One or a few users are not able to connect to their mailbox using the newest Outlook version there is? Well the issue might be TLS 1.2 not being active on the user's side.
Just set this registry key and you should be good to go:
Having odd issues with the task bar/random task bar freezing on Windows Server 2022 RDS? Or explorer.exe using around 10% of the CPU for every user that is logged in? This might save your day. This issue occurs if you have MS Teams installed on the RDS.
First of all, export the registry path HKLM\SYSTEM\Software\Microsoft\TIP\TestResults\27641370 and look at the file size. If it is around 40MB in size, then you have the same issue.
To resolve the issue, delete the key and disable the TabletInputService service (Touch Keyboard and Handwriting Panel Service). Afterwards, take ownership of C:\Program Files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe and C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe and rename both executables into TabTip32.exe.orig/TabTip.exe.orig.
If you need to renew the Always On VPN IKEv2 server certificate, here are three lines that will help you. Assuming you have the right certificate and the thumbprint, execute the following commands on the VPN server:
Sophos SG/XG Firewalls use OpenVPN to create Site To Site SSL VPN tunnels, but the configuration file is specific to Sophos firewalls. This can be converted to a normal ovpn file though.
Here is how you can manually convert the APC configuration file into an OVPN file.
Take now of these things in your apc file:
Block 1 is the client certificate:
-----BEGIN CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Block 2 is the CA certificate:
-----BEGIN CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Block 3 is the private key:
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
Block 4: there is also a username and password:
Just above the private key is the user:
Just below the private key is the password:
So now here is the ovpn file:
client dev tun proto tcp remote insert hostname or IP of the firewall here 443 route remote_host 255.255.255.255 net_gateway resolv-retry infinite nobind persist-key persist-tun auth-user-pass cipher AES-128-CBC auth SHA256 comp-lzo route-delay 4 verb 3 reneg-sec 0 <cert>
Insert certificate here from Block 1
</cert>
<ca>
Insert certificate here from Block 2
</ca>
<key>
Insert private key from Block 3
</key>
Here is a short test with OpenVPN client on Windows. The password has to be inserted manually, but normally the tunnel gets initiated from a firewall/network appliance, in that case you should be able to insert username and password in the command line.
If your users use a published application, you might have noticed that OneDrive does not automatically start after starting the app. This is by design, as it will only start in the full desktop, when Explorer.exe is running.
To ensure that Onedrive is starting with the Citrix Published Application, you can create a user logon script. This is one solution I have implemented, there are many others though.
C:\Program Files\Microsoft OneDrive\OneDrive.exe
/background
The other challenge: If the published application is closed, the session will still be open because Onedrive is still running, and the user will not be logged off. To change that behaviour, add Onedrive.exe and Microsoft.Sharepoint.exe as a value of this key:
