Archive
How to monitor your Internet facing service globally – #Azure, #ApplicationInsights, #Citrix, #NetScaler, #EnvokeIT
Hi again all!
It’s been quite a long time since I wrote a blog post.. I’ve just been too busy working! 🙂
But this is a really cool capability that I think that many of you will like, how often do your company or service provider have a good way of monitoring availability, performance etc. from the public Internet? And if they do then most of the time the larger service providers will build a service and install their own probes on different geographical locations and then they charge quite a lot for this service, and every time you change your application the charge you again for modifying the scripts that the probes use etc.
What I’ve tried and now think is going to be great for both smaller and larger organisations is the Azure Application Insights service. It’s really great and can assist with just this, it’s a service that microsoft provide from their locations globally where you can test your apps in Azure or course but also any web site out there on the Internet. And it doesn’t stop there, you can also use the server installer to also provide metrics from your Windows IIS server up to Azure to get more detailed statistics about the web server itself and requests etc.
Just think about how much it would take for you to setup monitoring from APAC, Americas and Europe for your NetScaler environment.. that would not be done in 10 minutes if you talk to your standard service provider. It took me 10 minutes to setup this reporting to ensure that the NetScaler is available from different locations around the world:
And this is just a simple url ping test to ensure that we get a proper 200 OK response from our EnvokeIT Lab environment that my colleague Björn have setup and modified so nicely with the X1 StoreFront look & feel.
Of course you can make a more proper test than just a url ping test like in this case, the service supports multi-step tests and also content matching etc. It’s also very easy to create one application/service that then consists of multiple locations that you want to monitor, for instance if you’re using GSLB FQDNs as well as regional to ensure that you get the full picture.
More information about what can be done you can find on the Azure Application Insights page. Read more…
#Citrix #StoreFront 2.5.2 is released – #DaaS, #XenDesktop, #XenApp
Citrix has released Citrix StoreFront 2.5.2 with some good fixes…
Issues fixed in StoreFront 2.5.x
Updated: 2014-06-18
Issues fixed in StoreFront 2.5.2
Fail to launch a XenApp session from the second delivery site.
The StoreFront server had problems with load balancing between two XenApp farms. When the first farm was completely loaded, StoreFront did not use the second farm and the application launch failed. [#432279]
Enhanced enumeration fails with socket pooling enabled.
Enumeration failed for two or more farms when socket pooling was enabled in the store configuration file. [#470666 and #458139]
Issues with finding the domain controller for a domain.
Slow logon times occurred when geographically distant domain controllers were chosen. [#479210]
Submitting the logon form after the authentication service session timed out results in an HTTP 400 Bad Request.
When the logon form was submitted after the authentication service session timed out, an HTTP 400 Bad Request response was generated preventing the user’s credentials from being resubmitted. [#479200]
Directory queries are not thread-safe.
Citrix default Domain Services crashed because the Directory services account look-up was not thread-safe. [#479188]
Issues fixed from StoreFront 2.1 to 2.5
Changing an expired password on next logon fails.
When prompted to change a password, client domain users using Windows would not be able to successfully change their passwords because of Windows Server 2003 domain controllers failing to handle the operation correctly. Microsoft has issued an update that resolves this problem. The update is available via Windows Update or may be downloaded from Microsoft support directly at http://support.microsoft.com/kb/2927811. [#438725]
A user with a large number of subscriptions loses the ability to manage subscriptions.
When logging on, users with 353 or more automatic app subscriptions would receive the following error: “Citrix Receiver cannot currently add, remove, or reposition apps.” [#432086]
The wrong user name is sometimes shown.
Clients would erroneously display a different username. [#430823]
PNA resource IDs do not match requirements of local launch logic.
PNA resources from XenApp were in a format different than StoreFront’s usage. This inconsistency led to slower performance due to excessive ICA connections.[#429055]
Partial wildcard certificates cause issues in the admin console.
The admin console would improperly display configured host names from the IIS bound certificates. [#424708]
Change password option is not available for some users.
Some users were not given the option to reset their password even though they were enabled to do so. [#416373]
Subscription export/import loses subscription properties.
StoreFront was not properly maintaining multiple subscription properties. [#408668]
DAC smart card authentication updated to use domain account services rather than IIS certificate mapping.
Desktop Appliance Connector certificate authentication with smart cards required manual configuration with IIS certificate mappings rather than using the default domain account services. [#406945]
A SAN web server certificate with no CN causes issues for the admin console.
StoreFront admin console was improperly handling common name entries in certificates which would cause console crashes.[#401815]
StoreFront home farms support gives a user access to all farms when they should have access to none.
When a user was configured without access to any farms, all farms were enumerated for that user.[#400869]
The admin console being closed would overwrite some manually applied changes made to the configuration file.
Some manual configuration changes were being lost when the admin console was closed. [#440946, #424460, #439887, #395155]
#XenMobile and the #Citrix Mobile Workspaces Architecture – #BYOD
This is a great blog post by Christopher Campbell and good picture to show the overall capabilities and architecture of the Citrix offering!
You’ve heard us talk about Mobile Workspaces and if you’re a techie you’re probably wondering if Citrix really has the architectural components (a complete, comprehensive and fully integrated architecture) that can deliver any app and data to any user on any device over any network?
Well let’s first identify a few of the market leading technologies that make up the Citrix Mobile Workspaces solution:
- XenApp mobilizes and secures Windows apps on any device
- XenDesktop securely delivers virtual Windows desktops and apps on any device
- XenMobile manages and secures mobile, web and SaaS apps on mobile devices
- GoToMeeting empowers people to meet and collaborate with anyone, anywhere
- ShareFile shares and syncs corporate data securely from any location
- NetScaler optimizes and secures app delivery and on any network
- CloudPlatform orchestrates and provisions apps, desktops and IT services from any cloud
OK, OK. We know you have the products but do they really integrate?
Yes. Don’t believe me? Well as they say a picture is worth a thousand words. This is what the Mobile Workspace Architecture looks like.
OK. I get it. You have the architecture but that doesn’t necessarily translate to a seamless user experience.
Still don’t believe huh? Well this is what the user experience looks like.
XenMobile is a key ingredient in delivering a mobile workspace. Along with XenApp and XenDesktop it allows organizations to deliver on giving users access to any app from any device. In fact, if you’re an existing XenApp or XenDesktop customer, XenMobile seamlessly plugs into your existing architecture.
If you’re a XenDesktop or XenApp customer this is what your environment probably looks like.
Now this is what you need to enable EMM for BYO and COPE (Corporate Owned, Personally Enabled) devices and add that MDM, MAM, Secure Email, Secure Data…
Continue reading here!
//Richard
#Citrix #XenApp and #XenDesktop 7.5 is released
Finally it’s released, just go and download and enjoy (hopefully)! 😉
https://www.citrix.com/downloads/xendesktop/product-software/xendesktop-75-platinum.html
Documentation is available online in Citrix eDocs. Keeping in mind that the online documentation will be periodically updated, you may also download a PDF file with a current snapshot for offline use:
Admin Guide
Upgrade Guide
Install Guide
This single package contains the Core and components needed to deploy the server-side infrastructure supporting Windows 8.1 and Server 2012 R2 and includes Director, Studio, Delivery Controller, Virtual Delivery Agent, Personal vDisk, Universal Print Server, Receiver and StoreFront, Profile Management, HDX, Migration tool, License Server and CloudBridge (Branch Repeater) plug in.
//Richard
Performance Tuning Citrix Storefront 2.x – #Citrix, #StoreFront via @PeterSmali
Another great blog post from my colleague Peter Smali!
Performance Tuning Citrix Storefront 2.x
First of all I would like to thank Sandbu who came up with an extra performance tuning trick that I have been testing for a while now.
In this post I’ll be demonstrating an updated version of Sandbu’s due some small changes since the introduction of Citrix Storefront 2.x
As we all are aware of, Citrix Storefront is fully dependent on IIS to work, but it is really suffering of some perfromance issues that surely most of us who have been testing or implementing it are aware of. So Let’s give Storefront a new perfromance birth by doing the following
Attention! Take a backup of all files you are going to modify before doing this! And Remember that Citrix Systems does not support this!!
1. Enable Socket Pooling (pooledSockets=”on”)
Open your C:\inetpub\wwwroot\Citrix\Storename\Webweb.config file as administrator and chenge pooledSockets=”off” to pooledSockets=”on”
By enabling socket pooling, Storefront maintaines a pool of sockets instead of creating a new socket each time a new user connects to Storefront, this will give a better performance for SSL based traffic.
2. Changing the application pool to always running (Windows Server 2008 R2)
If you are running Storefront on Windows Server 2012, there is already a new feature implemented in IIS called always running on the application pools but if you are still Windows Server 2008 R2 as I do then you need to do some manual changes…
But if you are still running Windows Server 2008, then you need to do the following:
2.1 Download and install Application Initialization Module for IIS 7.5. A reboot may be required to finish the installation process…
2.2 Open the C:\Windows\System32\inetsrv\config\applicationHost.config on the storefront server as administrator and locate the following setting <configuration><system.applicationHost><applicationPools> and add thealways running paramter startMode=”AlwaysRunning” on each of following application pools
•Citrix Delivery Services Authentication
•Citrix Delivery Services Resources
•Citrix Receiver for Web
•Citrix Delivery Services
The result may look like this:
add name=”Citrix Delivery Services Authentication” autoStart=”true” managedRuntimeVersion=”v2.0″ managedPipelineMode=”Integrated” startMode=”AlwaysRunning”>
2.3 Now locate <configuration>…
Continue reading here!
And you can also check this tuning blog post:
Finetuning a Citrix StoreFront deployment
And also ensure that you intelligently load balance your XML brokers, my suggestion is to use content switching in combination with load balancing to get a more optimal solution in place.
Ensure that you DON’T use FQDN’s when you add the XML broker name into the Delivery Controllers config of the StoreFront Store!! Use NetBIOS names, and NOT like farm1.company.com, rather specify “farm1″ and then ensure that the StoreFront server can resolve “farm1″ to your CS VIP, that will speed enumeration up a lot due to that StoreFront first checks via NetBIOS/WINS which isn’t that optimal!
Content Switching instead of Load balancing of XenApp XML brokers? – #XenApp #NetScaler #CS #LB
Happy StoreFront’ing!
//Richard
How to: Create Desktop Appliance site on StoreFront – #Citrix, #StoreFront, #ThinClient
I guess that some of you out there by now are using Thin Clients and some are using Desktop Appliance site functionality in the old Web Interface for these thin clients that are XenApp- or XenDesktop-ready.
So now you have or are thinking on how to setup this on StoreFront!
Citrix has A LOT of work to do in order to ensure that StoreFront becomes a stable and enterprise ready! There are so many tweaks and configurations needed in config files etc. that just isn’t ok! Add them into the console! It’s not hard, even I could code in some menus, forms windows and trigger the underlying PowerShell scripts!
But back to the topic, how do we configure Desktop Appliance site in StoreFront? Well, first we need to have a look at the following edocs articles that explain how to do it:
Desktop Appliance sites – And the most important in this article is the bottom that details WHAT DOESN’T WORK!
Important considerations
Desktop Appliance sites are intended for local users on the internal network accessing desktops from non-domain-joined desktop appliances. When you decide whether to use Desktop Appliance sites to provide users with access to your stores, consider the following restrictions.
- If you plan to deploy domain-joined desktop appliances and repurposed PCs, do not configure them to access stores through Desktop Appliance sites. Instead, configure Citrix Receiver with the XenApp Services URL for the store. For more information, see XenApp Services URLs.
- Desktop Appliance sites do not support connections from remote users outside the corporate network. Users logging on to NetScaler Gateway cannot access Desktop Appliance sites.
How do you release this and don’t support connecting through a NetScaler Gateway? Then you miss the whole point of SmartAccess, you cannot trigger EPA (host checks) for instance to control ICA/HDX features like drive mapping etc. internally. And you cannot have thin clients on the Internet that connects into the enterprise through NetScaler Gateway!
Next you should read this article that details the PowerShell madness 😉
Configure Desktop Appliance sites
I won’t go into details of the article above but rather show you how it’s done and with some examples of arguments to pass to the PowerShell scripts.
Step one is to log on to your StoreFront server, and just to show you our current setup is that we have one Receiver for Web (RfW) sites used for browser access into StoreFront:
From a Store perspective you can see that we have one (1) store that the RfW site exposes:
#Citrix #StoreFront subscription database replication, #GSLB, #NetScaler
Ok, so we’ve all started to use StoreFront (or have U?) and find out that there are A LOT of things that you have to do in order to get it to work as you most probably want it to.
This post is more around how you ensure that the StoreFront architecture supports an enterprise with multiple sites while still having a concistent end-user experience.
Just imagine that you’ve built your architecture out in a true high availability manner with global server load balancing across all products used in the stack to deliver your Windows apps and desktops to your end-users. It may look something similar to this:
In this view you can see that we’ve setup GSLB to ensure that external (Internet) connected users and devices are being connected to a NetScaler Gateway vServer in either London or Miami, and from there the NetScaler and the session profile that communicates with StoreFront (SF1 and 2 in each site) is also load balanced using GSLB to ensure high availability. So everything seems good, right! But no… consider that you as an end-user is being connected to the Miami site and that StoreFront group that has a subscription database containing all the apps and desktops etc. that you have selected and added to your workspace. You will see all these icons by default now when you login to Miami, but you will not see them in the case Miami goes down for some reason or if you travel to London and then gets connected to that StoreFront group as I try to show by this picture:
#XenDesktop 7.1 Service Template Tech Preview for System Center 2012 Virtual Machine Manager – #SCVMM
This is interesting! Really good and can’t wait to try it out!
Introduction
Let’s face it, installing distributed, enterprise-class virtual desktop and server based computing infrastructure is time consuming and complex. The infrastructure consists of many components that are installed on individual servers and then configured to work together. Traditionally this has largely been a manual, error prone process.
The Citrix XenDesktop 7.1 Service Template for System Center 2012 Virtual Machine Manager (SCVMM) leverages the rich automation capabilities available in Microsoft’s private cloud offering to significantly streamline and simplify the installation experience. The XenDesktop 7.1 Service Template enables rapid deployment of virtual app and desktop infrastructure on Microsoft System Center 2012 private clouds. This Tech Preview is available now and includes the latest 7.1 version of XenDesktop that supports Windows Server 2012 R2 and System Center 2012 R2 Virtual Machine Manager.
Key Benefits:
- Rapid Deployment – A fully configured XenDesktop 7.1 deployment that adheres to Citrix best practices is automatically installed in about an hour; a manual installation can take a day or more.
- Reduction of human errors and the unwanted consequences – IT administrators answer 9 questions about the XenDesktop deployment, including the VM Network to use, the domain to join, the SQL server used to host the database, the SCVMM server to host the desktops, and the administrative service accounts to connect to each of these resources. Once this information is entered, the Service Template automation installs the XenDesktop infrastructure the same way, every time, ensuring consistency and correctness.
- Reduction in cost of IT Operations – XenDesktop infrastructure consistently configured with automation is less costly to support because the configuration adheres to best practice standards.
- Free highly skilled and knowledgeable staff from repeatable and mundane tasks – A Citrix administrator’s time is better spent focused on ensuring that users get access to the applications they need, rather than lengthy production installation tasks.
- Simplified Eval to Retail Conversion – Windows Server 2012 and later, as well as XenDesktop 7.1, support conversion of evaluation product keys to retail keys. This means that a successful POC deployment of the XenDesktop 7.1 Service Template is easily converted to a fully supported and properly configured production deployment.
- Easy Scale-Out for greater capacity – SCVMM Service Templates support a scale-out model to increase user capacity. For example, as user demand increases additional XenDesktop Controllers and StoreFront servers are easily added with a few clicks and are automatically joined to the XenDesktop site.
The XenDesktop Service Templates were developed and tested with the support of our friends and partners at Dell, who, in support of the release of XenDesktop 7.1 and the Service Template technical preview, are expected to launch new and innovative solutions that include these and other automation capabilities this quarter. These solutions are based on the Dell DVS Enterprise for Citrix XenDesktop solutions.
Simplification of Distributed Deployments
The XenDesktop 7.1 in-box installation wizard is a fantastic user experience that automatically installs all the required prerequisites and XenDesktop components in under 30 minutes. The result is a fully installed XenDesktop deployment, all on a single server, that is excellent for POCs and product evaluations. The installation and configuration challenges occur when you want to install XenDesktop in production, with enterprise-class scalability, distributed across multiple servers.
Manual Installation Steps
Performance tuning #Citrix #Storefront – via @msandbu
Great article by Marius!
Read it and also have a look here at my previous post related to this: #Citrix #StoreFront Slowness, Join and Replication issue – check list!
This is something I wanted to write about for some time now, after the release of XenDesktop 7 but there are only 24 hours in one day so therefore I didn’t have the time before now 
But the purpose of this post is to really say that Storefront is slow…..
Don’t get me wrong it not about Citrix but the combination of Storefront and IIS that makes it a bit complex and therefore this makes it a bit slow.
Now there are a couple of tricks that can tune the perfomance.
Socket Pooling
In Web Interface you could enable it from the console, but in StoreFront we have to change it in the store config. By enabling socket pooling, Storefront maintaines a pool of sockets instead of creating a socket each time a new user connects, this will give a better performance for SSL based traffic.
You can enable this by opening the web.config file under C:\inetpub\wwwroot\Citrix\storename\
pooledSockets="off"
And Change this to “on” after that you have to do an IIS reset.
Application Initialization
(NOTE: Make sure you backup the config files before making alterations)
With Windows Server 2012 we have a new feature in IIS called always running on the application pools, this allowed for IIS to make everything ready after an application pool has restarted, before this the previous IIS was set to start loading after the first user tried to login after a restart. This caused the first user to login after an application pool has restarted to take loooong time to login. With Server 2012 IIS we can change the application pool to always running.
With 2008 R2 not so easy. But we can make it happen
First we need to download the application initialization feature from Microsoft
http://www.iis.net/downloads/microsoft/application-initialization
After that is done and installed…
Continue reading here!
//Richard
How to: #Citrix #XenMobile 8.5 MAM upgrade! Part 2 – #StoreFront, #AppController, #NetScaler
Hi again!
If you haven’t read Part 1 then I highly recommend doing so prior to going directly to the upgrade that we’re covering in this post!
Prepare for a journey in this post about Citrix StoreFront upgrade, uninstallation, console and how messy it could be! NOT all the time, sometimes it “just works”! 😉
My little NetScaler is already upgraded to 10.1 so unfortunately I couldn’t take you on that journey as well, so we’ll start with the StoreFront upgrade from 1.2 to 2.0 in this post. These are the steps that we need to cover as highlighted in the migration guide that seems very short and straight forward:
Upgrade StoreFront 1.2 to 2.0.
- Logon to the StoreFront server console.
- Upgrade StoreFront by running the StoreFront 2.0 installer as an administrator.
- When the upgrade is completed, open StoreFront administration snap-in, remove CloudGateway controller from each store as this will be moved in the migration solution.
- Open NetScaler Gateway Properties and for each gateway defined and change the version field in settings from 9.x to 10.0.x or later.
- Test the configuration by logging on through web browser or Citrix Receiver.
- Verify if the users are able to login and authenticate to StoreFront defined stores configured.
Is it this easy?
Ok, I’ve downloaded the 2.0 installer, and I’m logged on to the server.
Before we even start the upgrade there are things that could go wrong in removal or upgrades of StoreFront. And one that I’ve seen cause a lot of headache for a lot of people out there is that they have the Windows Firewall service disabled. Though the installation and removal wants to delete or add these rules the installation will fail unless this service is running. As you can see in this picture below you see the FW rule added in StoreFront 1.2:
So let’s verify that the Windows FW service is started, and it is!
I’ll now start the installation by double-clicking the StoreFront 2.0 installer!
What is this popup that came directly after starting the installer?
Wait, ok so you guys at Citrix couldn’t ask me whether you could do this for me? My plan is to upgrade, so please just add a little step in your upgrade program that does this for me… change request #1 for the next SF release and it’s upgrade process! Verify pre-requisites or deal with them!
The IT Melting Pot! 