Archive
Performance Tuning Citrix Storefront 2.x – #Citrix, #StoreFront via @PeterSmali
Another great blog post from my colleague Peter Smali!
Performance Tuning Citrix Storefront 2.x
First of all I would like to thank Sandbu who came up with an extra performance tuning trick that I have been testing for a while now.
In this post I’ll be demonstrating an updated version of Sandbu’s due some small changes since the introduction of Citrix Storefront 2.x
As we all are aware of, Citrix Storefront is fully dependent on IIS to work, but it is really suffering of some perfromance issues that surely most of us who have been testing or implementing it are aware of. So Let’s give Storefront a new perfromance birth by doing the following
Attention! Take a backup of all files you are going to modify before doing this! And Remember that Citrix Systems does not support this!!
1. Enable Socket Pooling (pooledSockets=”on”)
Open your C:\inetpub\wwwroot\Citrix\Storename\Webweb.config file as administrator and chenge pooledSockets=”off” to pooledSockets=”on”
By enabling socket pooling, Storefront maintaines a pool of sockets instead of creating a new socket each time a new user connects to Storefront, this will give a better performance for SSL based traffic.
2. Changing the application pool to always running (Windows Server 2008 R2)
If you are running Storefront on Windows Server 2012, there is already a new feature implemented in IIS called always running on the application pools but if you are still Windows Server 2008 R2 as I do then you need to do some manual changes…
But if you are still running Windows Server 2008, then you need to do the following:
2.1 Download and install Application Initialization Module for IIS 7.5. A reboot may be required to finish the installation process…
2.2 Open the C:\Windows\System32\inetsrv\config\applicationHost.config on the storefront server as administrator and locate the following setting <configuration><system.applicationHost><applicationPools> and add thealways running paramter startMode=”AlwaysRunning” on each of following application pools
•Citrix Delivery Services Authentication
•Citrix Delivery Services Resources
•Citrix Receiver for Web
•Citrix Delivery Services
The result may look like this:
add name=”Citrix Delivery Services Authentication” autoStart=”true” managedRuntimeVersion=”v2.0″ managedPipelineMode=”Integrated” startMode=”AlwaysRunning”>
2.3 Now locate <configuration>…
Continue reading here!
And you can also check this tuning blog post:
Finetuning a Citrix StoreFront deployment
And also ensure that you intelligently load balance your XML brokers, my suggestion is to use content switching in combination with load balancing to get a more optimal solution in place.
Ensure that you DON’T use FQDN’s when you add the XML broker name into the Delivery Controllers config of the StoreFront Store!! Use NetBIOS names, and NOT like farm1.company.com, rather specify “farm1″ and then ensure that the StoreFront server can resolve “farm1″ to your CS VIP, that will speed enumeration up a lot due to that StoreFront first checks via NetBIOS/WINS which isn’t that optimal!
Content Switching instead of Load balancing of XenApp XML brokers? – #XenApp #NetScaler #CS #LB
Happy StoreFront’ing!
//Richard
#Amazon WorkSpaces – “#VDI” cloud service – #VDI, #BYOD
This is an interesting offering from Amazon! I however don’t like that everyone talks about the “VDI” concept all the time.. this is based on Windows server with Desktop Experience and not a client OS.
Amazon WorkSpaces is a fully managed desktop computing service in the cloud. Amazon WorkSpaces allows customers to easily provision cloud-based desktops that allow end-users to access the documents, applications and resources they need with the device of their choice, including laptops, iPad, Kindle Fire, or Android tablets. With a few clicks in the AWS Management Console, customers can provision a high-quality desktop experience for any number of users at a cost that is highly competitive with traditional desktops and half the cost of most virtual desktop infrastructure (VDI) solutions.
WorkSpace Bundles
Amazon WorkSpaces offers a choice of service bundles providing different hardware and software options to meet your needs. You can choose from the Standard or Performance family of bundles that offer different CPU, memory, and storage resources, based on the requirements of your users. If you would like to launch WorkSpaces with more software already pre-installed (e.g., Microsoft Office, Trend Micro Anti-Virus, etc.), you should choose the Standard Plus or Performance Plus options. If you don’t need the applications offered in those bundles or you would like to use software licenses for some of the applications in the Standard Plus or Performance Plus options that you’ve already paid for, we recommend the Standard or Performance bundles. Whichever option you choose, you can always add your own software whenever you like.
