Session Client
These conditions use client and session attributes to look for a match within the session or client of the logged on user. For example, a client Screen Resolution condition can be configured so that a particular application can be used only on all clients with a screen resolution of 1024x768 and above.
Condition | Description |
---|---|
Connection Type | A condition that determined whether the connection type matches the current method the user has connected to the session. Examples of connection types include Console, remote desktop connection (RDP-TCP), remote desktop connection via Citrix ICA (ICA-TCP), and remote desktop connection via Citrix ICA-<any> (ICA-*). |
Published Application Name | A condition based on the use of a particular published application. |
Connecting device | A condition that determines whether the IP address of the Remote Desktop Protocol (RDP) client matches the IP address in the configuration. |
Client IP Address | A condition based on an IP address entered into the Address field. A range of IP addresses can be defined using the Between option and the two Address fields. For ranges, the IP address is not treated as a whole number but based upon the value of each octet. For example, if the range was from 190.190.190.190 to 200.200.200.200, 198.198.198.198 would pass but 198.198.210.198 would not as the third octet is not within the set range. |
Client NETBIOS Name | A condition based on the screen resolution of the connecting device. A specific resolution or a range can be used to define when an action applies. This condition is available for Remote Desktop Protocol (RDP) and Independent Computing Architecture (IDP) clients only. It will not work on the console. |
Session Color Screen Depth | A condition based on the color screen depth of the connecting device. Use the slider and radio buttons to select the required value or range of values. This condition is available for Remote Desktop Protocol (RDP) and Independent Computing Architecture (IDP) clients only. It will not work on the console. |
Client Computer Domain | A condition for a defined network of client computers. Use the Lookup Type drop-down to specify whether the condition uses the DNS Domain or Windows Domain naming conventions. The domain entered in the Match field must be in the format used in your organization for the selected naming convention. For example, a DNS domain name could be testing.xyz.local whereas the Windows domain name would just be testing. |
Client Computer Group | A condition based on an Active Directory client computer group. |
AAD Client Computer Group | A condition based on an Azure AD client computer group. |
Citrix Client Settings | A condition based on attributes of the connecting client.
For further information see Add a Citrix Client Settings Condition. |
Citrix vDisk Client Settings | A condition to determine whether a Citrix vDisk is in use and, if so, whether it is running in Standard or Private mode. |
Established Connections | A condition that determines whether the remote IP address and local port in the condition match an "established connection" returned by the netstat command. That is, that there is a connection between the machine and the remote IP and local port and they are able to exchange traffic. Wildcard ranges are supported for the remote IP address. You can either enter * (asterisk) in the Port field to look for any port, or you can leave the field blank for the port number to be ignored. For more information, see Established Connections and Netstat. |
VMware Variables | A condition based on attributes of the broker or connecting client. |
Established Connections and Netstat
Netstat (network statistics) is a TCP/IP command-line utility that displays incoming and outgoing network connections for TCP, routing tables, and a number of network interface and network protocol statistics.
You can use netstat with a number of parameters. The -a parameter lists all the computer's connections and listening ports, as shown here:
In the list displayed by netstat, the Local Address is the machine's IP address and port number. The Foreign Address is the remote IP address and port number. A state of LISTENING shows an open port listening for inbound connections. A state of ESTABLISHED means a connection exists between the machine and the remote IP address and port and that they are able to exchange traffic. When you set an Established Connections condition, the local port numbers and the foreign IP addresses returned by netstat are compared to those set up in the condition, and if they match, the condition is satisfied.
Add a Citrix Client Settings Condition
- Select the node for a Custom rule.
-
In the work area select Conditions > Session & Client > Citrix Client Settings.
The Citrix Client Settings dialog displays.
- If required, enter a description and any additional information relating to the Citrix Client Setting in the fields provided on the General tab.
- Select the Client Settings tab.
-
Select the Citrix Client Settings condition criteria from the following:
Attributes Description Clients OS Match the client’s operating system, such as Android, iOS, Mac or Windows. Client Type Match the type of client, such as a phone, tablet or other device. Client Version Match the version number of the Citrix Receiver client. This uses the build version number, rather than the version number used in the marketplace. For example, Citrix Receiver 14.1.0.0 relates to build version number 4.1.0.56461.
To view the build version number, see the About box within the Citrix Receiver.
Client Encryption Match the client encryption type from Basic, Logon Only, RC5 (40 bit), RC5 (56 bit) and RC5 (128 bit). The encryption levels available for XenApp and XenDesktop are Basic and RC5 (128 bit) only. The condition is not compatible with XenDesktop.
NetScaler Session Policies Match NetScaler session policies. Separate multiple policies with commas This condition is not compatible with Citrix XenApp.
NetScaler Hostname Match the hostname of the NetScaler. This condition is not compatible with Citrix XenApp.
- Click OK.
The Client Version, Client Encryption, NetScaler Session Policies and NetScaler Hostname conditions require the following to be installed:
The Citrix PowerShell Broker Snap-in on the client. This snap-in can be installed on the client by running Broker_PowerShellSnapIn_x86.msi or Broker_PowerShellSnapIn_x64.msi from the Citrix installation media.
For Citrix XenApp, PowerShell 3.0 or later on the server.
For Citrix XenDesktop, PowerShell 3.0 or later on the Virtual Desktop Agent client.
The condition has been added.