Archive

Archive for the ‘StoreFront’ Category

How to monitor your Internet facing service globally – #Azure, #ApplicationInsights, #Citrix, #NetScaler, #EnvokeIT

Hi again all!

It’s been quite a long time since I wrote a blog post.. I’ve just been too busy working! 🙂

But this is a really cool capability that I think that many of you will like, how often do your company or service provider have a good way of monitoring availability, performance etc. from the public Internet? And if they do then most of the time the larger service providers will build a service and install their own probes on different geographical locations and then they charge quite a lot for this service, and every time you change your application the charge you again for modifying the scripts that the probes use etc.

What I’ve tried and now think is going to be great for both smaller and larger organisations is the Azure Application Insights service. It’s really great and can assist with just this, it’s a service that microsoft provide from their locations globally where you can test your apps in Azure or course but also any web site out there on the Internet. And it doesn’t stop there, you can also use the server installer to also provide metrics from your Windows IIS server up to Azure to get more detailed statistics about the web server itself and requests etc.

Just think about how much it would take for you to setup monitoring from APAC, Americas and Europe for your NetScaler environment.. that would not be done in 10 minutes if you talk to your standard service provider. It took me 10 minutes to setup this reporting to ensure that the NetScaler is available from different locations around the world:

Availability

 

And this is just a simple url ping test to ensure that we get a proper 200 OK response from our EnvokeIT Lab environment that my colleague Björn have setup and modified so nicely with the X1 StoreFront look & feel.

NetScaler_StoreFront_x1_look_and_feel

 

URL_ping_test_netscaler_bear_lab_envokeit

Of course you can make a more proper test than just a url ping test like in this case, the service supports multi-step tests and also content matching etc. It’s also very easy to create one application/service that then consists of multiple locations that you want to monitor, for instance if you’re using GSLB FQDNs as well as regional to ensure that you get the full picture.

More information about what can be done you can find on the Azure Application Insights  pageRead more…

#Citrix #StoreFront 2.5.2 is released – #DaaS, #XenDesktop, #XenApp

Citrix has released Citrix StoreFront 2.5.2 with some good fixes…

Issues fixed in StoreFront 2.5.x

Updated: 2014-06-18

Issues fixed in StoreFront 2.5.2

Fail to launch a XenApp session from the second delivery site.

The StoreFront server had problems with load balancing between two XenApp farms. When the first farm was completely loaded, StoreFront did not use the second farm and the application launch failed. [#432279]

Enhanced enumeration fails with socket pooling enabled.

Enumeration failed for two or more farms when socket pooling was enabled in the store configuration file. [#470666 and #458139]

Issues with finding the domain controller for a domain.

Slow logon times occurred when geographically distant domain controllers were chosen. [#479210]

Submitting the logon form after the authentication service session timed out results in an HTTP 400 Bad Request.

When the logon form was submitted after the authentication service session timed out, an HTTP 400 Bad Request response was generated preventing the user’s credentials from being resubmitted. [#479200]

Directory queries are not thread-safe.

Citrix default Domain Services crashed because the Directory services account look-up was not thread-safe. [#479188]

Issues fixed from StoreFront 2.1 to 2.5

Changing an expired password on next logon fails.

When prompted to change a password, client domain users using Windows would not be able to successfully change their passwords because of Windows Server 2003 domain controllers failing to handle the operation correctly. Microsoft has issued an update that resolves this problem. The update is available via Windows Update or may be downloaded from Microsoft support directly at http://support.microsoft.com/kb/2927811. [#438725]

A user with a large number of subscriptions loses the ability to manage subscriptions.

When logging on, users with 353 or more automatic app subscriptions would receive the following error: “Citrix Receiver cannot currently add, remove, or reposition apps.” [#432086]

The wrong user name is sometimes shown.

Clients would erroneously display a different username. [#430823]

PNA resource IDs do not match requirements of local launch logic.

PNA resources from XenApp were in a format different than StoreFront’s usage. This inconsistency led to slower performance due to excessive ICA connections.[#429055]

Partial wildcard certificates cause issues in the admin console.

The admin console would improperly display configured host names from the IIS bound certificates. [#424708]

Change password option is not available for some users.

Some users were not given the option to reset their password even though they were enabled to do so. [#416373]

Subscription export/import loses subscription properties.

StoreFront was not properly maintaining multiple subscription properties. [#408668]

DAC smart card authentication updated to use domain account services rather than IIS certificate mapping.

Desktop Appliance Connector certificate authentication with smart cards required manual configuration with IIS certificate mappings rather than using the default domain account services. [#406945]

A SAN web server certificate with no CN causes issues for the admin console.

StoreFront admin console was improperly handling common name entries in certificates which would cause console crashes.[#401815]

StoreFront home farms support gives a user access to all farms when they should have access to none.

