Posts Tagged ‘subscription’

Microsoft Azure IaaS Operations Guidance – #AAD, #RBAC, #ARM, #Microsoft, #Azure

Here you can find a ton of great guidance material for Azure operations by mzbowe! Really good summary!

This is a collection of Azure Infrastructure installation and operational guidance resources I provide to my customers.  By keeping these links up to date with each engagement, all of my customers may benefit.  Hopefully you can too!  The latest Azure updates will always be at Azure service updates.  Make it part of your operational procedure to review that monthly, if not weekly!  In 2015, there were over 500 updates. Wow!

The goal of this guide to highlight core installation and operational procedures for an Azure IaaS deployment which predominantly will consist of Compute, Network and Storage resources.  This article Azure Infrastructure Services Implementation Guidelines, gives a pretty good run down of what needs to be created and in what order. The resources I will keep updated below pretty much follow most of those resources in the last link. But for now, there is a very important piece of that puzzle missing.  For the newer Azure Resource Manager (ARM) model of deployment, we need to plan, design and create Azure Resource Groups. Once we have Resource Groups, we can delegate administration with Role Based Access Control (RBAC).

Besides all this, if you just need to ramp up and learn more on Azure, go to the Azure Learning Paths page.  Check it out and learn something new! I also have my Azure Certification resources (Slides and Videos) from MS Ignite 2015, to get you certified and ready to go!

Azure Active Directory

Azure AD Operational Guidance

Read more…

#Citrix #StoreFront subscription database replication, #GSLB, #NetScaler

January 13, 2014 Leave a comment

Ok, so we’ve all started to use StoreFront (or have U?) and find out that there are A LOT of things that you have to do in order to get it to work as you most probably want it to.

This post is more around how you ensure that the StoreFront architecture supports an enterprise with multiple sites while still having a concistent end-user experience.

Just imagine that you’ve built your architecture out in a true high availability manner with global server load balancing across all products used in the stack to deliver your Windows apps and desktops to your end-users. It may look something similar to this:


In this view you can see that we’ve setup GSLB to ensure that external (Internet) connected users  and devices are being connected to a NetScaler Gateway vServer in either London or Miami, and from there the NetScaler and the session profile that communicates with StoreFront (SF1 and 2 in each site) is also load balanced using GSLB to ensure high availability. So everything seems good, right! But no… consider that you as an end-user is being connected to the Miami site and that StoreFront group that has a subscription database containing all the apps and desktops etc. that you have selected and added to your workspace.  You will see all these icons by default now when you login to Miami, but you will not see them in the case Miami goes down for some reason or if you travel to London and then gets connected to that StoreFront group as I try to show by this picture:


Read more…

Finally multi-site and enterprise readiness of #StoreFront subscription DB! – #Citrix

This has been one of the things that many larger companies where asking for in the earlier versions of StoreFront (and to get rid of the SQL database of course). Before you could not in a supported/good/easy way get the user subscription database that contained all the items (apps and desktops) that the end-user had subscribed to replicated between sites and StoreFront groups.

For instance if you had a datacenter in Stockholm and then one in Beijing, and had a storefront server group at each datacenter and then used GSLB to load balance the StoreFront or Access Gateway access into those then users could travel and then end up on the other StoreFront group of servers and then didn’t have his/her subscriptions… this was not that good but with StoreFront 2.0 there is now support for how to synchronize the subscription database between the stores on the different groups/sites.

This is still a messy configuration I must say, how hard is it to build it into the console Citrix?!?! Same things as many of the config changes that you still have to do in web.config files…. really not that admin-friendly…

But here you find you how to setup the replication “jobs”:

And of course Citrix also added some other features in this new release:

What’s new

Separate database no longer required. The requirement for a separate database has been removed. Users’ application subscription data are stored locally and automatically replicated between StoreFront servers. For more information, see Plan your StoreFront deployment.

High availability and multi-site configuration. To enable load balancing and failover between the deployments providing the desktops and applications, you can define groupings and hierarchies, including specific backup deployments. You can restrict user access to specific resources by mapping deployments to Active Directory user groups. For more information, see StoreFront high availability and multi-site configuration.

Smart card authentication. StoreFront supports smart card authentication through both Receiver for Windows and NetScaler Gateway. Smart card authentication from desktop appliances and repurposed PCs through Desktop Appliance sites and XenApp Services URLs is also supported. For more information, see Use smart cards with StoreFront.

Receiver for HTML5 integration. You can configure Receiver for Web sites to enable users who cannot install Citrix Receiver to access their desktops and applications directly within HTML5-compatible web browsers. For more information, see Receiver for Web sites.

Desktop Appliance sites. You can enable users to access their desktops from non-domain-joined desktop appliances. The web browser on the appliance is configured to access the Desktop Appliance site for a store in full-screen mode at startup. For more information, see Desktop Appliance sites.

Receiver for Web site shortcuts. You can embed on your websites links to desktops and applications available through Receiver for Web sites. For more information, seeReceiver for Web sites.

XenMobile App Controller workflow integration. Receiver for Web site users can subscribe to applications to which you are managing access with App Controller user account management. For more information about App Controller user account management, see Configuring Applications for User Account Management.

Read more…

#Microsoft #Office 2013 lockdown aims to boost cloud services

February 19, 2013 Leave a comment

Microsoft Office 2013 lockdown aims to boost cloud services

If a computer dies, so does the Office license, unless you have enterprise deals

Microsoft has confirmed that a retail copy of Office 2013 is permanently tied to the first PC on which it’s installed, preventing customers from deleting the suite from one machine they own and installing it on another.

The move is a change from past Office end-user licensing agreements (EULAs), experts said, and is another way Microsoft is pushing customers, especially consumers, to opt for new “rent-not-own” subscription plans.

“That’s a substantial shift in Microsoft licensing,” said Daryl Ullman, co-founder and managing director of the Emerset Consulting Group, which specializes in helping companies negotiate software licensing deals. “Let’s be frank. This is not in the consumer’s best interest. They’re paying more than before, because they’re not getting the same benefits as before.”

Prior to Office 2013, which debuted last month, Microsoft’s EULA for retail copies of Office plainly stated that customers could reassign a license when, for example, they replaced an aged PC with a newer model, or the original machine gave out.

“You may reassign the license to a different device any number of times, but not more…

Continue reading here


%d bloggers like this: