Troubleshoot Policy Tampering Detection
The following section describes some of the issues that you might face and how to troubleshoot them:
The ICA file is tampered and the session is still running
If the ICA file of a virtual app or desktop session that is enabled with the App Protection Policy Tampering Detection feature is tampered with, then the session must be terminated displaying one of the following error messages:
-
Citrix Workspace app for Linux
-
Citrix Workspace app for Mac
-
Citrix Workspace app for Windows
However, if the session is running even if the ICA file is tampered with and Policy Tampering Detection is enabled, then do the following steps:
-
In the Virtual Delivery Agent, do the following:
-
Run the following command and check if the
ctxappprotectionsv
service is running:sc query ctxappprotectionsvc
-
If the
ctxappprotectionsvc
service isn’t running, then do the following steps to start the service:-
Change the startup type of the
ctxappprotectionsvc
service to automatic by running the following command:sc config ctxappprotectionsvc start=auto
-
Start the service by running the following command:
sc start ctxappprotectionsvc
-
-
-
In the client, do the following:
-
Check if the vdappp.dll file is in the installation location of the Citrix Workspace app. The default installation location of the Citrix Workspace app is as follows:
- Windows - C:\Program Files (x86)\Citrix\ICA Client
- Linux - /opt/Citrix/ICAClient
- Mac - Not applicable
-
For Citrix Workspace app for Windows, use procexp.exe and check if the vdappp.dll file is loaded in wfica32.exe.
-
For Citrix Workspace app for Linux, check if the vdappp.dll file is loaded in wfica.exe.
-
-
If the session is still running, then collect the logs and contact Citrix Technical Support. For more information about collecting logs, see Log collection.
Policy Tampering Detection stops working after rebooting Virtual Delivery Agent
If you reboot the Virtual Delivery Agent and the Policy Tampering Detection feature stops working, then it might be because the App Protection service isn’t running after reboot. Do the following steps on the Virtual Delivery Agent:
-
Run the following command and check if the
ctxappprotectionsvc
service is running and set to automatic:sc query ctxappprotectionsvc
-
If the
ctxappprotectionsvc
service isn’t running, then do the following steps to start the service:-
Change the startup type of the
ctxappprotectionsvc
service to automatic by running the following command:sc config ctxappprotectionsvc start=auto
-
Start the service by running the following command:
sc start ctxappprotectionsvc
-
-
If the Policy Tampering Detection feature is still not working, then collect the logs and contact Citrix Technical Support. For more information about collecting logs, see Log collection.