Bloggarkiv

Storefront monitor not working properly for HTTPS services in 10.5

Now I just recently became aware from Twitter that the 10.5 Netscaler monitor for Storefront is not working properly for HTTPS enabled Storefront servers.

image 

The problem with the monitor is that it uses an IP based check (and not a hostname based check) which would allow the monitor to work properly since the digital certificate it presents does not match its IP-address.

NOTE: This only fails if the monitor is matched against a SSL based service and you have configured the monitor with secure

image

Now in older versions of the monitor it had an own “hostname” parameter, but that is now deprecated. Now all we have is a Store name setting there.

There is a workaround which was listed on the Citrix forums by a member there.

Here’s a workaround:

  1. Edit the file /netscaler/monitors/nssf.pl
  2. At line 23, insert the following before the current ENV line:

$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;

So let’s see if Citrix fixes this issue in the next release! Smilefjes

Citrix Connector for System Center Configuration manager 7.5 walkthrough

Earlier today, Citrix released their updated System Center Configuration Manager connector to XenDesktop 7.5. It can be downloaded from here –> http://www.citrix.com/downloads/xendesktop/product-software/xendesktop-and-xenapp-75-connector-for-sccm.html note that it requires an mycitrix account in order to download it.

So what does it do ? well a couple of things. Mostly it’s about pushing software out to regular clients and servers including XenApp/XenDesktop servers where the clients might get the XD/XA version of an application. You can also use it to publish applications directly to XD/XA from Configuration Manager which makes it easy to maintain a consistant software library.

Now there are a couple of components here that are needed.

* Citrix Connector Service (This does the syncing, publishing and orchestration jobs between Configuration Manager site and the XA/XD site)

* Citrix DT handler (This component is needed on VDA servers/clients and on managed clients which you want to use the integration between) NOTE: There are different DT handlers for clients and VDA agents

image

So in my case I installed the Citrix Connector Service on my site server since it is a demo-enviroment. Now the installation is pretty straight forward.

1

Install both the service and the console extension

2

Enter a service account for the connector serivce

image

New in this release is the ability to define maintance windows, in case you want automated deployment to VDA agents.

image

Now after the installation is finished there are a few things which should be done first.

Make sure that Configuration Manager client is installed on the VDA agents you want to use with this deployment. Now you should create an application of the DT handler and deploy out to all VDA agents.

  • Using the following installation paramters msiexec /i «CitrixDTHandler_x64.msi» /q
  • Also all applications you want to publish should be pre-created and added to Configuration manager.

Now in my case, I have installed the DThandler on 1 VDA server, and have created 7-zip as an application in Configuration Manager. When we open Configuration Manager Console we have some new options. First of under Assets and Complliance we have the machine catalogs listed up

image

First of we need to deploy 7-zip to the machine catalog and VDA agents. After that Configuration Manager has gotten the info that the application has been installed

image

We can go ahead and do a publication action. Go into Software library and into Citrix Applications Publications andchoose Create Publication.

image

Then we run trough the wizard

image

Now the connector has been added a nifty new feature which check if all the prerequistes are in place.

image

So after we have done the wizard and the syncronization is complete the application will appear in the XenDesktop studio.

image

So now we have successfully installed 7-zip on a VDA agent and successfully published it from Configuration Manager. So this means that the application is available as an resource if the user starts up Citrix Receiver or logs into StoreFront.

Now onto the next option, what if we want users to get applications from Software Center or the Application Catalog (But they can start a citrix session if we want them to?) this is part of the DT handler on the managed clients.

Now let’s deploy 7-zip from Configuration Manager to some managed clients, first of we need to create a new deployment type which references the newly published applications. in the the deployment type choose XenApp

image

Under publishing you need to choose the existing Citrix deployment that was published earlier.

image

NOTE: Citrix DT handler needs to be installed on the clients.

Now go trough the wizard and after you are done with the wizard you need to give the XenApp deployment type a lower priority then the other option.

Now after you have created the deployment type and you want to deploy the appliaction you need to choose the clients or the users which are defined in the delivery groups

image

Now if you head over to the application portal on a managed client with a valid user, the application will appear.

image

Now if you click this application the configuration manager agent and the DT components will interact and publish the application in the receiver. If you have a valid single-sign-on deployment working on your Xendesktop enviroment you can see that 7-zip is published on the managed clients desktop

image

this is a quick walkthrough but it gives you the quick overview of what you can use this connector with. You can also integrate it with MCS and PVS, also we can integrate App-V applications. Also important to remember that with XenDesktop 7.5 you can integrate with Configuration Manager for Wake on lan functionality.

Configuring Front-end optimization with Citrix Netscaler

One of the new features in Netscaler 10.5 is called Front-End optimization (which actually is part of Netscaler enterprise and +) which allows Netscaler to optimize the HTTP traffic which is headed back to the client. Now let us take a look at some of the different settings.

image

Now first of we have the JavaScript section.
* Make Inline (This makes JS which are linked to a page to become inline instead, only affects JS which are less then 2 KB)
* Minify (Removes Whitespaces and comments from JS)
* Move to end of body tag (Moves a inline Javascript to the end of a body tag

Images
* Shrink to attributes (Shrinks an image to the specified size as the HTML tag
* Make inline (This makes Images which are linked to a page to become inline instead, only affects images which are less then 2 KB)
* Optimize (Removes non-image data from JPEGs, such as comments)
* Convert GIF to PNG (converts images from GIF to PNG)
* Lazy Load (Downloads images as a user scrolls down to them)

CSS
* Make Inline (This makes CSS files which are linked to a page to become inline instead, only affects CSS files which are less then 2 KB)
* Combine (Converts multiple CSS files into one)
* Move to head tag (Moves CSS defined in the body tag to the head tag)
* Image inline (Makes such as CSS backgrounds referenced in the CSS file as inline)
* Convert Imports to Links (Convert CSS import statements to HTML link tags)
* Minify (Removes Whitespaces and comments from JS)

HTML
* Remove Comments from HTML (Removes comments within the HTML files)

Extend Page Cache (
Enable Client side Measurements

Now you can take a look at how HTML will look after it is parsed trough this feature here –> http://support.citrix.com/proddocs/topic/ns-optimization-10-5-map/ns-feo-working-use-case.html

Now that you have some understanding on what it does, let’s go ahead and configure it. First we need to enable the feature and Integrated caching (since this is a prerequisite)

Enable both features

image

Now by default there are some premade actions, which define what options are enabled. For intance aggresive policy have most of the optimizations enabled.

image

Now for instance, lets say that we have a prefined load balanced server (which in my case is hosting a WordPress site) the vServer is called WEB-IIS in my case, go into Front-End Optimization –> Policy Manager –>

Here choose bind point, and virtual server

image

Next we need to bind a policy to the bind point. Remember that here we need to create a policy using an expression and attach it to the bind point.

image

I used HTTP.REQ.HOSTNAME expression here so in my case when a user accesses demo-webopt the user will be affected by the policy.

After you have added the policy, press OK then DONE and you are good to go.

So try to access the page and watch the statistics.

Now we can see that it has already managed to do some optimization after I tried to access the page a couple of times.

image

So with this feature it allows web-developers to be able to comment inline code without affecting the users, also being able to have a solid structure on CSS and JS without affecting the performance. Note that this feature is not suitable for all web applications, be sure to properly test the feature first.

Netscaler 10.5 review

Now since the release of 10.5 I have been able to test alot of the new features in the latest release. Citrix has also released new versions of Insight and Endpoint clients for Windows & Mac to match the new release.

The upgrades have so far for my part have been non-problematic (in case of a custom GUI you may need to recreate it) from 9.3 and even 10.1 builds. For those that are in a migration plan please refer to the migration document from Citrix http://support.citrix.com/proddocs/topic/ns-faq-map-10-5/ns-faq-migration.html

I have also seen a performance increase in some scenarioes.

There has also been an update on the clustering features, which didn’t caught my eye at first. http://support.citrix.com/proddocs/topic/ns-system-10-map/ns-cluster-feat-supp-ref.html Which allows us to have a Netscaler Gateway vServer running on a local Netscaler node.

Now the new build is 99% pure HTML which is great! there are still some features which still requires JRE, but this is going to be fixed in a future release.

The following features or nodes still require JRE:

  • System
    • Upgrade Wizard
    • Diagnostics
    • User Administration
      • Command Policies
      • Command Policy RegEx Editor
  • Visualizers
    • Network > Network Visualizer
    • Network > TCP/IP connections
    • Traffic Management > Load Balancing > Visualizer
    • Traffic Management > Content Switching > Visualizer
    • Traffic Management > GSLB > Visualizer
  • Security
    • Application Firewall
      • Application Firewall wizard
      • Add/ Edit/ Import profiles
      • Signatures
        • Add
        • Update Version
        • Auto Update Settings

Citrix has also made easier integrations for their own products such as XenDesktop/XenMobile/Sharefile and so on, which makes it easier for consultants to deploy Netscaler solution to provide availability for other products.

Now all of the new features are listed here –> http://support.citrix.com/proddocs/topic/ns-rn-main-release-10-5-map/netscaler-10-5-rn.html

One thing which I find is the most important featue in the latest build (besides the new GUI) is the front-end optimization feature which allows the Netscaler to reduce load and render times on web pages which are rendered on a client browser, after some intials tests with this feature I was able to save 60% of the load time. Since in most cases a web site is not optimized for speed, and therefore Netscaler might be an important piece there.

But to sum it up so far, I’m really impressed with the latest release and how Citrix has made Netscaler even more powerful with more then 100 more features, and makes it a more key component in most datacenters. Looking forward to the later releases to see what Citrix has up their sleeve! Smilefjes som blunker

Azure Active Directory Premium preview

So as of today, Azure Active Directory Premium is available in trial for all users. For those that aren’t aware of what Azure Active Directory Premium is in short Identity and Access Management for the cloud so its a extension of the previous features which include,

* custom domains

* users and groups

* directory integration with local Active Directory

* MFA (which I have blogged about previously http://bit.ly/1lkQ0NO)

The premium part allows for single-sign and multi-factor authentication to any cloud application. To show the entire functionality.

Active Directory Premium edition is a paid offering of Azure AD and includes the following features:

  • Company branding – To make the end user experience even better, you can add your company logo and color schemes to your organization’s Sign In and Access Panel pages. Once you’ve added your logo, you also have the option to add localized versions of the logo for different languages and locales. For more information, see Add company branding to your Sign In and Access Panel pages.
  • Group-based application access – Use groups to provision users and assign user access in bulk to over 1800 SaaS applications. These groups can either be created solely in the cloud or you can leverage existing groups that have been synced in from your on-premises Active Directory. For more information, see Assign access for a group to a SaaS application.
  • Self-service password reset – Azure has always provided self-service password reset for directory administrators. With Azure AD Premium, you can now further reduce helpdesk calls whenever your users forget their password by giving all users in your directory the capability to reset their password using the same sign in experience they have for Office 365. For more information, seeSelf-service password reset for users.
  • Self-service group management – Azure AD Premium simplifies day-to-day administration of groups by enabling users to create groups, request access to other groups, delegate group ownership so others can approve requests and maintain their group’s memberships. For more information, see Self-service group management for users.
  • Advanced security reports and alerts – Monitor and protect access to your cloud applications by viewing detailed logs showing more advanced anomalies and inconsistent access pattern reports. Advanced reports are machine learning-based and can help you gain new insights to improve access security and respond to potential threats. For more information, see View your access and usage reports.
  • Multi-Factor Authentication – Multi-Factor Authentication is now included with Premium and can help you to secure access to on-premises applications (VPN, RADIUS, etc.), Azure, Microsoft Online Services like Office 365 and Dynamics CRM Online, and over 1200 Non-MS Cloud services preintegrated with Azure AD. Simply enable Multi-Factor Authentication for Azure AD identities, and users will be prompted to set up additional verification the next time they sign in. For more information, see Adding Multi-Factor Authentication to Azure Active Directory.
  • Forefront Identity Manager (FIM) – Premium comes with the option to grant rights to use a FIM server (and CALs) in your on-premises network to support any combination of Hybrid Identity solutions. This is a great option if you have a variation of on-premises directories and databases that you want to sync directly to Azure AD. There is no limit on the number of FIM servers you can use, however, FIM CALs are granted based on the allocation of an Azure AD premium user license. For more information, see Deploy FIM 2010 R2.
  • Enterprise SLA of 99.9% – We guarantee at least 99.9% availability of the Azure Active Directory Premium service. For more information, see Active Directory Premium SLA
  • More features coming soon – The following premium features are currently in public preview and will be added soon:
    • Password reset with write-back to on-premises directories
    • Azure AD Sync bi-directional synchronization
    • Azure AD Application Proxy

Now in order to activate premium in your azure account you need to have an existing directory service in place, then you can go into the directory and then create a premium trial

image

Then you have to activate the trial.

image

After premium is enabled you have to license users to use the feature. In the trial we are given 100 licenses which we can use.

image

But note that now we have other panes here as well that we can use to configure the single-sign on experience. Now in an ideal scenario we would have a Active Directory catalog synced and with a public domain which is verified, i’m in vacation mode so therefore im going to show how to use a cloud only user and setup SSO to different cloud applications.

If we go into users we can see all the users which are located in the cloud directory, either they are synced from a local AD or they are a Microsoft account.

image

So we have some users in place, if we go into Configure pane we have the option to customize the access page which users are using to use SSO to web applications. We also have the option to enable users to do password reset (NOTE: that this requires that users have either a phone or alternative email adress defined) this can also me combined with password write back to on-premises AD. http://msdn.microsoft.com/en-us/library/azure/dn688249.aspx

Now we want to add some SaaS applications for the test, go into applications and choose add.
There are 3 ways to add an application. Either add a an regular web application or a native client application, choosing a application from the gallery (which atm consists of over 1000 different SaaS applications. Or if we want to publish an internal application outside of our network (this uses Microsoft Azure AD Application Proxy)

image

So in our case we are going to choose applicaiton from the gallery. Now I have already added some applications to the list here, and some appliactions have different capabilities then others. For instance Salesforce application has the capabilities for provisioning users automatically after a dirsync for instance, while twitter or Yammer do not have this capability.

image 

There are also two types of SSO for each applications, we can either use ADFS (federation based SSO) or use Password based SSO.

Important to note that password based SSO is when a user click on a application from the access portal and has a plug-in installed which then populates the username and password field of the application when entering, it also has some requirements.

Configuring password-based single sign-on enables the users in your organization to be automatically signed in to a third-party SaaS application by Windows Azure AD using the user account information from the third-party SaaS application. When you enable this feature, Windows Azure AD collects and securely stores the user account information and the related password.

Password-based SSO relies on a browser extension to securely retrieve the application and user specific information from Windows Azure AD and apply it to the service. Most third-party SaaS applications that are supported by Windows Azure AD support this feature.

For password-based SSO, the end user’s browsers can be:

  • IE 8, IE9 and IE10 on Windows 7 or later
  • Chrome on Windows 7 or later or MacOS X or later

Now if I again go back to the application list and click on an application I have usually two options. Defining SSO options and choosing who has access.

image

NOTE: for salesforce I have the ability to configure automatic user provisioning as well.

image

Now go into assign users and choose an user in the directory. Now when using password based SSO you get the option of entereting the credentials on behaf of the users (now they are also able to enter this information on the access portal)

image

After this is done and you have assigned users to different applications they can open the access portal (which can be found here –> http://myapps.microsoft.com ) After I login here with my username I am able to SSO to the application I click on from the portal (NOTE that this requires a browser plug-in installed) Microsoft has also already created an wiki containing best-practices for accessing SSO applications.

image

And voila, I have my personal little password manager. From a user perspective I have the option to change credentials from this portal I can also change my password for my main user (which is a outlook user in this scenario) But this is a huge step in how to manage access to users and applications with a little touch of the cloud.

Automating Citrix Netscaler and PowerShell

This is something I have been wanting to do for some time now, and now that I am doing a lot of research for my upcoming book, this subject poped up in my head…. How can we automate setup on a Citrix Netscaler ?

Citrix Netscaler has a NITRO protocol which is in essence a REST interface, which means that we have an API to communicate with on the Netscaler. We can also make custom applications using C# and JAVA since within the NITRO SDK comes with common libraries for both.

You can download the Netscaler SDK for each build in mycitrix.com
Link to the latest SDK –> http://www.citrix.com/downloads/netscaler-adc/sdks/netscaler-sdk-release-101.html

Extract the Csharp tar file and browse into the lib folder. Here we have to import the two library files.

$path1 = Resolve-Path Newtonsoft.Json.dll
[System.Reflection.Assembly]::LoadFile($path1)
$path = Resolve-Path nitro.dll
[System.Reflection.Assembly]::LoadFile($path)

After we have imported the library files we can start a connection to Netscaler. First of we can either code the variables here NSIP, Username and password before or we can use read-host command. In this example the NSIP of the Netscaler is set to 192.168.88.3 and the username and password is default nsroot Smilefjes As you can see security is my top priority Smilefjes

$nsip = «192.168.88.3»
$user = «nsroot»
$pass = «nsroot»

$nitrosession = new-object com.citrix.netscaler.nitro.service.nitro_service($nsip,”http”)
$session = $nitrosession.login($user,$pass)

This COM object is the one that contains the common services against the Netscaler for instance

  • Login / Logout
  • Save Config
  • Restart
  • Enable / Disable features

If we wanted to for instance do a restart we would need to use the same object. For instance some examples to save config and restart.

$session = $nitrosession.save_config()

$session = $nitrosession.reboot($true)

Since the Com object is already loaded we can just run the commands directly. Just to name a few (refer to the SDK documentation for info about all the classes)
So what are some of the basic configurations that we need to do on a Netscaler? First of we need to change the default hostname for instance.

$hostname = New-Object com.citrix.netscaler.nitro.resource.config.ns.nshostname
$hostname.hostname = «NSpowershell»;
$ret_value=[com.citrix.netscaler.nitro.resource.config.ns.nshostname]::update($nitrosession,$hostname) 

Next we should also add an DNS server to the Netscaler so It can do hostname lookups.

$dns = New-object com.citrix.netscaler.nitro.resource.config.dns.dnsnameserver
$dns.ip = «192.168.88.10»;
$ret_value=[ com.citrix.netscaler.nitro.resource.config.dns.dnsnameserver]::add($nitrosession,$dns)

And then if we want it to do load-balancing we first need to add a server or two which we want it to load-balace.

$server1 = New-Object com.citrix.netscaler.nitro.resource.config.basic.server
$server1.name = «Powershell»;
$server1.ipaddress = «192.168.88.100»;  
$ret_value=[com.citrix.netscaler.nitro.resource.config.basic.server]::add($nitrosession,$server1)

Next we need to bind that server to a service.

$service1 = New-Object com.citrix.netscaler.nitro.resource.config.basic.service
$service1.name = «IIS»;
$service1.servicetype = «HTTP»;
$service1.monitor_name_svc =»http»;
$service1.port=»80″;
$service1.servername=»MSSQL»;
$ret_value=[com.citrix.netscaler.nitro.resource.config.basic.service]::add($nitrosession,$service1)

And lastly create a load balanced vServer and do a service to vServer binding.

$lbvserver1 = New-Object com.citrix.netscaler.nitro.resource.config.lb.lbvserver
$lbvserver1.name=”lbvip_sample”;
$lbvserver1.servicetype=”http”;
$lbvserver1.port=»8080″;
$lbvserver1.ipv46=»192.168.88.25″;
$lbvserver1.lbmethod=»ROUNDROBIN»;
$lbvserver1.servicename=»IIS»      
$ret_value=[com.citrix.netscaler.nitro.resource.config.lb.lbvserver]::add($nitrosession,$lbvserver1)

$lb_to_service = New-object com.citrix.netscaler.nitro.resource.config.lb.lbvserver_service_binding
$lb_to_service.name = «lbvip_sample»;
$lb_to_service.servicename = «IIS»;
$ret_value=[com.citrix.netscaler.nitro.resource.config.lb.lbvserver_service_binding]::add($nitrosession,$lb_to_service)

And of course lastly remember to save the config of the Netscaler

So there you have it, some example Netscaler/PowerShell commands! I just getting started here myself so I will return when I have some more usefull commands and im going to make a custom setup script as well Smilefjes

Cross platform monitoring System Center Operations Manager

First of, this is a looong post Smilefjes

This is a subject that actually I presented at the NIC conferance in Norway in january.
How we can use Operations Manager to monitor other worksloads other then Microsoft / Windows. Since in most enterprises they have a lot of different platforms such as:
Linux, Vmware, Citrix, Cisco, Microsoft and of course many are looking at towards cloud solutions such as Amazon and Azure.

So im going to show short on each topic how we can use operations manager to monitor all of these solutions.

Now by itself Operations Manager has a good extensive list of monitoring options against Microsoft workloads such as

* Exchange
* SharePoint
* System Center
* Lync
* Active Directory

You can see here for a comprehensive list of Management Packs available for Operations Manager –> http://social.technet.microsoft.com/wiki/contents/articles/16174.microsoft-management-packs.aspx

And of course there is support for Network devices and some Unix/Linux distroes.

The list of supported Network Devices is here –> http://www.microsoft.com/en-us/download/details.aspx?id=26831 Note that operations manager uses SNMP and ICMP for monitoring Network devices.

For UNIX/LINUX based devices you have a newly added managmenet pack –> http://www.microsoft.com/en-us/download/details.aspx?id=29696
It supports CentOS, SUSE Linux, Red Hat, Solaris and Ubuntu and so on.

Now all of the options i’ve list so far is built-in capabilities. Operations Manager works with using agents (Except for Network devices) you have an agent installed, you import a management pack which contains the logic such as rules and alerts, views and reports and you start getting notifications.

So when monitoring for instance Hyper-V we need an agent installed on our Hyper-V agents and the Hyper-V management pack.  There is also an VMM management pack which gives us a more detailed overovew of our Hyper-V / Cloud infrastructure
Hyper-V

image

VMM

image

Monitoring Citrix Netscaler

For Network devices, we need to have the SNMP service installed on our management server. This can be done using Server Manager or the PowerShell command.

Install-Windowsfeature SNMP-service

After that is done we define the service to allow SNMP packets from hosts.

image

After this is done we have to do some changes to the network device. If we for instance want to monitor Citrix Netscaler we first need to download Netscaler management pack from Citrix. If we have a Netscaler running in our enviroment we have a download pane in the GUI

image

And download the management pack

image

Then import the management pack to SCOM. Which can be done under administation –> management packs –> import.

Then we have to add some SNMP configuration to Netscaler to allow it to communicate with SCOM. This can be done using the CLI command

8

Community string is used for authentication against the SCOM server.  Next we need to run a network discovery rule

Make sure that the default account here has the same credentials as the community string we entered on the Netscaler

ns1

Then under Devices, enter IP address and choose SNMP version 1 / 2 and bind the run account

ns1

After we ran the discovery we have the Netscaler device appear in our infrastructure under network devices.

12

Monitoring XenDesktop

Monitoring XenDesktop 7.x requires a Managment Pack from a Citrix partner called ComTrade. They make Management Packs for most of the Citrix products. The setup is pretty basic and install the agent that they come with on the XenDesktop Controller and on the Management Server and add an license

image

Import the management Packs for XenDesktop.We also have to define the agent installed on the XenDesktop Delivery Controller as an Proxy, this allows it to fetch data outside of its object.

And voila we have a custom view for XenDesktop which gives us a good overview of the Site and can also view how many sessions on the site.

image

As a part of the transition to the Cloud many are looking at a hybrid cloud solution where we have a combined on-premise and a public cloud provider, but one of the problems that appear is monitoring cloud services on the cloud provider.

Monitoring XenServer

Again, since this is a Citrix product it requires a management pack from ComTrade. XenServer is using a custom built FreeBSD so we cannot use the regular Unix/linux management pack to monitor it. On theo ther hand using the Management Pack from ComTrade gives us the total overview.

In order to monitor a XenServer we need a regular server running as an proxy agent. This server will be running as an Xenserver management proxy, so this will connect to the XenServer pool and gather data and report back to Management Server.

First we need again to enter a connection to the pool from the proxy agent

image¨

Then enter a license (or else the agent will not forward any information at all)

and voila!
image

 

Monitoring Azure

Monitoring services in Azure is not as easy as It seems, we can use S2S VPN and have an agent installed on all VMs running there, or setup a gateway server but this only covers the virtual machines and does not cover the other roles there.

Microsoft luckily created a managmenet pack that we can use to monitor Azure services directly from Operations Manager. You can find it here –> http://www.microsoft.com/en-us/download/details.aspx?id=38414

After importing the management pack we will get a new pane under Administration called Windows Azure, here we have to setup Operations Manager against an Azure account we wish to monitor.

Here we have to enter a subscription ID and a Management Certificate against our account

After we are done here, we acn go to authoring and setup  Azure monitoring. Since it by default does not start to monitor objects in Azure, we have to define which objets it should monitor.

Here we can monitor our Cloud Services, Subscription, Virtual Machines and Storage Containers. So after we have configured what we want it to monitor it will start generating alerts.

image

Monitoring Amazon Web Services

Amazon has done a good job when creating its Management Pack for Web Services. (Which can be downloaded from here –> https://aws.amazon.com/windows/system-center/

It contains good information and gives a good overview of most of your infrastructure running in Amazon.

To setup monitoring, import the management pack. Go into Authoring pane and run the Amazon Web Services under Management Pack objects. Here we need to define a watcher node (which will be used to communicate with Amazon as define a run as account.
The run as account should be in form of an Access Key ID and the Secret Access ID using Basic Authentication.

After we have that setup it will start gathering info and start monitoring objects as they appear.

image

Monitoring Unix/Linux agents

Monitoring Unix/Linux requires that we import the management pack for monitoring Unix/Linux, which can be found here –> http://www.microsoft.com/en-us/download/details.aspx?id=29696

Now in my case I want to monitor ubuntu, then I need to use the Universal Linux MP. Since ubuntu does not have its own management pack. After I’ve imported that I have to setup two accounts under Adminsitration –> Unix/Linux accounts

ONe for agent maintance and one for monitoring.  Both of these have to be bound to a profile. (You can see more about accounts which need to be defined here –> http://technet.microsoft.com/en-us/library/hh287150.aspx)

After that we have to setup a discovery (note the linux server needs to be entered with a DNS name)

image

Monitoring VMware

Monitoring VMware from operations manager, requires an Management pack from Veeam.
The management pack requires that we have some extra components installed on a server which has an Operations manager agent installed. This server is used to communicate with vCenter and get info from the Vmware enviroment.

These components are web services which allow communication flow

•Veeam Vmware Collector

•Veeam Virtualization Extensions Services

•Veeam Virtualization Extensions UI

(These components can be installed on the same server)

After these components has been installed we have to setup connection to vCenter from the Extensions Services web gui.

image

After this is done we will start to get information into Operations Manager.

image

 

Now there are also some other Management Packs which are on Microsoft Pinpoint which shows other third party products which we can monitor from Operations Manager.
Many third party vendors do not have their management pack available on Pinpoint to contact your vendor in case you are unsure if they have a management pack.  Important to note that this is just to show the possbilities we have with Operations Manager, important to many management packs will in many cases slow down your setup and requires alot of tuning before it works as you want it to Smilefjes

XenApp 7.5 the return of XenApp

So after the public announcement Citrix made earlier today, it was clear that they are going to bring back XenApp to life more or less. You can see more about the product here –>

Not quite, even thou it is called XenApp it is still running the XenDesktop FMA architecture beneath. The reason why they are bringing the XenApp name ? because of the brand, since many people are very familiar with the name and the concept it brings. Since many think of XenDesktop as an VDI solution.

It will again be available as the same versions that it was before, Advanced, Enterprise and platinum. Thus meaning the end of XenDesktop app edition (Since this is actually the XenApp functionality) Customers that have XenDesktop App edition have the same functionality as XenApp Enterprise 7.5

So what does XenApp 7.5 bring to the playing field ?

Hybrid Cloud provisioning  – To AWS and Cloudplatform (No Azure here! will come later) gives the ability to provision XenApp servers directly in to the cloud provider.

And for existing XenApp 6.5 customers you have more mobile HDX funcionality to provider an better application delivery to mobile devices.

So for those that were hoping for a full return of XenApp, well it just marketing group that is doing a name change to the existing productline to use its branding to its full potential Smilefjes

So the 7.5 product line is rumored to be released in the summer, is it going to be interesting to see what Project Merlin will bring besides the hybrid cloud provisioning Smilefjes

 

Also you can see what else is available here, it will be released in March

http://www.citrix.com/products/xenapp/whats-new.html

http://www.citrix.com/products/xendesktop/whats-new.html

Netscaler, new java and new problems

So the latest Java update Version 7 Update 51 again contains new updates and again more security fixes. Alas it also stops Netscaler from working. Even thou Citrix released a new build today 123.81 it does not working with the latest version.

image

In order to fix the issue we need to add the netscaler URL to a JAVA exception, open the control panel applet.

image

And choose Edit Site list and add an exception.

image

After that, restart the browser and start again Smilefjes

Citrix XenMobile exam 1Y0-370 exam

Citrix just recently released a XenMobile exam covering much from ZenPrice (MDM function) AppController, Storefront, Netscaler Gateway, Worxapps and such.

