Skip to main content

How to Configure Default Device Access Behavior of Citrix Receiver 3.x and Citrix XenDesktop


This article describes how to configure default device access behavior of Receiver 3.x and XenDesktop.


With Receiver 3.x client, administrators might want to configure the default behavior for device access when connecting to a Citrix XenDesktop environment. The Desktop Viewer client device restrictions by default are based on the Internet region and this behavior can be changed by creating the Client Selective Trust feature registry keys under the HKey_Local_Machine hive in the registry and by adjusting the required values.

With the default value, one of the following dialog boxes appears when accessing local files, webcams, or microphones:


To configure default device access behavior of Receiver 3.x and XenDesktop, complete the following procedure:

Caution! This procedure requires you to edit the registry. Using Registry Editor incorrectly can cause serious problems that might require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Back up the registry before you edit it.

  • Download the appropriate registry settings file that is attached to this article and import to a client device.
    Note: The attachment contains the file for a 32-bit or a 64-bit operating system.
  • Open one of the following registry key on the computer:

    HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\ICA Client\Client Selective Trust
    – Or –
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Client Selective Trust.

  • In the appropriate region(s), change the default value for any of the following resources according to the list of access values:


Resource Key Resource Description
FileSecurityPermission Client Drives
MicrophoneAndWebcamSecurityPermission Microphones and Webcams
PdaSecurityPermission PDA Devices
ScannerAndDigitalCameraSecurityPermission USB and Other Devices
Access Values:
0 = No Access     1 = Read Only Access     2 = Full Access     3 = Prompt User for Access
  • Export the Client Selective Trust key to a new .reg file.
  • Import the modified .reg file on each client device. 
    : You can automate this process by using a logon script.


Download REG_file


Comments (2)

Leave a Reply

Your email address will not be published. Required fields are marked *

Turn on pictures to see the captcha *