Posts Tagged ‘Citrix’

Session sharing not working on XenApp ?

Sunday, February 12th, 2012

If the server is really busy you may be getting load balanced off. This behaviour can be over ridden by setting he appropriate session flag for seamless sessions. The full article is available at http://support.citrix.com/article/ctx101644.

Securing NetScaler / AGEE interface

Monday, December 19th, 2011

By default when you install a NetScaler or AGEE the admin interface can only be connected to by HTTP. To configure the device to allow you to connect by HTTPS complete the following steps:

1) Connect to the devices configuration utility using a browser
2) Expand the Network node
3) Click on RPC
4) Select the NSIP (NetScaler admin IP Address)
5) Click Open
6) Tick the Secure check box
7) Click OK

Preventing access to specific applications in XenClient 2

Saturday, November 12th, 2011

XenClient is fabulous. You have a locked down work image and you have an “open” image where you can run whatever you like in it. You can then “share” applications betweioen running VM’s so you can have your “ticker” or “game” or whatever avaialble on your work machine or you can have your work application viewable from your personal machine. But what if you don’t want certain applications to be available ?

This is controlled from an XML file which instructions the agent where to collect icons from (essentially the all users atsrt menu and any logged on users menu) but exclude anything on the blacklist (Outlook Express, anything in c:\windows etc) unless its included on the list of whitelisted applications (internet explorer for example). So, very easy to configure IF you know where the configuration file is …. which isn’t at all obvious.

The XML file can be found in the following locations:

Windows 7
C:\ProgramData\Citrix\Xci\Applications\XciDiscoveryConfig.xml

Vista
C:\ProgramData\Citrix\Xci\Applications\XciDiscoveryConfig.xml

XP
C:\Documents and Settings\All Users\Application Data\Citrix\Xci\Applications\XciDiscoveryConfig.xml

List Users who have logged on to XenApp

Friday, October 7th, 2011

Want to know who has logged on to your Citrix server ?

You can just look in the security log in event viewer and filter down but it’s so much easier using the command line. Just open up a cmd prompt and enter

auditlog (all one word)

This will let you list all the sessions from the event log and even pipe them out to a text file for later analysis or reporting.

Deploying the Configuration Logging Database in XenApp 6

Tuesday, August 23rd, 2011

This blog post will walk you through deploying the configuration logging database in XenApp 6. I’ll be deploying the database on SQL 2008 SP1 running on Windows 2008 SP2 32 bit.

The first thing to do is create a standard domain account to own and connect to the SQL server database. I’ll call my account svcConfigLogging. The account should be set so that its password never expires.

 

Next, we create a blank database in SQL. I have called mine XAConfigLogging. You should follow best practice by pre-setting the database and log file sizes, holding them on separate disks, setting up backup plans etc.

 

We now add the service account created above (svcConfigLogging) to SQL as a logon. The default database for the logon is set to the database created above (XAConfigLogging).

 

Grant the user “db_owner” role access privileges.

 

As the database and security are created we can now use the Delivery Services Console to create the tables and objects in the database and the connection. To do this, right click the farm name and choose “Farm Properties”.

 

 

Select Configuration Logging and then click on the “Configure Database” button.

 

Enter the fully qualified domain name (FQDN) or IP address of the SQL server hosting the database created above (XAConfigLogging) and the credentials of the account created earlier which has db_owner rights to that database (svcConfigLogging).

 

Select the database created above (XAConfigLogging)

Change use Encryption to “No” (use of encryption requires the use of SSL certificates. As these are not in place a connection error will be generated).

 

Click on the “Test Database Connection” button

The connection should be successful (if it isn’t you will need to go back and check the settings entered).

Clicking on “Finish” will return you to the configuration screen.

The balance of the settings can now be configured. If you do not tick the “Log administrative tasks to Configuration Logging Database” then configuration logging does not take place.

Click on OK to complete configuration.

You can now make changes to the configuration of XenApp and they will be recorded to the database.

To view changes made to the configuration select the “History” node in the Delivery Services Console.

 

 

Clicking on the “Set Filter” link allows the SELECT statement to retrieve from the database to be constructed using the GUI.

Clicking on the “Get Log” link will retrieve the changes made within the constraints of the filter applied.

 

“Standard” administrators will have their changes logged to the database but will not be able to read from the database by default (i.e. will not be able to retrieve the log in history). To do this they need to be granted EXECUTE permissions against the stored procedures for the XAConfigLogging database.

 

The permissions required for administrators to the database are detailed at http://support.citrix.com/proddocs/topic/xenapp6-w2k8-admin/ps-maintain-define-db-perms.html. If security is not a concern then administrators can be granted db_owner rights to the database. Granting of rights is most easily achieved using domain groups.

How to reset the admin password for Citrix Licensing Server

Monday, August 22nd, 2011

Sometimes the Citrix licensing server doesn’t get accessed for a long time, maybe the admin leaves and is replaced and no-one made a note of the password. Suddenly, you can’t access the licensing server any more. What to do ?

If you have access to the disk sub system (ie.. the files) on the licensing server then it is possible to reset the admin password.

1. Open the “server.xml” file in C:\Program Files\Citrix\Licensing\LS\conf. If on Win2k8 you will need to open your editor as an admin. (Take a copy of the file first – if anything goes wrong you can simply copy the file back to restore the original settings).

2. Find the entry that looks something like this:

<user firstName=”System” id=”admin” lastName=”Administrator” password=”(ENC-01)LKJ338u98uxkllS(*U+ljljlja-$78923ghJgs” passwordExpired=”false” privileges=”admin”/>;

3. Erase the contents between the double quotes after “password=”

4. Enter a plain text password , for example password=”TemporaryPassword”

5. Change the passwordExpired value to be “true” and save the server.xml file.

6. Restart the licensing services or, at a push, reboot the server.

7. Log into the licensing console using user name “admin” and the password set above.

8. You will be prompted to change your password. The new password will be encrypted in the server.xml file.

Citrix Web Interface Fails to Respond and Generates an Internal Error

Tuesday, February 8th, 2011

When installing XenApp 5.0 Web Interface on Windows Server 2003 the following error can be observed when users visit the XenApp Websites.

“Internal Error. The Web site is experiencing technical difficulties. We apologize for any inconvenience. The internal error may only be temporary. Try reconnecting and, if the problem persists, contact your system administrator.”

Easy one to solve, its just that the NT Authority\Network Service account does not have the correct permissions to the “C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files” location.

Just give it the following NTFS permissions:

Read & Execute
List Folder Contents
Read
Write

and away the problem goes – see full article at http://support.citrix.com/article/CTX126933

  

Virtual Desktops – the future is now

Monday, February 7th, 2011