Issue description
Virtual channel security update
The Virtual channel allow list is now enabled by default. To use custom or third-party virtual channels, you must manually add them. For more information, see Virtual channel security. An error can be displayed from the LoadGen Studio: The studio could not setup a connection to the server.
Solution
- Start the Citrix Studio.
- Open the Policies page.
- Create a new policy or open your default-defined policy.
- In the Search box search for virtual.
- Press Select or open the Virtual channel allow list policy.
- When the policy is opened change Enable to Disable.
- Press OK.
- Force restart your VDI or hosted desktop machines.
Adding virtual channels to the allowed list
To add a virtual channel to the allow list, you need the following:
- The virtual channel name, defined in the code, can be up to seven characters long. For LoadGen use: UAI.
- The paths to the processes that open the virtual channel on the VDA machine. For LoadGen use: C:\Program Files\Application\run.exe.
Once you have the required information, you must add the virtual channel to the allow list using the Virtual channel allow list policy setting. To add a virtual channel to the list, enter the virtual channel name followed by a comma, and then the path to the process that accesses the virtual channel. If there are multiple processes, these can be added and separated by commas.
LoadGen UAI virtual channel
This information is required for the allowed list entry:
- Virtual channel name: UAI
- Process: Path to the LoadGen UAI process: C:\Program Files (x86)\LoadGen\LoadGen ServerAddin\LoadGenUAI.ServerAddin.exe
- Allow list entry: UAI,C:\Program Files (x86)\LoadGen\LoadGen ServerAddin\LoadGenUAI.ServerAddin.exe
Check
To ensure that the Virtual Channel Allow List policy is correctly configured and active on your Citrix Hosted Desktop or VDI machine, verify the following registry key:
- HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Citrix\VCPolicies
REG_MULTI_SZ
VirtualChannelWhiteList = "=disabled="
This setting disables the Virtual Channel Allow List, permitting all virtual channels to operate without restriction.
Also, please ensure that the policy enforcing this setting is assigned the highest priority in Citrix Studio. In Citrix policy management, a lower numerical value indicates a higher priority (with 1 being the highest). By assigning the appropriate priority, you guarantee that this policy takes precedence over others, effectively applying the desired configuration.
After making these changes, restart the Virtual Delivery Agent (VDA) machine to apply the new settings.
Are you still experiencing issues?
Please check this article.