| WorkSpaces Bundle | Hardware Resources | Applications | Monthly Price |
| Standard | 1 vCPU, 3.75 GiB Memory, 50 GB User Storage | Utilities (Adobe Reader, Internet Explorer 9, Firefox, 7-Zip, Adobe Flash, JRE) | $35 |
| Standard Plus | 1 vCPU, 3.75 GiB Memory, 50 GB User Storage | Microsoft Office Professional 2010, Trend Micro Anti-Virus, Utilities (Adobe Reader, Internet Explorer 9, Firefox, 7-Zip, Adobe Flash, JRE) | $50 |
| Performance | 2 vCPU, 7.5 GiB Memory, 100 GB User Storage | Utilities (Adobe Reader, Internet Explorer 9, Firefox, 7-Zip, Adobe Flash, JRE) | $60 |
| Performance Plus | 2 vCPU, 7.5 GiB Memory, 100 GB User Storage | Microsoft Office Professional 2010, Trend Micro Anti-Virus, Utilities (Adobe Reader, Internet Explorer 9, Firefox, 7-Zip, Adobe Flash, JRE) | $75 |
All WorkSpaces Bundles provide the Windows 7 Experience to users (provided by Windows Server 2008 R2). Microsoft Office 2010 Professional includes Microsoft Excel 2010, Microsoft OneNote 2010, Microsoft PowerPoint 2010, Microsoft Word 2010, Microsoft Outlook 2010, Microsoft Publisher 2010 and Microsoft Access 2010.
How to: #Citrix #XenMobile 8.5 MAM upgrade! Part 2 – #StoreFront, #AppController, #NetScaler
Hi again!
If you haven’t read Part 1 then I highly recommend doing so prior to going directly to the upgrade that we’re covering in this post!
Prepare for a journey in this post about Citrix StoreFront upgrade, uninstallation, console and how messy it could be! NOT all the time, sometimes it “just works”! 😉
My little NetScaler is already upgraded to 10.1 so unfortunately I couldn’t take you on that journey as well, so we’ll start with the StoreFront upgrade from 1.2 to 2.0 in this post. These are the steps that we need to cover as highlighted in the migration guide that seems very short and straight forward:
Upgrade StoreFront 1.2 to 2.0.
- Logon to the StoreFront server console.
- Upgrade StoreFront by running the StoreFront 2.0 installer as an administrator.
- When the upgrade is completed, open StoreFront administration snap-in, remove CloudGateway controller from each store as this will be moved in the migration solution.
- Open NetScaler Gateway Properties and for each gateway defined and change the version field in settings from 9.x to 10.0.x or later.
- Test the configuration by logging on through web browser or Citrix Receiver.
- Verify if the users are able to login and authenticate to StoreFront defined stores configured.
Is it this easy?
Ok, I’ve downloaded the 2.0 installer, and I’m logged on to the server.
Before we even start the upgrade there are things that could go wrong in removal or upgrades of StoreFront. And one that I’ve seen cause a lot of headache for a lot of people out there is that they have the Windows Firewall service disabled. Though the installation and removal wants to delete or add these rules the installation will fail unless this service is running. As you can see in this picture below you see the FW rule added in StoreFront 1.2:
So let’s verify that the Windows FW service is started, and it is!
I’ll now start the installation by double-clicking the StoreFront 2.0 installer!
What is this popup that came directly after starting the installer?
Wait, ok so you guys at Citrix couldn’t ask me whether you could do this for me? My plan is to upgrade, so please just add a little step in your upgrade program that does this for me… change request #1 for the next SF release and it’s upgrade process! Verify pre-requisites or deal with them!
How To: #XenMobile #MDM 8.5 Deployment Part 1 and 2: Installation – via @AdamInTheCloud
Wow, it’s like Adam read my mind, I’m doing the same kind of blog post series but for a XenMobile MAM deployment! Will post part 2 of the MAM series later tonight (once it’s done, waiting on some StoreFront issues to solve and I’m getting there!)
But in the meantime have a look at this great series by Adam! Great job Adam!!!
How To: XenMobile MDM 8.5 Deployment Part 1: Installation
n late 2012 Citrix announced they had purchased a 7-year-old startup company called Zenprise that was a hot player in the mobile device security market. Up until that time, Citrix was positioning for that sector with its CloudGateway Enterprise product and focusing mostly on apps and data management..not really the device. Zenprise helped them flesh out their offering, which is now known as “XenMobile”. Although it’s gone through a few iterations it has finally reached a final “form” if you will of three editions: MDM, App, and Enterprise.
