsoft article 884016 or visit the Microsoft Web site and search on keyword msiexec.
• Caution: Downgrades, also known as rollbacks, from this upgrade are not supported and might leave your systems in an unstable state. This upgrade does not patch the existing installation - it fully replaces it with a new installation. As a result, uninstalling this package removes the entire component from the computer. If the need arises to revert to an earlier version of the product, you must uninstall this package and then reinstall the earlier version of the product. Reverting to an earlier version of the product might result in the loss of settings you configure while this upgrade is installed.
• To install this package successfully, target computers must not have registry modification restrictions in place.
• This hotfix might or might not prompt you to restart the server when the installation or uninstallation is complete. You must restart the server for the installation to complete.
• If the need arises to restore the original settings and functionality provided by this hotfix, you must uninstall the hotfix before reinstalling it according to the installation instructions below.

To install this hotfix:

1. Copy the file to a shared folder on the network.
2. Extract the compressed file and save the CitrixCse_x64.msi file on the computer you want to update.
3. Run the .msi file.
4. Restart the computer.

To uninstall this hotfix:

1. From the Start menu, select Settings > Control Panel.
2. In Control Panel, double-click Add/Remove Programs.
3. Highlight the hotfix you want to uninstall and click Remove.
4. Follow the directions on-screen.