Archive
Upgrading to #Citrix #Receiver for #Windows – why and how?
This is something that all Citrix admins should read! How many questions don’t U get about which version of the client to use and why etc?
This document describes the various versions of Receivers for Windows, lists the reasons for upgrading, and recommends best practices for upgrading to the latest version of Receiver based on specific circumstances.
Note: The Online Plug-in 12.x will reach end of its maintenance in March 2013. Customers using Online Plug-in with XenApp 5, XenApp 6.x, XenDesktop 4.x, or XenDesktop 5.x must upgrade to the latest version of Receiver for Windows 3.X prior to that date where practical.
Citrix Receiver is the latest Citrix software you install on Windows end points to gain access to virtualized apps and desktops. It is also regularly installed on virtual desktops to enable access to virtualized apps.
The name of Citrix client software and the built-in functions are changed over the years. The clients in common use today are the Online Plug-in for Windows 12.X and the Receiver for Windows 3.X.
Where the Online Plug-in for Windows 12.X provided Web and PNAgent support, Receiver for Windows 3.X provides additional support. It can be configured for self-service access to applications, VPN-less remote access, single sign-on the Windows, Web, and SaaS applications, and has a built-in method to check for updates.
Both the Online Plug-in and Receiver have two versions.
- The Online Plug-in Web is used solely for Web access to applications and the Online Plug-in (Full) supports Web access as well as PNA Services. The Full version supported SSO, Smart Cards, and access to apps through the Start menu
The standard Receiver for Windows, CitrixReceiver.exe, can be considered is a complete replacement for the Online Plug-in Web and largely a replacement for the Online Plug-in (Full). It can be used for web access. It can be configured to access PNA Services. And it can also be used with the latest versions of StoreFront, CloudGateway (App Controller), and Access Gateway to provide a rich set of services. It contains the latest, multithread, multi-stream HDX engine.
Host checks/EPA scans are not for everyone – #Citrix, #NetScaler, #AccessGateway
This is an interesting blog post from Citrix… It captures a scenario that I know one of my previous customers was thinking of, so have a look at it!
The main thing that think of when reading this though is that EPA scans are NOT for everyone, I agree. And please also read my earlier posts on why it cannot be done with todays products from Citrix.
#Citrix #SmartAccess = A complete story or not? – #NetScaler #AGEE #EPA
Even though the latest Receiver Receivers changed some scenarios and enables host checks/EPA scans it still doesn’t provide the full picture. But I’ll be publishing a more detailed picture on why later, some late night I’ll be able to complete it! 😉
Here you have the blog post from Tobias Frigger:
A customer of one of my Citrix Consulting colleagues recently came up with an interesting request.
Like many others they are using Citrix NetScaler’s Access Gateway Enterprise Edition module to grant remote secure remote access to applications and desktops.
Additionally, they use a client management and software distribution solution to deploy the EPA plugin to client computers and therefore wanted to suppress Access Gateway offering the EPA scan plugin for download through the browser. This introduces some additional level of control over which client is entitled to connect through Access Gateway.
An approach restricting certain user groups from logging in by using group memberships is a more common scenario, but in this case the customer intended to restrict the end points and not the users. When end users lack administrative permissions to install custom software, preventing the download is indeed an effective measure.
A job for Citrix Consulting!
As you know, Access Gateway Enterprise Edition offers two ways of running Endpoint Analysis (EPA) scans – before and after authentication. Consequently, there are two procedures.
The formal requirements
- Remove the download button displayed when accessing the AGEE virtual server and the plugin is not detected by the browser or if the plugin is outdated
- Alter the message text such that it refers user to contact their system administrator if they think the plugin should be installed.
- When using a post-authentication EPA scan, add a “logout” button.
Backup
As a precaution, we want to make backup copies…
Continue reading here!
//Richard
#Citrix Knowledge Center Top 10 – December 2012
Citrix Support is focused on ensuring Customer and Partner satisfaction with our products.
One of our initiatives is to increase the ability of our Partners and Customers to leverage self-service avenues via our Knowledge Center.
Find below the Citrix Knowledge Center Top 10 for December 2012.
Top 10 Technical Articles
| Article Number | Article Title |
|---|---|
| CTX129229 | Recommended Hotfixes for XenApp 6.0 and Later on Windows Server 2008 R2 |
| CTX129082 | Application Launch Fails with Web Interface using Internet Explorer 9 |
| CTX132875 | Citrix Receiver Error 2320 |
| CTX804493 | Users Prompted to Download ICA File, Launch.ica, Instead of Launching the Connection |
| CTX105793 | Error: Cannot connect to the Citrix server. Protocol Driver Error |
| CTX133997 | Citrix Receiver 3.x – Issues Fixed in This Release |
| CTX127030 | Citrix Guidelines for Antivirus Software Configuration |
| CTX101644 | Seamless Configuration Settings |
| CTX676151 | How to Install the Citrix ICA Web Clien |
| CTX325140 | Manually and Safely Removing Files that might remain on a System |
Top 10 Whitepapers
| Article Number | Article Title |
|---|---|
| CTX131577 | XenApp 6.x (Windows 2008 R2) – Optimization Guide |
| CTX132799 | XenDesktop and XenApp Best Practices |
| CTX101997 | Citrix Secure Gateway Secure Ticket Authority Frequently Asked Questions |
| CTX133185 | Citrix CloudGateway Express 2.0 – Implementation Guide |
| CTX129761 | XenApp Planning Guide – Virtualization Best Practices |
| CTX134943 | XenDesktop and XenApp Printing – Planning Guide |
| CTX122978 | XenServer: Understanding Snapshots |
| CTX134081 | Planning Guide – Citrix XenApp and XenDesktop Policies |
| CTX128277 | Logon Optimization Guide – XenApp/XenDesktop |
| CTX110351 | User Profile Best Practices for MetaFrame Presentation Server |
Top 10 Hotfixes
| Article Number | Article Title |
|---|---|
| CTX132122 | Hotfix Rollup Pack 1 for Citrix XenApp 6.5 for Microsoft Windows Server 2008 R2 |
| CTX126653 | Citrix Online Plug-in 12.1.44 for Windows with Internet Explorer 9 Support |
| CTX133066 | 12.3 Online Plug-In – Issues Fixed in This Release |
| CTX133882 | Hotfix Rollup Pack 2 for Citrix XenApp 6 for Microsoft Windows Server 2008 R2 |
| CTX135025 | Hotfix XA650R01W2K8R2X64033- For Citrix XenApp 6.5 for Windows Server 2008 R2 |
| CTX116550 | Credential Handling Weakness in Presentation Server Client for Windows |
| CTX135709 | Hotfix XS61E006 – For XenServer 6.1.0 |
Continue reading here!
//Richard
What’s new with Access Gateway MAC Plug-in release 2.1.4 – #Citrix, #AG, #Receiver
Another great blog post from Prashant! You rock! 😉
The new Citrix Access Gateway Appliance release 10.0.71.6014.e brings along with it the new MAC plug-in release 2.1.4. MAC OS, along with Microsoft Windows, are the two main desktop platforms supported by Citrix Access Gateway for full SSL Tunnel. The AG plug-in is most commonly used in tandem with Citrix Receiver, to provide access to your virtual applications and desktops, provided by XenApp & XenDesktop respectively. The Receiver and AG plug-in also work together to provide end users access to intranet web and SaaS resources via Citrix CloudGateway.
The new 2.1.4 plug-in brings the following new enhancements for Citrix Receiver users:
- Seamless Desktop Receiver experience: With this release of Access Gateway plug-in, end users will no longer have to sign into the plug-ins as a manual step, to access apps / sites that require a full SSL tunnel. Receivers automatically launch a SSL VPN session via Access Gateway as needed. Result is – end user just deals with Citrix Receiver and Receiver internally (and automatically) deals with Access Gateway on user’s behalf.
- EPA with ICAProxy / CVPN: Receivers can now seamlessly launch AG plug-ins to connect to an Access Gateway vServer configured with End Point Analysis policies, in ICAProxy and CVPN modes as well. Earlier, this was supported only for Full Tunnel access.
- ….
Continue reading here!
//Richard
#Citrix #NetScaler, #AGEE and Macbook OS X… bad start of the evening session!
Ok, I was just going to log in and play around and setup another AppController to verify some thoughts around a customer case in our EnvokeIT environment. And what did I do? I just opened my lovely Macbook Air (no one will ever take that one from me!!) and thought I would connect into our internal EnvokeIT lab environment and decided for some reason to connect over SSL VPN this time rather than running everything on the internally published desktop.
So I opened the browser and connected to our AGEE vip that presented me with the rather ok-looking login page as you can see here that my colleague modified to make it a bit more aligned with the StoreFront/Receiver for Web that we use in this little environment (otherwise you get that black ugly NetScaler login prompt, please get your product look & feel in synch Citrix!).
But then after I logged in I though that why not try out the SSL VPN client for my Mac! So I choose Network Access here;
And then I realised that the modifications weren’t really all ok as you can see here when I was prompted to download the Access Gateway Plugin for OS X (SSL VPN client)…
NetApp Virtual Storage Console for XenServer – #XenServer #CitrixSynergy #NetApp #VCS
This is looking really nice! Have a look at the capabilities of the NetApp VSC plugin for XenServer demo video;
Citrix Synergy 2012 demo: NetApp VSC 1.0 for Citrix XenServer – SR management
Virtual Storage Console reduce cost and complexity with integrated, end-to-end storage management for Citrix infrastructures. Improve administrative efficiency for both your Citrix and storage administrators.
So if you’re a NetApp shop why not try it out?
It’s really nice that you can do most of the config from the XenCenter console! I’m right now doing the Cisco UCS and XenDesktop lab here at Synergy and playing around with it and it’s neat! Once the plugin is installed you can interact directly with it from the XenCenter console.
Here you can configure the preferences in a simple way (even though the User Preference console/plugin isn’t the coolest looking tool)!
Vulnerability in Citrix Receiver with Online Plug-in for Windows could result in arbitrary code execution
Severity: Medium
Description of Problem
A vulnerability has been identified in the Citrix Receiver with Online Plug-in for Windows that could potentially allow an attacker to execute arbitrary code on the client device in the context of the currently logged in user.
This vulnerability is present in all versions of the Citrix Receiver for Windows up to and including version 3.2 and all versions of the Citrix Online Plug-in for Windows up to and including version 12.1.
For more information click here!
//Richard
The IT Melting Pot! 