I assume if you are reading this you are tired of seeing Internet Explorer eat up CPU cycles on your Citrix farm, hurting other users experience. I usually prefer to keep the browser out of the Citrix Session for security reasons, however in some cases this is not possible.
First thing I would recommend is setting the Internet Explorer performance options. You can control this with simple registry settings, see below:
Enabling Internet Explorer Performance Options
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe\PerfOptions]
“CpuPriorityClass”=dword:00000005
“IoPriority”=dword:00000001
This settings used above are for CPU and Disk IO and you may use the table below for an explanation of the settings impact:
CpuPriorityClass
1 Idle
2 Normal
3 High
5 Below Normal
6 Above Normal
IoPriority
0 Very Low
1 Low
2 Normal
Enabling Tracking Protection with EasyList (https://easylist.to/)
Log on, fire up IE11, and then click on the Tools icon, select Manage Add-Ons from the menu, and click on Tracking Protection in the list of Add-On Types.
Then click on Get a Tracking Protection List Online, and from the web page that appears, select one (I like using EasyList Standard since this is the one AdBlock Plus uses)
Click on Add List from the dialog box, and close the Manage Add-ons dialog and restart your browser to begin testing.
Deploying the Registry values and filesystem entries
Now it’s up to you to decide the method of deploying these settings. I will cover doing this with Group Policy Preferences – but there’s probably a multitude of ways to get this done, choose the one that’s easiest for your own environment.
There are two items to deploy, the registry values and some files you need to copy. Here is the path to the registry settings you need to deploy:
HKCU\Software\Microsoft\Internet Explorer\Safety\PrivacIE\Lists\{GUID}
On a server with the same OS as your Citrix farm, configure the settings and then export the settings to be able to import into the next step.
Group Policy Preferences, using the Registry Wizard, under User Config | Preferences | Windows Settings | Registry. Use this to browse to the local or remote Registry location and bring in the settings (make sure to select all the values in the key!)
So we need to copy out the .tpl file from the testing user profile and copy it in when the user logs in to your farm.
it should be located somewhere like:
C:\Users\Mcrabtree\AppData\Local\Microsoft\Internet Explorer\Tracking Protection\{GUID}.tpl
Here are the location you need to deploy to:
%LOCALAPPDATA%\Microsoft\Internet Explorer\Tracking Protection
Make sure that the Type for the Path value is correctly set to be REG_EXPAND_SZ rather than just REG_SZ.
If you implement this, you may want to restrict your users ability to disable this by using the Group Policy Object “Do not allow users to enable or disable add-ons“,
I am still testing these settings, but I am hopeful they will have a positive impact on IE performance and security.
***Update***
If you get this message when adding the tracking list: