| Now that you have installed MetaFrame and all of its components, we are ready to configure MetaFrame and Windows 2000 for optimum performance. The following procedures are just a starting point, you might need to add or remove some of the following procedures. For a detailed list, please check out Rick Dehlingers MetaFrame Installation & Tuning Tips document and Ricks new tuning tips web site: http://www.tweakcitrix.com. It is the bible of MetaFrame tips and tricks. Note: The registry entries listed below have been scripted in to .REG files for your convenience. If you received this document independently from the other material (doc templates, REG file zip) then you will need to download the latest version of this doc and all the registry files discussed below from http://www.dabcc.com/projectinabox. In addition, most changes seen below are also configurable via the MIAB.ADM file as documented in the How to deploy MIAB.ADM later in this document. | Step | Description | | 1. | Remove / disable RDP-TCP Connection in Citrix Connection Configuration Utility Start Programs Citrix MetaFrameXP Citrix Connection Configuration Highlight rdp-tcp and press the delete key | | 2. | Remove the EVERYONE and GUEST account for security reasons on ICA-TCP connection in Citrix Connection Configuration Utility. Start Programs Citrix MetaFrameXP Citrix Connection Configuration Security Permissions | | 3. | Enable Auditing in Local Security Policy Start Settings Control Panel Administrative Tools Local Security Policy applet Local Policies Audit Policies folder Select the Success/Failure events you want to audit. o Account Logon Events: Success and Failure o Audit Logon Events: Success and Failure o Audit System Events: Failure | | 4. | Enable ICA Keep Alives. [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Citrix] "IcaEnableKeepAlive"=dword:00000001 "IcaKeepAliveInterval"=dword:0000003c | Registry File: Enable ICA Keep Alives.reg | | | | | 5. | Enable TCP Keep Alives. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] "KeepAliveTime"=dword:0000ea60 "KeepAliveInterval"=dword:000003e8 | Registry File: Enable TCP keep alives.reg | | | | | 6. | Clear the last persons name that logged into the server farm, from the username field of the Microsoft Client. [HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/system] DontDisplayLastUserName=1 | Registry File: DontDisplayLastUserName.reg | | | | | Step | Description | | 7. | Disable Client Audio Mapping [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\ICA-tcp] "fDisableCam"=dword:00000001 | Registry File: disable client audio mapping.reg | | | | | 8. | Disable Client COM Port Mapping [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\ICA-tcp] "fDisableCcm"=dword:00000001 | Registry File: disable client COM port mapping.reg | | | | | 9. | Disable Dr Watson [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug] "Debugger"="" | Registry File: Disable Dr Watson.reg | | | | | 10. | Disable paging of the Windows NT Executive [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management] "DisablePagingExecutive"=dword:00000001 | Registry File: disable paging of the Windows NT Executive.reg | | | | | 11. | Disable Roaming Profile Cache [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "DeleteRoamingCache"=dword:00000001 | Registry File: Disable Roaming Profile Cache.reg | | | | | 12. | Set TcpMaxDataRetransmissions [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] "TcpMaxDataRetransmissions"=dword:0000000a | Registry File: Increase Performance and Reliability over WAN links and the Internet.reg | | | | | 13. | Disable NTFS last access time stamp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem] "NtfsDisableLastAccessUpdate"=dword:00000001 | Registry File: Prevent last access time stamp from being updated on NTFS.reg | | | | | Step | Description | | 14. | Enable ErrorMode [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows] "ErrorMode"=dword:00000002 | Registry File: Set ErrorMode.reg | | | | | 15. | Disable the printer beep. Disable it to reduce bandwidth/increase performance. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\] "BeepEnabled"=dword:00000000 | Registry File: Disable Printer Beep.reg | | | | | 16. | Set Event Log to overwrite entries as needed with a log size of 2MBs [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application] "MaxSize"=dword:00200000 : "Retention"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security] "MaxSize"=dword:00200000 : "Retention"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System] "MaxSize"=dword:00200000 : "Retention"=dword:00000000 | Registry File: Set Event Log Parameters.reg | | | | | 17. | Set User ICA-TCP Overrides [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\ICA-tcp\UserOverride\Control Panel\Desktop] "AutoEndTasks"="1" "MenuShowDelay"="10" "CursorBlinkRate"="-1" "DragFullWindows"="0" "WaitToKillAppTimeout" = "20000" "SmoothScroll" = dword:00000000 "Wallpaper" = "(none)" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\ICA-tcp\UserOverride\Control Panel\Desktop\WindowMetrics] MinAnimate"="0" | Registry File: Set WinStation Overrides.reg | | | | | 18. | Disable print events from the Event Log [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers] "EventLog"=dword:00000000 | Registry File: Disable Logging of Print Events to the System Event Log.reg | | | | | 19. | Disable Spooler errors from being displayed on the server console [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Spooler] "ErrorControl"=dword:00000002 | Registry File: Surpress Spooler Error Messages.reg | | | | | Step | Description | | 20. | Disable print spooler notification dialog screen from being displayed on the server console [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers] "NetPopup"=dword:00000000 | Registry File: Turn off NetPopup.reg | | | | | 21. | Disable the Alerter Service in the Services Applet. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter] "Start"=dword:00000004 | |