Citrix Files: Setting default settings for desktop app with powershell

If you are using Citrix Content Collaboration and alongside it, using the Citrix Files app, you may be familiar with the fact that you cannot deploy centrally configured settings for the Citrix Files desktop app.
(PS: Citrix – why did you find it useful to name the service Content Collaboration, and then call the apps Citrix files? Please stop confusing the users.)

You can however control the default settings for the Outlook plugin etc via the ShareF…sorry.. Content Collaboration admin panel.
But there is nowhere to control the settings for the actual Citrix Files desktop app, not even in Group Policy ADMX – last I checked.
Why do you want to do this?

Well, it can – for many – be beneficial to set the default sharing options to something defined by the organization. Not everyone wants the links to never expire, anonymous access etc. 
If you’re wondering what settings I’m talking about, its these – right click your Citrix Files agent in systray ad go to settings:

So how can we control this?

Step one – figure out where these settings are stored.
Answer: %appdata%\Citrix\Citrix Files\users.json

So, it’s a JSON file, that gets created with default settings when the user first logs in to the agent. Now that is something we can work with.

To start with, we can lauch powershell and view the contents of the JSON file.

go to directory “%appdata%\Citrix\Citrix Files” in powershell after you have logged in to the Citrix Files app
Run this command to see the content on screen

Get-Content -raw “.\users.json” | ConvertFrom-Json | fl

If you prefer to use a tect editor to search later you can run this – and then open the file to you liking.

Get-Content -raw “.\users.json” | ConvertFrom-Json > users.txt

In the file we can easily see there are a lot of true or false arguments we may want to manipulate – what you want to achieve may be different from me, so adapt accordingly.

In my case, I want the following:
*Require recipients to log in – ON
*Send encrypted e-mail – ON
*Access expires – 6 Months

Knowing this we can make a powershell script that:
*Kills the running process
*Finds these arguments that are “False” as of default
*Set these to “True”
*Start the Citrix Files agent again – and the users.json should be read in and have the changes applied.
*We then can deploy this via MDM, Intune, Group Policy etc.

This would look something like this – in my case :
You can download it here: Download Script


#### Script to set the Citrix Files desktop app config defaults

#### Useful to force require login for recepients // enable encrypted email as default etc, when sharing directly from windows explorer.

#### This is not available pr now to set via Group Policy or web gui for the Citrix Files desktop app, only for outlook plugin.

#### Creator info: Geir Dybbugt –


#kill process on user level without admin right

wmic process where “name=’citrixfiles.exe'” delete

sleep 10

#Location for the JSON config file for Citrix Files

$JSON = “$env:appdata\Citrix\Citrix Files\users.json”

#Set recipient to require login as default

(Get-Content $JSON).replace(‘”Send_RequireRecipientLogin”:null’, ‘”Send_RequireRecipientLogin”:true’) | Set-Content $JSON

#Set Encrypted email as default

(Get-Content $JSON).replace(‘”Send_EncryptEmail”:null’, ‘”Send_EncryptEmail”:true’) | Set-Content $JSON

#Set Default expiration for links to 6 months (value in days) PS: “-1” is default for “never”

(Get-Content $JSON).replace(‘”Send_Expiration”:null’, ‘”Send_Expiration”:180’) | Set-Content $JSON

#Start Citrix Files after change

start-process “C:\Program Files\Citrix\Citrix Files\CitrixFiles.exe”

Hope someone finds this useful – I know I do

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from

Subscribe now to keep reading and get access to the full archive.

Continue reading