SOLVED: Adobe Reader X hangs after opening a PDF file

Some time ago i noticed that when I opened a PDF file, Adobe Reader X stopped responding for sometime. I noticed it happens on Windows 2003, Windows 7 and Windows 2008. after some investigation I found a solution in disabling Adobe’s “new” Protected Mode feature.

  1. Open Adobe Reader X
  2. navigate to Edit->Preferences->General
  3. clear the check-mark at “Enable Protected Mode at startup”
  4. Click OK to save the changes (acknowledge the warning)
  5. Shutdown Adobe Reader X

You can also disable protected mode through a registry key

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\10.0\FeatureLockDown]


EDIT: In Acrobat Reader XI the location hast changed to: Edit->Preferences->Security (Enhanced)



SCRIPT: Automatically Change Proxy Settings

When you’re in the consulting business, you travel a lot between companies. That what I consider the beautiful part of the job. Downside is that every company has it’s own policy for Internet usage. A lot of companies regulate their internet access through so called proxy servers. When you visit a lot of companies you have to change the internet settings multiple times a day to match the desired settings for that company. Therefore I wrote a powershell script that detects the DNS suffix of the company you’re at and matches the proxy settings according to the configured settings read from a XML file.

What does the script do:

  • Change Proxy Server settings for Internet Explorer and Chrome
  • Add Proxy Exceptions to bypass the proxy
  • When connected to multiple networks a known location takes presence
  • When a location is not known, the configuration defaults to “Direct Connection”
  •  Notifies you which settings are used.

What the script does NOT do:

  • Detect networks based on IP Address (Never will, too general way of checking)
  • Change Proxy settings for FireFox (#1 on my wishlist)
  • Detect network changes dynamically.


Copy the PS1 and XML to a convinient location (eg. C:\Windows). Configure the XML file for use with proxy servers. Each location must be in its own <Sites> node.

<Name>  The name for your location is must be in the Name node.
<DNSDomain> The DNS Domain that should be checked is in this node
<ProxyServer> In this node you enter the proxy server name
<ProxyPort> In this node you enter the proxy port that should be used
<ProxyOverRide> All exceptions that should bypass the proxy server are entered in this node, each exception should be separated with a semi column.

Example Configuration

 <Name>My Location</Name>

Each location should look like the above example, you can append multiple sites to the <Global> node. I’ve tested the script on Windows 7 (x64) but it should work on Windows XP as well. to hide the Powershell command-box you can start the powershell script with:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle “Hidden” C:\Windows\SetProxy.ps1

I’ve created a scheduled task that executes the script on login and unlock, that covers it for me. additionaly you can create a shortcut on your desktop to launch the script manually.

Please let me know what you think.

Download :  [download id=”7″]


Solved: XenApp 5 HRP 7 results in 0x000000CF BSOD

While installing a new Citrix XenApp  farm for a customer I upgraded the servers to Hotfix Rollup Pack 7 (HRP7, PSE450W2K3R07). The XenApp 5 farm is build as virtual servers on a  VMWare vSphere 4.1 cluster. Installing Hotfix Rollup Pack 7 via RDP console session (mstsc /console) succeeded  with no error and the farm booted nicely after installing the HRP.

The troubles started when I tried to connect to the farm via an ICA connection, only few seconds after initiating the connection the selected server crashed with an 0x000000CF (TERMINAL_SERVER_DRIVER_MADE_INCORRECT_MEMORY_REFERENCE)BSOD. After the BSOD the server rebooted nicely but an ICA connection was never setup.

Investigating this problem led me to some specific solutions to the problem like:

  • Copying an older version of twexport.sys to “C:\Program Files\Citrix\Drivers” and “C:\Windows\System32\Drivers” [Source]
  • Installing hotfix PSE450R07W2K3011

but none of them solved my solved the problem. Eventually the problem was solved by installing HRP7 NOT via RDP BUT via the VMWare console


Solved: 0x0000007B BSOD after unattended install of PVS Target Device

While building a deployment sequence for a XenApp 6 farm using SCCM, I ran into the problem that the unattended install of the PVS Target Device (5.6 SP1)  succeeds but after after creating a VHD file using “XenConvert P2VHD” and booting the newly created vDisk the Provisioned Server crashes with a BSOD 0x0000007b (inaccessible boot device).

After some investigation on the source machine I noticed the “Citrix Virtual Hard Disk Enumerator PVS”  device did not install correctly and displayed an yellow exclamation mark in Device Manager (devmgmt.msc).  After searching the citrix forums I ran into a thread in which the others experienced the same problem.

Unfortunatly a real solution is not provided in within the thread (other than a manual installation). So digging down the internet I found the solution for this problem. Somehow the drivers files are not transferred to the “%windir%\System32\Driver” folder during unattended (SCCM/Wisdom) installation.  Copy CFsDep2*.* files from “C:\Program Files\Citrix\Provisioning Services\drivers”  to “%windir%\System32\Driver”  afterwards you can install you can install the PVS Target Device client unattended by running “PVS_Device_x64.exe /S /v /qn

After the installation the exclamation mark has disappeared, a newly created vDisk booted successfully.


Error 1046: This Version of Citrix Receiver does not support the selected encryption

When starting a ICA session with RES VDX enabled you may receive the error message:

Error: This Version of Citrix Receiver does not support the selected encryption, when starting RES VDX session

After some searching I ended up at the RES support site which tells you:

Q203290 Error: This Version of Citrix Receiver does not support the selected encryption, when starting RES VDX session

When starting a Citrix XenApp session with RES VDX enabled the following error might occur:
“This Version of Citrix Receiver does not support the selected encryption. [Error 1046] The Virtual Driver is not loaded”.
The second logon attempt runs without any problems. This issue only occurs when using the Citrix Receiver. When using earlier ICA client versions , this error will not occur.

Cause 1 – RES VDX tries to initialize the ICA virtual channel when the Citrix Receiver is not ready yet. 95% probability.
In Citrix Receiver 3.0 and higher, Citrix implemented a timeout in their software. Due to this timeout an error is generated by the Citrix Receiver when RES VDX tries to open the ICA virtual channel. At the seccond logon attempt the timeout is expired and the logon process continues without any problems.
Solution 1.1 – Solved in a FixPack based on RES VDX SR2

To request the fixpack please consult RES Support


SOLVED: Citrix Receiver Error 61 on OS X

In my test environment I have installed all Citrix components (required) to access applications from remote locations.


  • Citrix Access Gateway (VPX) Express
  • Self-Signed certificate. (Generated by CAG)
  • Citrix Webinterface (configured Services Site)
  • XenApp 6

This setup works for the following device OS’es:

  • Windows 7
  • IOS 5
  • Android 2.2
Only when trying to connect an OS X machine to the published application (via Citrix Receiver 11.4.3 It did not work.

After importing the self-signed certificate (crt/cer) to the keystore (login or system) I try to setup up a connection to the published application.  After some time the connection failed with I receive the following error:

Citrix ICA SSL Error 61: You have not chosen to trust FQDN, the issuer of the server’s security certificate.
Error number183

After trying some stuff, like importing it in different formats I eventually found the solution while doing the following steps:
  1. Export your self-signed certificate to a convenient location.
  2. Open Terminal and enter :
  3. Enter:
    Sudo su
  4. Enter your admin user password
  5. Enter:
    mkdir /var/CTXScert
  6. And:
    mkdir /var/CTXScert/cacerts
  7. Now copy your certificate to the just created folder, cp <your location> /var/CTXScert/cacerts/
  8. quit Terminal.
Instantly after connecting again I was presented the Published application, the error had disappeared.

XenServer cmdlet’s not available on Windows 2008 R2

After installing the XenServer powershell cmdlet’s, the cmdlet’s are by default only available in the 32-bit environment of powershell. When you want to use these cmdlet’s within the native 64-bit environment you have to launch a command after the installation of the XenServer Powershell SDK.

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe "c:\Program Files (x86)\Citrix\XenServerPSSnapIn\XenServerPSSnapIn.dll"

After the DLL is loaded succesfully you can start using the cmdlet’s by invoking

Add-PSSnapin XenServerPSSnapIn

Or use the “Citrix XenServer PowerShell SnapIn” StartMenu item

Happy Scripting!


SCRIPT: Check your WAN IP and get Notified on change

One of the first powershell scripts I wanted to share is a script that checks your WAN ip and notifies you by e-mail when it changes.


I’ve used to sign up with a dynamic DNS provider but my router stopped updating my ip address to that DynDNS provider. After a while I received an e-mail that my host was being deleted from the database if I did not take action. A few e-mail later I decided to say goodbye to that DynDNS provider because my IP-Address does not change that much at all (I still have the same address as a year ago). So I wrote a script that checks the IP address of your FQDN and uses the automation page of  to read you current WAN ip address and sends you an e-mail when it has changed.

Code Break down:

This is where you put your router’s FQDN

$TargetDomain = "Your Host FQDN" #Enter your FQDN that is linked to your WAN ip address

This function takes care of sending the e-mail

Function SendMail {
$EmailFrom = "" #Enter the e-mail address it should send the message from.
$EmailTo = "" #Enter the e-mail address it should send the message to.
$Subject = "External IP Address Has Changed ($Current_WAN_IP)" #Enter your subject the e-mail message should contain.
$Body = "Please Update your DNS records to $Current_WAN_IP" #Enter the message that the e-mail should contain.
$SMTPServer = "SMTP SERVER FQDN" #Enter the FQDN of your SMTP server eg.
$SMTPClient = New-Object Net.Mail.SmtpClient($SmtpServer, 587) #Enter your SMTP Port eg. 587
$SMTPClient.EnableSsl = $true # Change to $false if you don't want to use SSL
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential("your smtp username", "your smtpserver password") #Comment line with '#' if you don't need authentication
$SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $Body)

Here is where the magic happens, this code checks your WAN IP and executes the correct action

# Do not change anything below this line.
$DNS_WAN_IP = [System.Net.Dns]::GetHostAddresses("$TargetDomain") | select-object IPAddressToString -expandproperty IPAddressToString
Write-host "Resolved IP Address of $TargetDomain = $DNS_WAN_IP"
$Current_WAN_IP = (New-Object System.Net.WebClient).DownloadString("")
Write-host "Current WAN IP Address = $Current_WAN_IP"
if ($Current_WAN_IP -ne $DNS_WAN_IP) {
 if ((@([Byte[]][char[]]$Current_WAN_IP -eq 46).Count)-ne 3) {write-host "No Valid IP Address Retrieved";Exit}
 Write-Host "IP Address Has Changed, Sending e-mail"
 Else {write-host "No IP Address Change Detected";Exit}

This script is tested with Powershell V2 but should work in V1 as well. I’ll Hope you like the script full version can be downloaded here: [download id=”6″]

2012 A New Year – Many Good Intentions

2012 has already started for some days now, So let me summarize 2011 and give you all a glimpse into 2012, without being dramatic about it 2011 was certainly a memorable year.

  • Busy with the preparation for the start up of my Company.
  • Our beautiful daugther was born [March]
  • I totally ruptured my Achilles tendon [April]
  • I quit my Job [April]
  • I Started FRN Consultants [June]
  • My first project as consultant for FRN Consultants [June]
  • Still recovering from the ruptured Achilles tendon [December]

A lot of happy moments and some not so happy moments, that how 2011  can be summarized. Probably like anyone else I have some good intentions for 2012. I will do my utmost to fulfill these, so here they are in no particular order:

  • Not rupture my Achilles tendon (ever) again.
  • Participate in interesting projects.
  • Publish more  posts to this blog.
  • Lose some weight.

I really do no want to rupture my achilles tendon again, because it really takes a lot of time to recover, It happened 2nd of April 2011 during a game of futsal (indoor soccer). Not even a month after the birth of our daughter so I unintentionally gave my girlfriend a really hard time and almost a year later i’m still recovering with the help of the physiotherapist (last week I just started running again). I do need to start running because i’ve gained some weight.

Some say 2012 is going to be a tough year Business wise, I really hope I can participate in challanging and interresting projects as a IT consultant, but also I want to explore other businesses as well. I’ve invested in some internet related “projects” which will hopefully make some profit at the end of the year.  so now and then take a look at:

Last but not least I hope to publish more content to this website than I did in 2011, I very busy with powershell lately so I plan to put scripts on this or other website.

I wish you all the best in 2012 and hope you’ll return to this website regularly. If you have any question/inquiries please don’t hesitate and contact me.

Best regards,


Desktop starts instead of a Published Application

Within my current project we ran in to a situation, where we build a Xenapp 6 farm. When we started an published desktop everything was fine. But after publishing an application and starting it did not start the published application, but the whole desktop was presented.

After some troubleshooting we discovered that newly created users were not affected by this problem so I started to look for differences between our existing test user accounts and and new created ones. In the end I concluded that it had to be the script that ran the other day. That script was executed by the AD guy’s to set some user account attributes (HomeDrive, TS Profile Path, etc). So I ordered the AD guy’s to reset the settings that were changed. After the user account changes had been reset, It still did not work.

While searching some forums I found these documents which outline the exact problem and deliver some “solutions” and workarounds.


Basically there is a bug within the Windows 2008 “Active Directory Users and Computers” console which cripples the user account when changing the “Profile Path” on the “Remote Desktop Services Profile” tab. Even when changing back the Profile Path to the default. The user account is still affected by the bug. To fix the user account you have to run this vbs script

Set objUser = GetObject _
objUser.PutEx ADS_PROPERTY_CLEAR, “userParameters”, 0

The bug it self is resolved within a Microsoft hotfix and can be downloaded here


TIP: To easily  discover the user LDAP path you can use:  dsquery user -samid “UserLogonName”.

After clearing the existing user attributes I was able to start a seamless published application  and no longer the whole desktop was displayed. This BUG also appears when connecting to a Published Application that is hosted on Windows 2003 (running XenApp)



1 2 3 4