The purpose of this article series will be to walk through the installation and basic setup of the MDM (Mobile Device Management) Edition which focuses almost exclusively on managing the device, and not necessarily so much the data or apps. Although it is capable of application pushes and the like… a feature comparison can be found on Citrix’ website HERE. I encourage you to view that. One major difference to note is MDM does not sandbox apps/data, but App Edition does, and Enterprise Edition can.
In researching this product for some internal training we are currently going through it became pretty apparent there is very little information out there on it, and if there is its unfortunately outdated because the product has been rapidly evolving over the first half of the year. In this series of blog articles I will go over how to deploy a single instance of XenMobile 8.5 MDM on an internal network, configure basic policies and rules, and apply them to your devices.
If you would like to read the other parts in this article series please go to:
This, unfortunately is the most boring part of MDM which is the install…but I would be remiss by not going over it for some of you that “have to see” it. So lets get to it so we can get on to the more exciting stuff!
First: Pre-req’s. All of this is straight from eDocs, I’m not reinventing the wheel here.
- MDM 8.5 needs to go on a 2008 R2 or 2012 server.
- Setup an active directory service account and make it a local admin on the MDM server
- Disable IPv6 (not via registry, just uncheck the box)
- UAC disabled
- Firewall disabled (this is my preference..I disable server firewalls but you’re welcome to do as you wish)
- Your service account needs permissions creator/owner/read/write on your SQL server. I will not be using PostgreSQL.
- SQL 2005/2008/R2/2012 in your environment (Reference Architecture recommends SQL for production deployments, not PostgreSQL. See HERE)
- Java SE 7 Update 11 (dk-7u4-windows-x64.exe) installed on the server
- Java Cryptography Extension (JCE) USJP 7 on the serverExternal DNS record such as mobile.mydomain.com
- To install the Java Cryptography Extension
- Install Java SE 7u11
- Open the JCE zip file and copy local_policy.jar and US_export_policy.jar to your computer desktop.
- Navigate to the folder /java/jdk1.7.0_x/jre/lib/security and copy the files from Step 2 to this folder.
- To install the Java Cryptography Extension
- Obtain an Apple….
Continue reading part 1 here and part 2 here!
//Richard
#Citrix Knowledge Center Top 10 – March 2013
Citrix Support is focused on ensuring Customer and Partner satisfaction with our products.
One of our initiatives is to increase the ability of our Partners and Customers to leverage self-service avenues via our Knowledge Center.
Find below the Citrix Knowledge Center Top 10 for March 2013.
Top 10 Technical Articles
| Article Number | Article Title |
|---|---|
| CTX129229 | Recommended Hotfixes for XenApp 6.0 and Later on Windows Server 2008 R2 |
| CTX129082 | Application Launch Fails with Web Interface using Internet Explorer 9 |
| CTX804493 | Users Prompted to Download ICA File, Launch.ica, Instead of Launching the Connection |
| CTX132875 | Citrix Receiver Error 2320 |
| CTX105793 | Error: Cannot connect to the Citrix server. Protocol Driver Error |
| CTX127030 | Citrix Guidelines for Antivirus Software Configuration |
| CTX115637 | Citrix Multi-Monitor Configuration Settings and Reference |
| CTX133997 | Citrix Receiver 3.x – Issues Fixed in This Release |
| CTX325140 | Manually and Safely Removing Files after Uninstalling the Receiver for Windows |
| CTX101644 | Seamless Configuration Settings |
Top 10 Whitepapers
| Article Number | Article Title |
|---|---|
| CTX131577 | XenApp 6.x (Windows 2008 R2) – Optimization Guide |
| CTX132799 | XenDesktop and XenApp Best Practices |
| CTX101997 | Citrix Secure Gateway Secure Ticket Authority Frequently Asked Questions |
| CTX136546 | Citrix Virtual Desktop Handbook 5.x |
| CTX136547 | StoreFront Planning Guide |
| CTX133185 | Citrix CloudGateway Express 2.0 – Implementation Guide |
| CTX129761 | XenApp Planning Guide – Virtualization Best Practices |
| CTX134081 | Planning Guide – Citrix XenApp and XenDesktop Policies |