When a user was configured without access to any farms, all farms were enumerated for that user.[#400869]

The admin console being closed would overwrite some manually applied changes made to the configuration file.

Some manual configuration changes were being lost when the admin console was closed. [#440946, #424460, #439887, #395155]

Read more…

#XenMobile and the #Citrix Mobile Workspaces Architecture – #BYOD

This is a great blog post by Christopher Campbell and good picture to show the overall capabilities and architecture of the Citrix offering!

You’ve heard us talk about Mobile Workspaces and if you’re a techie you’re probably wondering if Citrix really has the architectural components (a complete, comprehensive and fully integrated architecture) that can deliver any app and data to any user on any device over any network?

Well let’s first identify a few of the market leading technologies that make up the Citrix Mobile Workspaces solution:

  • XenApp mobilizes and secures Windows apps on any device
  • XenDesktop securely delivers virtual Windows desktops and apps on any device
  • XenMobile manages and secures mobile, web and SaaS apps on mobile devices
  • GoToMeeting empowers people to meet and collaborate with anyone, anywhere
  • ShareFile shares and syncs corporate data securely from any location
  • NetScaler optimizes and secures app delivery and on any network
  • CloudPlatform orchestrates and provisions apps, desktops and IT services from any cloud

OK, OK. We know you have the products but do they really integrate?

Yes. Don’t believe me? Well as they say a picture is worth a thousand words. This is what the Mobile Workspace Architecture looks like.

OK. I get it.  You have the architecture but that doesn’t necessarily translate to a seamless user experience.

Still don’t believe huh? Well this is what the user experience looks like.

XenMobile is a key ingredient in delivering a mobile workspace.  Along with XenApp and XenDesktop it allows organizations to deliver on giving users access to any app from any device. In fact, if you’re an existing XenApp or XenDesktop customer, XenMobile seamlessly plugs into your existing architecture.

If you’re a XenDesktop or XenApp customer this is what your environment probably looks like.

Now this is what you need to enable EMM for BYO and COPE (Corporate Owned, Personally Enabled) devices and add that MDM, MAM, Secure Email, Secure Data…

Continue reading here!

//Richard

 

#Citrix #XenApp and #XenDesktop 7.5 is released

March 26, 2014 1 comment

Finally it’s released, just go and download and enjoy (hopefully)! 😉

https://www.citrix.com/downloads/xendesktop/product-software/xendesktop-75-platinum.html

Documentation is available online in Citrix eDocs. Keeping in mind that the online documentation will be periodically updated, you may also download a PDF file with a current snapshot for offline use:

Admin Guide
Upgrade Guide
Install Guide

This single package contains the Core and components needed to deploy the server-side infrastructure supporting Windows 8.1 and Server 2012 R2 and includes Director, Studio, Delivery Controller, Virtual Delivery Agent, Personal vDisk, Universal Print Server, Receiver and StoreFront, Profile Management, HDX, Migration tool, License Server and CloudBridge (Branch Repeater) plug in.

//Richard

Performance Tuning Citrix Storefront 2.x – #Citrix, #StoreFront via @PeterSmali

February 3, 2014 1 comment

Another great blog post from my colleague Peter Smali!

Performance Tuning Citrix Storefront 2.x

First of all I would like to thank Sandbu who came up with an extra performance tuning trick that I have been testing for a while now.
In this post I’ll be demonstrating an updated version of Sandbu’s due some small changes since the introduction of Citrix Storefront 2.x

As we all are aware of, Citrix Storefront is fully dependent on IIS to work, but it is really suffering of some perfromance issues that surely most of us who have been testing or implementing it are aware of. So Let’s give Storefront a new perfromance birth by doing the following
Attention! Take a backup of all files you are going to modify before doing this! And Remember that Citrix Systems does not support this!!

1. Enable Socket Pooling (pooledSockets=”on”)

Open your C:\inetpub\wwwroot\Citrix\Storename\Webweb.config file as administrator and chenge pooledSockets=”off” to pooledSockets=”on”
By enabling socket pooling, Storefront maintaines a pool of sockets instead of creating a new socket each time a new user connects to Storefront, this will give a better performance for SSL based traffic.

2. Changing the application pool to always running (Windows Server 2008 R2)

If you are running Storefront on Windows Server 2012, there is already a new feature implemented in IIS called always running on the application pools but if you are still Windows Server 2008 R2 as I do then you need to do some manual changes…

But if you are still running Windows Server 2008, then you need to do the following:

2.1 Download and install Application Initialization Module for IIS 7.5. A reboot may be required to finish the installation process…

2.2 Open the C:\Windows\System32\inetsrv\config\applicationHost.config on the storefront server as administrator and locate the following setting <configuration><system.applicationHost><applicationPools> and add thealways running paramter startMode=”AlwaysRunning” on each of following application pools

•Citrix Delivery Services Authentication
•Citrix Delivery Services Resources
•Citrix Receiver for Web
•Citrix Delivery Services

The result may look like this:

add name=”Citrix Delivery Services Authentication” autoStart=”true” managedRuntimeVersion=”v2.0″ managedPipelineMode=”Integrated” startMode=”AlwaysRunning”>

2.3 Now locate <configuration>…

Continue reading here!