More about the exam can be found here, Study info –> http://training.citrix.com/resources/Exam%20Prep%20Guides/370/1Y0-370%20Designing%20Deploying%20and%20Managing%20Citrix%20XenMobile%20Solutions%20Preparation%20Guide.pdf 

After taking this exam it will give you the title of Citrix Certified Professional – Mobility.

Now the following CTX articles might give you a pointer in the right direction regarding what’s covered in the exam

Configure Netscaler Gateway with AppController –> http://support.citrix.com/article/CTX139319

How to view patches installed on ZDM Server –>
http://support.citrix.com/article/CTX136968

Configure AppController to provide STA tickets for Worxmail –>
http://support.citrix.com/proddocs/topic/xmob-deployment/xmob-appc-config-sta-tsk.html

Deploying XenMobile Netscaler Connector –>
http://support.citrix.com/proddocs/topic/xmob-xnc-85/xmob-xnc-deploy-wrapper-con.html

Install XenMobile Netscaler Connector –>
http://support.citrix.com/proddocs/topic/xmob-xnc-85/xmob-xnc-install-wrapper-con.html

Manage XenMobile Netscaler Connector –>
http://support.citrix.com/proddocs/topic/xmob-xnc-85/xmob-xnc-manage-wrapper-con.html

Monitor XenMobile Netscaler Connector –>
http://support.citrix.com/proddocs/topic/xmob-xnc-85/xmob-xnc-monitor-wrapper-con.html

Evaluating XenMobile Effects on Device Battery LIfe –>
http://support.citrix.com/proddocs/topic/xenmobile-connect-users/xmob-worx-about-batterylife-con.html

Configure High-availability on Device Manager –> http://support.citrix.com/proddocs/topic/xmob-dm-85/xmob-dm-manage-ha-wrapper-con.html

Configure High-availability on AppController –>
http://support.citrix.com/proddocs/topic/appcontroller-28/xmob-appc-ha-wrapper-con.html

Install Device Manager –>
http://support.citrix.com/proddocs/topic/xmob-dm-85/xmob-dm-install-setup-wizard-tsk.html

Enrolling users –>
http://support.citrix.com/proddocs/topic/xmob-dm-85/xmob-dm-connect-enroll-usersdevices-wrapper-con.html

Recovering a Primary StorageZones connector –>
http://support.citrix.com/proddocs/topic/sharefile-storagezones-21/sf-manage-restore-primary.html

Installing XenMobile mail manager –>
http://support.citrix.com/proddocs/topic/xmob-xmm-85/xmob-xmm-install-wrapper-con.html

Configuring Location Services for Devices –>
http://support.citrix.com/proddocs/topic/xmob-dm-8/xm-dm-locationsvs-wrapper-con.html

Configuring Automated Actions –>
http://support.citrix.com/proddocs/topic/xmob-dm-config-86/xmob-dm-auto-actions-wrapper-con.html

XenMobile Pre installation –>
http://support.citrix.com/proddocs/topic/xmob-deployment/xmob-deploy-xenmobile-checklist-con.html

Configuring MDX policies for iOS apps in AppController –>
http://support.citrix.com/proddocs/topic/appcontroller-28/xmob-appc-mobile-apps-policies-ios-con.html

Configuring enrollment modes –>
http://support.citrix.com/proddocs/topic/xmob-dm-8/xmob-dm-connect-config-enroll-mode-con.html

MDX policies –>
http://support.citrix.com/proddocs/topic/appcontroller-28/xmob-appc-mobile-app-suite-policies-overview-con.html

Configure GotoAssist with XenMobile –<
http://support.citrixonline.com/en_US/gotoassist%20express/knowledge_articles/000123065?title=How+to+Configure+GoToAssist+for+XenMobile%7D

Managing Devices –>
http://support.citrix.com/proddocs/topic/xmob-dm-config-86/xmob-dm-manage-devices-wrapper-con.html

Addind Apps for Android –>
http://support.citrix.com/proddocs/topic/xmob-dm-config-86/xmob-dm-add-app-android-con.html

Adding Apps for iOS –>
http://support.citrix.com/proddocs/topic/xmob-dm-config-86/xmob-dm-add-app-ios-con.html

And read the prep guide to make sure you understand all the Objectives that are covered further down in the list, this will make you better prepared for what questions might pop up.

You can read it here –> http://bit.ly/1cPanxu

Følg

Få nye innlegg levert til din innboks.

Bli med 41 andre følgere