| CTX130888 | Technical Guide for Upgrading/Migrating to XenApp 6.5 |
| CTX122978 | XenServer: Understanding Snapshots |
Top 10 Hotfixes
| Article Number | Article Title |
|---|---|
| CTX136714 | Hotfix XS61E016 – For XenServer 6.1.0 |
| CTX132122 | Hotfix Rollup Pack 1 for Citrix XenApp 6.5 for Microsoft Windows Server 2008 R2 |
| CTX126653 | Citrix Online Plug-in 12.1.44 for Windows with Internet Explorer 9 Support |
| CTX136483 | Hotfix XS61E014 – For XenServer 6.1.0 |
| CTX133882 | Hotfix Rollup Pack 2 for Citrix XenApp 6 for Microsoft Windows Server 2008 R2 |
| CTX133066 | 12.3 Online Plug-In – Issues Fixed in This Release |
| CTX136253 | Hotfix XS61E010 – For XenServer 6.1.0 |
| CTX136482 | Hotfix XS61E013 – For XenServer 6.1.0 |
| CTX136085 | Hotfix XA650R01W2K8R2X64061 – For Citrix XenApp 6.5 |
| CTX136674 | Hotfix XS61E012 – For XenServer 6.1.0 |
Top 10 Presentations
| Article Number | Article Title |
|---|---|
| CTX135521 | TechEdge Barcelona 2012 PowerPoint and Video Presentations – Reference List |
| CTX129669 | TechEdge 2011 – Overview of XenServer Distributed Virtual Switch/Controller |
| CTX121090 | Planning and implementing a Provisioning Server high availability (HA) solution |
| CTX133375 | TechEdge 2012 PowerPoint and Video Presentations – Reference List |
| CTX135356 | TechEdge Barcelona 2012 – Understanding and Troubleshooting ICA Session Initialisation |
| CTX135358 | TechEdge Barcelona 2012 – XenDesktop Advanced Troubleshooting |
| CTX133374 | TechEdge 2012 – Monitoring your NetScaler Traffic with AppFlow |
| CTX135361 | Troubleshooting Tools: How to Isolate and Resolve Issues in your XA and XD Env Rapidly |
| CTX135360 | TechEdge Barcelona 2012 – Planning, Implementing and Troubleshooting PVS 6.x |
| CTX135357 | TechEdge Barcelona 2012 – Implementing and Troubleshooting SF and Rec for Windows |
Top 10 Tools
| Article Number | Article Title |
|---|---|
| CTX122536 | Citrix Quick Launch |
| CTX135075 | Citrix Diagnostics Toolkit – 64bit Edition |
| CTX130147 | Citrix Scout |
| CTX111961 | CDFControl |
| CTX106226 | Repair Clipboard Chain 2.0.1 |
| CTX109374 | StressPrinters 1.3.2 for 32-bit and 64-bit Platforms |
| CTX124406 | StressPrinters 1.3.2 for 32-bit and 64-bit Platforms |
| CTX113472 | Citrix ICA File Creator |
| CTX123278 | XDPing Tool |
Continue reading here!
//Richard
Vulnerability in Remote Desktop Client – #RDS
Microsoft Security Bulletin MS13-029 – Critical
Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)
Published: Tuesday, April 09, 2013 | Updated: Wednesday, April 10, 2013
Version: 1.1
This security update resolves a privately reported vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user views a specially crafted webpage. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for Remote Desktop Connection 6.1 Client, Remote Desktop Connection 7.0 Client, and Remote Desktop Connection 7.1 Client where affected on Windows XP, Windows Vista, and Windows 7. It is rated Moderate for Remote Desktop Connection 6.1 Client, Remote Desktop Connection 7.0 Client, and Remote Desktop 7.1 Client where affected on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerability by modifying the way that Remote Desktop Client handles objects in memory. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Recommendation. Most customers have automatic updating enabled…
Continue reading here!
//Richard
SP1 for Windows 7 and for Windows Server 2008 R2 available
Service Pack 1 (SP1) for Windows 7 and for Windows Server 2008 R2 is now available. This service pack is an update to Windows 7 and to Windows Server 2008 R2 that addresses customer and partner feedback.
SP1 for Windows 7 and for Windows Server 2008 R2 is a recommended collection of updates and improvements to Windows that are combined into a single installable update.
Windows 7 SP1 can help make your computer safer and more reliable. Windows Server 2008 R2 SP1 provides a comprehensive set of innovations for enterprise-class virtualization. This includes new virtualization capabilities with Dynamic Memory and Microsoft RemoteFX.
Consumer end-users can find general information about Windows 7 SP1 at the following Microsoft website:
The IT Melting Pot! 