And you can also check this tuning blog post:

Finetuning a Citrix StoreFront deployment

And also ensure that you intelligently load balance your XML brokers, my suggestion is to use content switching in combination with load balancing to get a more optimal solution in place.

Ensure that you DON’T use FQDN’s when you add the XML broker name into the Delivery Controllers config of the StoreFront Store!! Use NetBIOS names, and NOT like farm1.company.com, rather specify “farm1″ and then ensure that the StoreFront server can resolve “farm1″ to your CS VIP, that will speed enumeration up a lot due to that StoreFront first checks via NetBIOS/WINS which isn’t that optimal!

Content Switching instead of Load balancing of XenApp XML brokers? – #XenApp #NetScaler #CS #LB

Happy StoreFront’ing!

//Richard

How to: Create Desktop Appliance site on StoreFront – #Citrix, #StoreFront, #ThinClient

February 3, 2014 4 comments

I guess that some of you out there by now are using Thin Clients and some are using Desktop Appliance site functionality in the old Web Interface for these thin clients that are XenApp- or XenDesktop-ready.

So now you have or are thinking on how to setup this on StoreFront!

Citrix has A LOT of work to do in order to ensure that StoreFront becomes a stable and enterprise ready! There are so many tweaks and configurations needed in config files etc. that just isn’t ok! Add them into the console! It’s not hard, even I could code in some menus, forms windows and trigger the underlying PowerShell scripts!

But back to the topic, how do we configure Desktop Appliance site in StoreFront? Well, first we need to have a look at the following edocs articles that explain how to do it:

Desktop Appliance sites – And the most important in this article is the bottom that details WHAT DOESN’T WORK!

Important considerations

Desktop Appliance sites are intended for local users on the internal network accessing desktops from non-domain-joined desktop appliances. When you decide whether to use Desktop Appliance sites to provide users with access to your stores, consider the following restrictions.

  • If you plan to deploy domain-joined desktop appliances and repurposed PCs, do not configure them to access stores through Desktop Appliance sites. Instead, configure Citrix Receiver with the XenApp Services URL for the store. For more information, see XenApp Services URLs.
  • Desktop Appliance sites do not support connections from remote users outside the corporate network. Users logging on to NetScaler Gateway cannot access Desktop Appliance sites.

How do you release this and don’t support connecting through a NetScaler Gateway? Then you miss the whole point of SmartAccess, you cannot trigger EPA (host checks) for instance to control ICA/HDX features like drive mapping etc. internally. And you cannot have thin clients on the Internet that connects into the enterprise through NetScaler Gateway! 

Next you should read this article that details the PowerShell madness 😉

Configure Desktop Appliance sites

I won’t go into details of the article above but rather show you how it’s done and with some examples of arguments to pass to the PowerShell scripts.

Step one is to log on to your StoreFront server, and just to show you our current setup is that we have one Receiver for Web (RfW) sites used for browser access into StoreFront:

Receiver_for_Web_site

From a Store perspective you can see that we have one (1) store that the RfW site exposes:

StoreFront_Store Read more…

#Citrix #StoreFront subscription database replication, #GSLB, #NetScaler

January 13, 2014 Leave a comment

Ok, so we’ve all started to use StoreFront (or have U?) and find out that there are A LOT of things that you have to do in order to get it to work as you most probably want it to.

This post is more around how you ensure that the StoreFront architecture supports an enterprise with multiple sites while still having a concistent end-user experience.

Just imagine that you’ve built your architecture out in a true high availability manner with global server load balancing across all products used in the stack to deliver your Windows apps and desktops to your end-users. It may look something similar to this:

overall_storefront_nsg_GSLB_architecture

In this view you can see that we’ve setup GSLB to ensure that external (Internet) connected users  and devices are being connected to a NetScaler Gateway vServer in either London or Miami, and from there the NetScaler and the session profile that communicates with StoreFront (SF1 and 2 in each site) is also load balanced using GSLB to ensure high availability. So everything seems good, right! But no… consider that you as an end-user is being connected to the Miami site and that StoreFront group that has a subscription database containing all the apps and desktops etc. that you have selected and added to your workspace.  You will see all these icons by default now when you login to Miami, but you will not see them in the case Miami goes down for some reason or if you travel to London and then gets connected to that StoreFront group as I try to show by this picture:

No-StoreFront-Replication

Read more…

%d bloggers like this: