Category Archives: Data Centre

ShareFile StorageZone Controller 2.2

Leave a Reply

The following content is a brief and unofficial prerequisites guide to setup, configure and test ShareFile StorageZone Controller 2.2 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.

Shortened Names
STORAGEZONE CONTROLLER – szc
CERTIFICATE SIGNING REQUEST – csr
SHAREFILE – sf
FULLY QUALIFIED DOMAIN NAME – fqdn
SECURE LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL – (s)ldap
CERTIFICATE – cert
COMMON INTERNET FILE SYSTEM – cifs
XENMOBILE APPCONTROLLER – xac

What’s New
1:This release coupled with prior versions now integrates both the Storage Center and Controller server software packages into one unified software package now called the “ShareFile StorageZone Controller 2.2”.
2: Access your organisations trusted existing or new network CIFS shares and SharePoint sites via a ShareFile On-Prem SZC which always users to securely connect via a FQDN over 443 (HTTPS) this ensuring secure and encrypted communication between the users device and the On-Prem SZC. It is worth mentioning that your organisations datasets do not traverse the ShareFile Control Plane in any way ref – http://support.citrixonline.com/en_US/ShareFile/all_files/SF090015.
3: ShareFile also introduced an EMEA Control Plane for organisations to meet local, regional and geo requirements and or restrictions one basic example could be Safe Harbor – http://export.gov/safeharbor/ as well as preferring to have localised data centre’s within the EU to manage and handle user requests and more. Note this feature was already widely available prior to this WordPress post/blog entry.
4: For information regarding what else is new please check out – http://support.citrix.com/proddocs/topic/sharefile-storagezones-22/sf-storagezones-about-22.html.

ShareFile Security Whitepaper PDF
http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/sharefile-enterprise-security-whitepaper.pdf

Synergy SYN310: Deep Dive into ShareFile Enterprise Functionality

Deploying an On-Prem SZC (DRAFT & MAY CONTAIN ERROR(S))
1: Initially would suggest that your read/review the following CTX Article – http://support.citrix.com/article/CTX138041 and http://blogs.citrix.com/2012/03/19/saml-authentication-with-sharefile-using-ad-fs-2-0/ which covers numerous technical FAQ and may answer a number of your questions.
2: Setup a ShareFile Enterprise Account and request that On-Prem SZC be enabled against your account when setting up your account or if you already have one request that SZC be enabled by sending a email to ShareFile support – http://www.sharefile.com/company/contact-us.aspx and online help & support including videos is available at – http://support.citrixonline.com/sharefile. Verify that StorageZones are available under the Admin tab when you sign into your ShareFile sub-domain e.g xendc.sharefile.eu or axendatacentre.sharefile.com prior to continuing with the installation and configuration.
3: Prepare a Windows Server 2008 R2 and install IIS (include dependencies ASP, Basic Authentication if you want to connect to existing network shares for a PoC).
4: Setup and configure your external DNS A record e.g sharefile.axendacentre.com or sf.thedurbannatal-sharks.co.za and ensure that you can successful connect to the default IIS page on TCP Port 80.
5: Generate a CSR on the intended ShareFile On-Prem SZC for your FQDN and sign it with an external CA e.g http://www.verisign.co.uk or http://www.thawte.com e.t.c. Your are required to use an external CA as IIS self-signed or Enterprise CA certificates are not permitted and will not work with the ShareFile Control Plane. Download and install the cert response from your chosen external CA and Complete The Certificate Response in IIS.
6: Once the cert is successfully imported bind it to HTTPS (443) and the restart IIS and navigate to the FQDN via HTTPS externally to ensure that you can connect to it without any SSL cert mismatches, errors e.t.c
7: * Create a ShareFile service account within and assign full r/w access it to the intended On-Prem SZ folder located either on the local disk or secondary disk of the VM or remotely. Please do the same for your PoC Shared Area that you intend to access as an existing network share.
8: *Install the ShareFile Storage Zone Controller 2.2 software package and leave the checkbox to launch the Configuration Web Page. Once the page launches sign in with your Super Admin ShareFile Admin access details.
9: Follow the onscreen instructions which are fairly self explanatory however should you require any further help & support re the exact requirements please navigate to – http://support.citrix.com/proddocs/topic/sharefile-storagezones-22/sf-install-storagezones.html and http://support.citrix.com/proddocs/topic/sharefile-storagezones-22/sf-manage-connectors.html.
10: Please stop and ensure that you safely backup the SCKeys.txt file within the root of On-Prem SZ CIFS share to a alternative and secure location that is also backed up.
11: Provision a test user that resides within your domain and has also been created within the ShareFile Control Plane. For help with setting up users please take a look at – .
12: Ensure that your test user has permission to your intended CIFS Shared Area e.g your SZC that you setup and configured within the ShareFile Control Plane.
13: Now that you have successfully setup and configured your On-Prem SZ and SZC proceed to download a ShareFile mobile app from e.g iTunes – iPad https://itunes.apple.com/gb/app/sharefile-for-ipad-by-citrix/id440596621?mt=8, iPhone https://itunes.apple.com/gb/app/sharefile-mobile-by-citrix/id434391375?mt=8 or Google Play – https://play.google.com/store/apps/developer?id=ShareFile+by+Citrix&hl=en_GB. Once downloaded enter in your test users account details and test uploading and downloading a picture taken from within the ShareFile iOS app as an example.
14: Once you test that your On-Prem SZ

SZ Controller Management
This eDocs node will help you to proactively manage your On-Prem SZ Controller environment covering on to add/remove controllers for H/A as well as how-to promote, demote and disable SZ Controller – http://support.citrix.com/proddocs/topic/sharefile-storagezones-22/sf-manage-storagezone-controller.html. These eDoc articles are essential for the ongoing management and routine scheduled maintenance task(s).

Two-Step Verification = Stronger Security
http://support.citrixonline.com/en_US/sharefile/help_files/SF060010?title=Two-Step+Verification

NetScaler Gateway 10.1.120.1316.e

Leave a Reply

The following content is a brief and unofficial prerequisites guide to setup, configure and test NetScaler Gateway 10.1.120.1316.e to support a XenMobile Enterprise 8.6 deployment prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.

Shortened Names
NETSCALER GATEWAY – nsg
CERTIFICATE SIGNING REQUEST – csr
FULLY QUALIFIED DOMAIN NAME – fqdn
SECURE LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL – (s)ldap
CERTIFICATE – cert
REMOTE ACCESS – r/a
XENAPP – xa
XENDESKTOP – xd
XENMOBILE ENTERPRISE – xm
XENMOBILE APPCONTROLLER – xac
XENMOBILE DEVICE MANAGER – xdm

What Is A NetScaler Gateway
It allows you to safely, securely expose your organisations trusted network and resources to an end-point either via a MicroVPN (CVPN) – http://support.citrix.com/article/CTX136914 or a FULL VPN. The NSG provides and supports a simple yet secure R/A solution for Citrix XenDesktop, XenApp, XenMobile solutions. There have been recent updates to the NSG to incorporate setup wizards to enable organisations to more rapidly setup, configure and deploy a R/A solution without having to request a NetScaler Gateway expert to setup and configure the policies to enable R/A. What is a e release of a NSG check out – http://blogs.citrix.com/2013/03/29/citrix-access-gateway-demystifying-the-e-releases/.

Deploying & Configuring The NetScaler Gateway 10.1.120.1316.e For A XenMobile Enterprise 8.6 Solution
1: Physical or Virtual System requirements – http://support.citrix.com/proddocs/topic/xenmobile-prepare/xmob-deploy-netscaler-gateway-reqs-con.html, VPX – http://support.citrix.com/proddocs/topic/access-gateway-hig-appliances/ag-vpx-introduce-wrapper-con.html#ag-vpx-introduce-wrapper-con and MPX – http://support.citrix.com/proddocs/topic/access-gateway-hig-appliances/ag-model-MPX-spec-ref.html.
2: Pre-requites and checklist – http://support.citrix.com/proddocs/topic/netscaler-gateway-101/ng-checklist-10-1-con.html, http://support.citrix.com/proddocs/topic/netscaler-gateway-101/ng-deploy-xenmobile-con.html
3: Deploying the NSG and performing the initial configuration – http://support.citrix.com/proddocs/topic/xmob-deployment/xmob-deploy-install-ng-network-con.html.
4: Creating a certificate for NSG – http://support.citrix.com/proddocs/topic/xmob-deployment/xmob-deploy-create-csr-ng-tsk.html also watch the NSG certificate video at – http://support.citrix.com/proddocs/topic/xenmobile-understand/xmob-product-videos-con.html.
5: Uploading a license to the NSG – http://support.citrix.com/proddocs/topic/xmob-deployment/xmob-deploy-install-license-on-ng-tsk.html.
6: Configuring the NSG for XenMobile – http://support.citrix.com/proddocs/topic/xmob-deployment/xmob-deploy-config-ng-wizards-con.html.
7: Configure DNS suffixes – http://support.citrix.com/proddocs/topic/netscaler-gateway-101/ng-connect-mobile-devices-android-split-dns-tsk.html#ng-connect-mobile-devices-android-split-dns-tsk or http://support.citrix.com/proddocs/topic/xmob-deployment/xmob-deploy-mobile-device-dns-suffix-tsk.html and if you will be supporting Android handsets within your organisation remember to configure DNS for Android devices – http://support.citrix.com/proddocs/topic/xmob-deployment/xmob-deploy-mobile-devices-android-split-dns-tsk.html.
8: Configuring the STA for WorxMail – http://www.citrix.com/tv/#videos/9210.
9: Testing your NSG – http://support.citrix.com/proddocs/topic/netscaler-gateway-101/ng-test-ag-configuration-tsk.html.

Worx Mobile App Suite NSG Support Table Matrix
http://support.citrix.com/proddocs/topic/xenmobile-connect-users/xmob-worx-supported-platforms-con.html.

Coming Soon!
More coming soon in the inter in check out – http://support.citrix.com/proddocs/topic/xenmobile-understand/xmob-deploy-architect-netscaler-gateway-con.html.

XenMobile Device Manager 8.6

Leave a Reply

The following content is a brief and unofficial prerequisites guide to setup, configure and test XenMobile Device Manager 8.6 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.

Shortened Names
XENMOBILE DEVICE MANAGER – xdm
CERTIFICATE SIGNING REQUEST – csr
APPLE PUSH NOTIFICATION SERVICE – apns
FULLY QUALIFIED DOMAIN NAME – fqdn
SECURE LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL – (s)ldap
CERTIFICATE – cert
VOLUME PURCHASE PROGRAM – vpp
XENMOBILE APPCONTROLLER – xac

APNS IIS Chaining Error
If your experiencing a chaining error when completing your APNS cert response in IIS then please navigate to http://www.apple.com/certificateauthority/ and download the Apple Root Certificate + CRL and the Apple Integration Certificate + CRL and install these appropriately into trusted root ca authority, intermediate stores of the IIS server that you are intended to complete the APNS certificate response on.

You can register/create an Apple ID at – http://appleid.apple.com/cgi-bin/WebObjects/MyAppleId.woa/wa/createAppleId?localang=en_US and the APNS portal is available at – http://identity.apple.com/ to submit your signed APNS CSR to be signed.

Installing XDM 8.6 (DRAFT & MAY CONTAIN ERROR(S))
0: I would recommend downloading and reading through the current Citrix Reference Architecture for XenMobile 8.6 at – http://support.citrix.com/article/CTX13981
1: Review the system requirements – http://support.citrix.com/proddocs/topic/xenmobile-prepare/xmob-deploy-device-manager-sys-reqs-con.html and remember to consider if you are ever going to intend managing your mobile, smart devices inside and outside of your organisations trusted network. I use split DNS so the same FQDN is accessible both in/outside of my demo environment. I FQDN is typically best over a IP addr as you can always adjust the underlying IP Address of the XDM FQDN in DNS (Internal and Externally) to move it (a) from one subnet to another with different IP addressing (b) from ISP to ISP (You will always get a new allocated IP range as ISP are allocated IPv4, IPv6 address blocks) without having to reinstall the XDM. Your probably asking your why would I need to reinstall the XDM? When you install the XDM you will also configure a CA as the XDM will push certs to the devices being enrolled to restrict the devices capabilities based upon the MDM policies that you have applied within the XDM web UI so if the IP addr changes you need to reinstall and re-enrol every device so using a FQDN means that your adjust your DNS records both internally and externally with the new IP addr for your FQDN and there is no need to reinstall the XDM as the FQDN has not changed and devices will still be managed.
2: Network TCP Ports Source vs. Destination – http://support.citrix.com/proddocs/topic/xenmobile-prepare/xmob-deploy-component-port-reqs-n-con.html.
3: Generate an APNS certificate or use your existing APNS certificate – http://support.citrix.com/proddocs/topic/xenmobile-connect-users/xmob-dm-config-requesting-apns-con.html. If you have any chaining error(s) please refer to the APNS process in the beginning of this WordPress blog article/entry.
4: Download and install the latest STABLE versions of the Oracle Java JDK and JCE files at – http://www.oracle.com/technetwork/java/javase/downloads/index.html. You should never use BETA or builds known to be unstable or insecure. Remember to extract and copy the *.jar files to the following paths – once the Java JDK has been installed on the XDM 8.6 server.
5: Liaise with networking team(s) to ensure that your internal and external firewalls ACL are correctly configured for your XDM deployment. Take a look at the Architecture Diagram – http://www.citrix.com/content/dam/citrix/en_us/images/info-graphics/xenmobile_architecture_86.png and the read through the latest Reference Architecture documentation for XM8.6 – http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/citrix-reference-architecture-for-xenmobile-86.pdf.
6: I would once again recommended downloading and reading through the Deploying the XenMobile Solution ( Currently based off 8.5 at the time of writing this blog entry) – http://support.citrix.com/article/CTX139235, alternatively continue.
7: Navigate to this eDoc’s link to begin the installation of the XDM 8.6 – http://support.citrix.com/proddocs/topic/xmob-install-dm-86/xmob-deploy-device-manager-install-steps-tsk.html

Creating A Valid Chained Certificate For Your XDM’s FQDN
There are various different methods for achieving or generating a *.pfx12 certificate you can always choose to disagree with my approach and use your own method(s) and or approach(s).

Microsoft Enterprise CA ( WaRniNg – (DRAFT & MAY CONTAIN ERROR(S)) )
1: Create a CSR for your XDM FQDN on your Enterprise CA or another server that is domain joined and has the Enterprise CA root certificate installed and valid. Please also be sure to ensure your select 2048Bit encryption when competing the wizard and save the CSR request to your desktop for convenience.
2: Open up the text document to retrieve CSR code by selecting all and copying.
3: Navigate to your Microsoft Enterprise CA CSR signing website e.g http://FQDN/certsrv
4: Request a certificate
5: Click Or, submit an advanced certificate request
6: Click Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file
7: Enter in the CSR generated code from the XAC or XDM into the Saved Request input box then change the “Certificate Template” to Web Server
8: Click Submit
9: Download the certificate response in Base 64 format and save as certname-base64.* and then prior to closing the web page save the cert in DER format if required in the following format certname-DER.*. Tip download the *.p7b formats for each aswell. NOTE: Upon completion of importing and activating your cert on the XDM server(s) you should delete any unsecured or unused XDM certs on your file servers and desktop for security purposes.
10: Now complete the SSL signing request certificate in IIS on the Enterprise CA using the Base64 format signed SSL certificate and then export the cert and enter in a strong password and please do not forget the password. Save the exported cert on your desktop and copy onto a file share or to your file server and then copy the *.pfx12 cert you’ve just generated on your XDM’s desktop for simplicity as the next steps will require you to edit two files in notepad and create directory to put the the SSL certificate in.
10: Follow the steps in the following CTX article at – http://support.citrix.com/article/CTX136952 or http://support.citrix.com/proddocs/topic/xmob-dm-8/xmob-dm-manage-securityid-configcert-ssl-tsk.html to apply your Enterprise CA signed *.pfx12 SSL certificate to your XDM’s FQDN.

Checkout these Microsoft certificates resources for further help and guidance.

1: http://support.microsoft.com/kb/295281 – How To Renew or Create New Certificate Signing Request While Another Certificate Is Currently Installed
2: http://technet.microsoft.com/en-us/library/cc754490.aspx – Request Certificates by Using the Certificate Request Wizard
3: http://technet.microsoft.com/en-us/library/bb727098.aspx – Chapter 6 – Managing Microsoft Certificate Services and SSL

OpenSSL
1: You will require a clean, fresh installation of XDM without any devices enrolled as I have not tested this process POST devices being enrolled.
2: Download OpenSSL for Windows at – http://www.openssl.org/related/binaries.html, alternatively if the link is dead or moved locate the download at – http://www.openssl.org/.
3: Install OpenSSL by following the onscreen instructions and remember to check the pre-requites prior to installation of OpenSSL.
4: Now that you have installed OpenSSL following the steps in this Citrix blog article at – http://blogs.citrix.com/2013/11/05/creating-a-private-key-and-csr-for-xdm/.

Deploying and Load Balancing a XDM cluster
1: These two videos available on the Citrix Blog available at – http://blogs.citrix.com/2014/03/05/configuring-xenmobile-device-manager-ha-clustering-in-less-than-15-minutes-part-1/, http://blogs.citrix.com/2014/03/05/configuring-xenmobile-device-manager-ha-clustering-in-less-than-15-minutes-part-2/ that show you how to implement a XDM cluster for high availability referenced from the following eDocs node – http://support.citrix.com/proddocs/topic/xmob-dm-config-86/xmob-dm-manage-ha-wrapper-con.html.
2: Once your NetScaler (Gateway) has been deployed and the initial configuration completed and the appropriate NS(G) licenses uploaded then please watch this video on Citrix TV – http://www.citrix.com/tv/#videos/9294 which shows you how-to L/B the XDM using the XenMobile wizard in the NS(G).

Deploying Strong Authentication
1: Client Certificate Authentication in XenMobile 8.6 – http://support.citrix.com/article/CTX139857.

XenDesktop 7.1

Leave a Reply

The following content is a brief and unofficial prerequisites guide to setup, configure and test XenDesktop 7.1 prior to deploying in a PoC, Pilot or Production environment by the author of this entry.

Shortened Names
ACTIVE DIRECTORY – ad
STOREFRONT – sf
REMOTE DESKTOP SERVICES – rds
VIRTUAL DESKTOP INFRASTRUCTURE – vdi
VIRTUAL DELIVERY CONTROLLER – vda
VIRTUAL GRAPHICS PROCESSING UNIT – vgpu
HIGH AVAILABILITY- h/a
VIRTUAL SHARED GRAPHICS ACCESS – vsga

Coming Soon!
In the interim I have selected a few links from Citrix eDocs which you may find to be useful relating to this new version of XenDesktop 7.1.

Deploy XenDesktop in a multiple forest Active Directory environment
http://support.citrix.com/proddocs/topic/xendesktop-71/cds-plan-multiple-forest.html

XenDesktop 7.1 VDA, Controller Platform Supportability
http://support.citrix.com/proddocs/topic/xendesktop-71/cds-xd71-support-platforms.html

Enable High Availability If Delivery Controller Fails
Firstly you need to adjust two registry entries within either the Windows Server or Desktop OSes to enable the VDA to be in high availability mode – http://support.citrix.com/proddocs/topic/xendesktop-71/cds-plan-high-avail-vda-rho.html thereafter you will need to create custom *.ica file – http://support.citrix.com/article/CTX127392 to connect to VDA(s) installed on a Windows Server or Desktop OS to access your resources e.g Hosted Shared Desktop.

nVidia & Citrix Announcement at Synergy 2013
If you did not watch the LiVE announcement here is the 20 minute discussion and demonstration on stage streamed LiVE across the internet of the very latest in virtual Graphics Processing Unit (vGPU) technology delivered using a nVidia GRID K2 card, XenServer 6.2 + hot-fixes on XenDesktop 7.1 < a href="http://www.youtube.com/watch?v=mwuPXT8jrv4">http://www.youtube.com/watch?v=mwuPXT8jrv4.

How to setup and configure nVidia Virtual GPU (vGPU) in XenDesktop 7.1 DRAFT & MAY CONTAIN ERROR(S)
1: Check out – http://www.nvidia.co.uk/object/grid-virtual-gpus-uk.html which explains the technology and provides a table of the maximum capable screen resolution, virtual GPU profile, number of supported monitors and users per nVidia GRID K1 or K2 card.
2: It is also worth reading this newly published HDX Technology white paper – http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/citrix-hdx-technologies.pdf if your new to delivering hosted shared desktops (XenApp 6.5, XenDesktop 7.x), VDI desktops (XenDesktop 7.x) or just a generalised refresh surrounding HDX which is built on the strength of Independent Computing Architecture (ICA) protocol – http://en.wikipedia.org/wiki/Independent_Computing_Architecture.
3: What server hardware is supported for nVidia GRID K1, K2 cards – http://www.nvidia.co.uk/object/buy-nvidia-grid-uk.html and here is where you can find the current specifications for the card themselves – http://www.nvidia.co.uk/object/grid-vdi-graphics-cards-uk.html.
4: Review and understand the system requirements for HDX 3D Pro which is required in order to deliver the whole solution – http://support.citrix.com/proddocs/topic/xendesktop-71/hdx-sys-reqs.html.
5: Explore, understand and review the GPU Acceleration for Windows Desktop OS’s in eDocs – http://support.citrix.com/proddocs/topic/xendesktop-71/hd-3d-plan.html and it is also worth reading through GPU Acceleration for Windows Server OS’s as well at – http://support.citrix.com/proddocs/topic/xendesktop-71/hd-3d-gpu-acceleration-win-server-os.html.
6:Assuming you have not acquired a nVidia GRID K1, K2 card you should ensure that you download the latest possible and stable driver(s) – http://www.nvidia.com/Download/index.aspx?lang=en-us and if you require assistance also make use of nVidia’s support – http://www.nvidia.co.uk/page/support.html. I would also recommend reviewing or contacting manufacture to ensure that you have the latest and or best supported BIOS to support the whole solution end to end.
7: Download print out the following Reviewers guide to getting started – http://www.citrix.com/content/dam/citrix/en_us/documents/go/reviewers-guide-remote-3d-graphics-apps-part-3-xenserver-vgpu.pdf. If your new to Citrix XenDesktop 7.1 and what to get started quickly follow on with this great Reviewers guide – http://www.citrix.com/wsdm/restServe/skb/attachments/RDY8316/XenDesktop%207.1%20Reviewer%27s%20Guide.pdf which is referenced from – http://www.citrix.com/skb/articles/RDY8316.
8: Install the K1 or K2 GPU cards into your chooses server h/w platform, download the XenServer 6.2 ISO burn it to CD and also download the required hot-fixes and service packs (SP) if required to enable vGPU. Insert the CD into the host and power and install XenServer 6.2 and install the latest version of XenCenter on your desktop and connect it to your successful installed XenServer 6.2 host. Note you should always ensure when setting a PoC or pilot that you keep in-line with your organisations best practises and polices.
9: Complete hot-fixes packing process and also install the nVidia GRID Manager into Domain0 (Dom0) as instructed in the reviewers guide.
10: Create your VM in XS and remember to add the vGPU, then power on the VM to install and configure the OS -> once the installation is completed install and enable the nVidia GRID drivers – http://support.citrix.com/proddocs/topic/xendesktop-71/hd-3d-manage.html and then reboot the VM -> install Xen tools and reboot -> login install and configure as required your intensive 3D, graphical intensive applications -> join to your organisations domain and change the host name if required and reboot -> mount the XenDesktop 7.1 ISO to the VM and install the VDA (Decisions make a master images or enable R/A) and reboot -> Open Studio for XenDesktop 7.1 on your desktop and create machine catalogue and delivery group following the best practises of the reviewers guides mentioned above -> Open Citrix Receiver which can be downloaded at – and login and search for your newly created VDI desktop with vGPU and launch the resource and access one of your installed 3D or graphical intensive applications and begin testing and playing with different policies in XenDesktop 7.1 and tweaking your h/w as required to gain the maximin possible performance.
11: You can/could also test and try using – http://www.ozone3d.net/gpushark/#techdata although I have not tested this utility with a VDI desktop which is vGPU ready and enabled.

nVidia GRID Technologies
Shared GPU for bare metal Windows Server running XenApp 6.5 for delivering RDS Workloads – http://www.nvidia.co.uk/object/grid-xenapp-uk.html
Dedicated GPU for Virtual Machines on either a VMWare ESXi or XenServer 6.2 (hotfixes) hosts – http://www.nvidia.co.uk/object/dedicated-grid-gpus-uk.html.
vGPU for Virtual Machines on a XenServer 6.2 (hotfixes) host – http://www.nvidia.co.uk/object/grid-virtual-gpus-uk.htm

Infrastructure Considerations & Planning
Often individuals ask themselves how do I use my current or planned network, h/w infrastructure requirements to ensure support XenDesktop 7.0, 7.1 for VDI, RDS workloads?

1: Always refer to eDocs, CTX articles or white papers published by Citrix for the correct system requirements and best practises.
2: Citrix’s Project Accelerator http://project.citrix.com
3: Sizing XenDesktop 7 App Edition VMs – http://blogs.citrix.com/2013/10/31/sizing-xendesktop-7-app-edition-vms/
4: Go SuperSonic with XenDesktop 7.x Bandwidth SuperCodecs – http://blogs.citrix.com/2013/11/06/go-supersonic-with-xendesktop-7-x-bandwidth-supercodecs/
5: Storage and IOPS guidance for App delivery with XenDesktop 7 – http://blogs.citrix.com/2013/11/14/storage-and-iops-guidance-for-app-delivery-with-xendesktop-7/

XenApp 6.5

Leave a Reply

The following content is a brief and unofficial prerequisites guide to setup, configure and test XenApp 6.5 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.

Shortened Names
WEB INTERFACE – xml
STOREFRONT – sf
REMOTE DESKTOP SERVICES – rds
TERMINAL SERVICES – ts
VIRTUAL DELIVERY CONTROLLER – vda

nVidia Shared GPU
http://www.nvidia.co.uk/object/grid-xenapp-uk.html

XenDesktop 7

Leave a Reply

The following content is a brief and unofficial prerequisites guide to setup, configure and test XenDesktop 7 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.

Shortened Names
REMOTE DESKTOP SERVICES – rds
VIRTUAL DESKTOP INFRASTRUCTURE – vdi
VIRTUAL DELIVERY CONTROLLER – vda
VIRTUAL GRAPHICS PROCESSING UNIT – vgpu
SERVICE LOCATION – srv

What is and does it do?
Citrix XenDesktop 7 allows you to deliver Remote Desktop Services (RDS), Virtual Desktop Infrastructure (VDI) workloads and secure remote access to an existing PC estate by installing the Virtual Delivery Agent (VDA) into those existing PC’s. All this capability is enabled from one single common architecture – FlexCast Management Architecture (FMA). If you are a Citrix XenApp 5.0, 6.5 Administrator I would encourage you to read through the following Citrix eDoc article – http://support.citrix.com/proddocs/topic/xendesktop-7/cds-overview-info-previous-xa-customers.html and follow on with this free Citrix 2 hour long course covering XenDesktop 7 weather your sales, pre-sales, sysadmin or engineer its useful in getting your mindset ready for XenDesktop 7 – http://training.citrix.com/mod/ctxcatalog/course.php?id=595.

Citrix TV & YouTube Videos To Watch
SYN320: XenDesktop 7: What You Should Know About FlexCast Management and XenApp Migration
http://www.citrix.com/tv/#videos/8493.
Citrix XenDesktop 7 3D Pro Demonstration – http://www.citrix.com/tv/#videos/9008.
XenDesktop 7 Masterclass – http://www.youtube.com/watch?v=XSFJ0xx7ztY.

XenDesktop 7 Handbook
Check out the blog article announcement – http://blogs.citrix.com/2013/10/10/new-xendesktop-7-handbook-published. You download the XenDesktop 7 Handbook directly at – http://support.citrix.com/article/CTX139331 and the XenDesktop 5.x Handbook at – http://support.citrix.com/article/CTX136546.

Components of XenDesktop 7 Explained
1: Studio is allows you to design and build your RDS, VDI workloads.
2: Director allows you to support and monitor your organisations XenDesktop 7 virtual machines, user sessions via MS RemoteAssistance, historical trending & metrics, network analytic’s if you have a NetScaler.
3: Delivery Controller is responsible for brokering the connections to your servers (ICA/RDS), virtual machines (VDI) or existing workstation PC’s.
4: Citrix Licensing Server is responsible for checking in/out of your FlexCast licenses. XenDesktop 7 requires CLS 11.11.
5: StoreFront provides users with a self-serve AppStore to tab to click to add your Windows hosted apps, hosted shared desktops (Windows Server 2008 R2) or VDI desktops (Windows 7,8).
6: Machine Creation Services (MCS) is built into XenDesktop 7 which enables as allows you to provision virtual machines from your master VM images. All you need to do to configure it is to input either XenServer, Hyper-V (Requires SCVMM) or ESX (Remember to trust the root certificate) hypervisor FQDN and the access details.
7: Provisioning Services (PVS)
8: User Profile Manager 5 (UPM) is built into XenDesktop 7 and provide Citrix’s profile management solution.
9: MS SQL is required to store configuration information and details about your XenDesktop 7 site. MS SQL express, standard, enterprise and data center* editions are supported and for H/A configuration options please visit this eDocs article at – *http://support.citrix.com/proddocs/topic/xendesktop-7/cds-sys-requirements.html.
10: Virtual Delivery Agent (VDA) is responsible for delivering a hosted shared desktop, windows hosted app and VDI desktop to users brokered via the Delivery Controller.

What Editions Are Available? VDI, App (XenApp capabilities e.g delivery of RDS workloads) , Enterprise and Platinum. To compare the feature sets of edition please check out – http://www.citrix.com/go/products/xendesktop/feature-matrix.html. At the time of writing this post you are required to login to Citrix.com with your access details.

Setup & Configure nVidia GRID VIRTUAL GPU (vGPU) on Citrix XenDesktop 7.1
To learn how-to setup and configure a test demo or PoC environment to leverage the vGPU capabilities of XenServer 6.2 and XenDesktop 7.1 Tech Preview check out – http://www.nvidia.co.uk/object/grid-virtual-gpus-uk.html. You can download the XenDesktop 7.1 Tech Preview at – and the system requirements can be found at – http://support.citrix.com/proddocs/topic/xendesktop/cds-xendesktop-71-landing-page.htm and the HDX system requirements please check out – http://support.citrix.com/proddocs/topic/xendesktop-71/hdx-enhance-ux-xd.html.

NVidia Resources
XenApp 6.5 GPU Sharing – http://www.nvidia.co.uk/object/grid-xenapp-uk.html.
XenDesktop vGPU – http://www.nvidia.co.uk/object/grid-xen-desktop-uk.html.

Multi-Site Configurations & High Availability
Coming soon! I will cover multiple data centres and sites and how-to enable and ensure H/A access to your published resources if you lost/lose communication with your XenDesktop 7 delivery controller(s) and the pitfalls. I would strongly recommend your environment is N+1 and with VM’s common these days setting and configuring an N+1 environment should be best practise for H/A, business continuity and DR.

How-to Enable Local App Access
Coming soon! However in the mean time please refer to http://support.citrix.com/proddocs/topic/xendesktop-7/laa-configure-enable.html#laa-enable.dita.

XenDesktop Introduction Training Course CXD-102
Citrix training offers a 2 hour introduction course to XenDesktop 7 for free. The course is available at – http://training.citrix.com/mod/ctxcatalog/course.php?id=595.

Howto Configure Email Based Discovery& Why It’s Important
Configuration of email based discovery using SRV records is simple and greatly enhances the users login experiences as they all know there email addr and domain password much like logging into Facebook, Twitter e.t.c so offering the same login user experience weather users are in or outside or the organisation means they don’t need to remember logging in with the following format domain\username and domain password they can simple use there corporate email addr and domain password.

There is a great Citrix blog article that covers covers configuration of e-mail based discovery in and outside of your organisation leveraging a NetScaler Gateway check out – http://blogs.citrix.com/2013/04/01/configuring-email-based-account-discovery-for-citrix-receiver/.

The process below is for configuration of SRV records within a trusted corporate environment. If you would like to know more about what else you can configure in terms of SRV records check out – http://en.wikipedia.org/wiki/SRV_record, http://technet.microsoft.com/en-us/library/cc961719.aspx (A Windows 2000 article but will get you thinking if your new to SRV records) and howto add other resources records into your organisations DNS – http://technet.microsoft.com/en-us/library/cc772362.aspx.

1: Launch your Microsoft DNS management console
2: Right click on your organisations Forward Lookup Zone that contains the StoreFront FQDN
3: Click “Other New Records”
4: Scroll down and select “Service Locaiton (SRV)” and click “Create Record”
5: Your organisations domain should already be pre-populated e.g citrix.lab or axendatacentre.com
6: Type in “_citrixreceiver” in the Service feild
7: Type in “_tcp” in the Protocol field
8: Type in “443” in the Port number field or 80 if you don’t use 443 internally
9: Type in “storefront.domain” in the Hosting offering this service e.g storefront.axendatacentre.com or storefront.axendc.local
10: Save/Commit the changes and close the current active window in DNS
11: Navigate to physical or virtual machine install and launch Citrix Receiver when prompted enter in your email addr and password when prompted.

Troubleshooting
Open up a Windows Command prompt and execute these two commands below and for more information in validating your SRV records check out – http://support.microsoft.com/kb/816587.

1: Type in “ipconfig /flushdns”
2: Type in “nslookup”
3: Type in “set type=srv”
4: Type in “_citrixreceiver._tcp.domain” e.g _citrixreceiver._tcp.axendatacentre.com

Microsoft Windows Server 2012 R2 & Windows 8 Support
http://blogs.citrix.com/2013/10/08/citrix-xendesktop-with-flexcast-management-architecture-adds-support-for-windows-server-2012-r2-and-windows-8-1/.

More coming soon!
In the mean time check out https://www.citrix.com/products/xendesktop/overview.html and Design Guide: Mobilising Windows Apps (Requires Form Input From Citrix)

StoreFront 2.0

Leave a Reply

The following content is a brief and unofficial prerequisites guide to setup, configure and test StoreFront 2.0 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.

Shortened Names
STOREFRONT SERVICES – SFS
FULLY QUALIFIED DOMAIN NAME – fqdn
NETSCALER ACCESS GATEWAY – nsag
NETSCALER GATEWAY – nsg
CERTIFICATE – cert

Certificates
1: What type of certificate do you require for your SFS deployment depends upon weather the server is (a) internal only (b) deployed in-line with the AppController internally (c) deployed in the DMZ (d) deployed in-line with the AppController fronted by a nsg.
2:Another important consideration re what certificate to use includes weather you have an Enterprise CA with in your organisation to sign your CSRs or do you use self-signed certificates or do you generate and publicly sign your certificates (standalone or wildcard) externally?

StoreFront 2.0 Overview
1: StoreFront is replacing Web Interface 2015 ref Bitly link to Citrix EOL web page indicating WIF EoL. Why? StoreFront is the next generation platform which provides a great and seamless user experience across any type device supporting Citrix Receiver. StoreFront aggregates Windows & Mobile Apps*, Desktop, Web-links, SaaS and can with a single click can propagate configurations changes between all the StoreFront servers within your environment.
2: No more MS SQL database requirements with the SFS 2.0 release.
3: Improved login performance.
4: Bind your SSL certificate within IIS prior to installing or configuring SFS 2.0 and remove HTTP unless required to OS harden your SFS server. By binding the SSL cert prior to configuration of SFS it will ensure that the configuration wizard uses HTTPS over HTTP. In addition where possible use your organisations Enterprise CA to sign your StoreFront servers CSR instead of using the self-assigned SSL certificate option to generate a SSL cert in IIS as this will causes secure (SSL) communication issues between SFS and the delivery controller(s) if using HTTPS and when you attempt to access published resources from the configured delivery controller the resources will not be available as the servers cannot successful communicate with one another over HTTPS.
5: Beacons enable Citrix Receiver to understand intelligently wether a user is connecting to your organisations Citrix resources is internally or externally, by attempting to access the internal or external SFS FQDN’s within the StoreFront MMC snap in e.g storefront.axendatacentre.local (Internal) or sfs.axendatacentre.com (External and resolvable).
###
* Worx Home is now responsible for the delivery or mobile apps delivered via the XenMobile AppController 2.8
###
6: This Citrix blog article sums up the Receiver for HTML 5 – http://blogs.citrix.com/2012/08/31/receiver-for-html5-is-now-available/ and you can learn how-to install and configure it at – http://support.citrix.com/proddocs/topic/receiver-html5-11/receiver-html5-install.html.

Subscription Database Where Is It?
The release of Citrix StoreFront 2.0 from 1.2 brought with it a change in where and how follow-me apps subscription data is stored. Historically this was stored in an MS SQL database in 1.2 now this data is actually stored in a EDB file check out. – http://support.citrix.com/article/CTX139037 which is automatically replicated if a SFS cluster. You can also adjust the subscription synchronising period by following this eDocs article which requires some PoSH cmdlets – http://support.citrix.com/proddocs/topic/dws-storefront-20/dws-configure-ha-sync.html.

Customising Receiver for Web
This blog article goes into great detail about to customise Receiver for Web from the logos, background image, connecting from IP addr of the user to adding in additional elements e.g click here to contact your IT Helpdesk. Check it out at – http://blogs.citrix.com/2013/06/26/customizing-receiver-for-web-in-storefront-2-0/.

HTML 5 Receiver Configuration & Support
Coming Soon!

Citrix StoreFront 2.0 – Implementation Guide
http://support.citrix.com/article/CTX133185

XenServer 6.2

Leave a Reply

The following content is a brief and unofficial prerequisites guide to setup, configure and test XenServer 6.2 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.

Is My Server Hardware Supported?
1: Navigate to http://hcl.xensource.com/ to verify if your server hardware is compatible of supporting XenServer.
2: Check to see if your CPU supports either Intel VT or AMD-V for more information about these hypervisor enabled CPU’s please visit – http://en.m.wikipedia.org/wiki/X86_virtualization.

XenServer Is Now OpenSource
http://xenserver.org.

How-to setup and configure GPU Virtualisation (vGPU) & GPU Pass-Through (DRAFT & MAY CONTAIN ERROR(S))
This is a collection of great CTX, Blog articles to aid you in further understanding the GPU differences, jargon and how-to get started today.

1: Start by downloading and upgrading your XS host(s) to 6.2 SP1 by following this CTX article at – http://support.citrix.com/article/CTX139788.
2: While you review the documentation and start planning an upgrade window(s) for your Demo/PoC XS host environment (Always do a PoC before attempting to put anything into Production) you’ll need to read some more valuable documentation at – http://www.citrix.com/go/xendesktop/3d/materials.html and download and read through the relevant Reviewers guide, to get started ASAP for vGPU read “Part 3: XenServer GPU Virtualization (vGPU)”. I would also recommend navigating this nVidia link to learn more about the GRID technology and cards – http://www.nvidia.co.uk/object/grid-virtual-gpus-uk.html with your next stop being – http://www.citrix.com/go/private/vgpu.html, then – http://support.citrix.com/proddocs/topic/xendesktop-71/cds-get-started-new-prepare-master.html followed by optionally either for Desktop OS – http://support.citrix.com/proddocs/topic/xendesktop-71/hd-3d-plan.html and Server OS – http://support.citrix.com/proddocs/topic/xendesktop-71/hd-3d-gpu-acceleration-win-server-os.html depending on weather you want to delivery rich graphics to users on a hosted shared desktop (RDS Workload) or VDI.
4: I would also recommend that if you do have compatible hardware on the HCL to check that you have sufficient power (Amps) to your rack/cabinets and sufficient number of PSU’s in the server or blade chassis to support the extra power draw.

vGPU Monitoring
http://blogs.citrix.com/2014/01/22/xenserverxendesktop-vgpu-new-metrics-available-to-monitor-nvidia-grid-gpus/

GPU Sharing Technology Tech Preview
. These features are now available in XenServer 6.2 SP1 check out – .

Coming soon!
In the mean time check out – Citrix XenServer .