This session will cover some of the industry-standard OWASP Top 10, a list describing the most prevalent security attacks on production environments. We will cover the Citrix NetScaler appliance and its role in shutting down these common vulnerabilities, and how to effectively do so through the use of the Application Firewall and protection features.
What you will learn
- How to protect against security attacks with Application Firewall
- How to reinforce your environment through NetScaler protection features
- How to simulate a vulnerable web server environment for testing
Manage and Diagnose your Environment using Citrix Insight ServicesDavid McGeough
Citrix Insight Services (CIS) is a simple, online troubleshooting platform and health-checker for your Citrix environment. It provides known issue diagnostics, as well as best proactive advice and a simple interface to review your environment.
Join this webinar to learn about this exciting tool, and how it can help you in managing and optimizing your Citrix environment
What you will learn:
- What Citrix products are supported and how to generate log files
- How to navigate the console (demo)
- Types of issues CIS can resolve
- How to sign up and starting using it (its free!)
Citrix TechEdge 2014 - Best Practices for Implementing, Administering, and Tr...David McGeough
Citrix XenDesktop introduced a number of new concepts and processes for Desktop Administrators. Understanding these advancements and their effect on is key to a stable XenDesktop environment. This session will discuss core deployment and configuration concepts and considerations and provide proven practices for troubleshooting the top three XenDesktop issues.
What you will learn
- Concepts for successful deployment of a XenDesktop site
- Configuring a typical site and understanding the common challenges
- Troubleshooting registration, connection, and machine creation issues
- Citrix Quick Launch
Best practices for implementing, administering, and troubleshooting XenDeskto...David McGeough
Recording from this webinar can be found here:
http://www.citrix.com/tv/#videos/11549
Citrix XenDesktop introduced a number of new concepts and processes for Desktop Administrators. Understanding these advancements and their effect on is key to a stable XenDesktop environment. This session will discuss core deployment and configuration concepts and considerations and provide proven practices for troubleshooting the top three XenDesktop issues.
What you will learn
- Concepts for successful deployment of a XenDesktop site
- Configuring a typical site and understanding the common challenges
- Troubleshooting registration, connection, and machine creation issues
- Citrix Quick Launch
Maintaining and Troubleshooting your XenDesktop 7.5 EnvironmentDavid McGeough
This session will step through the most common issues you can experience with XenDesktop 7.5. In addition, we’ll also cover the best troubleshooting tools to maintain your environment.
The scripts referenced in this webinar can be found here:
https://citrix.sharefile.com/d/s1e724ab3ab14a96a
The recording of this webinar can be found here:
http://www.citrix.com/tv/#videos/11494
Using NetScaler Insight to Troubleshoot Network and Server Performance IssuesDavid McGeough
"During this session we will cover NetScaler Insight, which gives you visibility across your network AND allows you to see the end user experience. In this session, Ronan will install and configure Insight, and demonstrate how to use it to drill down and pinpoint network or performance issues.
During this session, you will learn:
- Basics of the HTTP protocol
- How to Install & configure Insight
- Use Insight to pinpoint performance issues
- NetScaler performance metrics when load balancing traffic"
NetScaler Deployment Guide for XenDesktop7Nuno Alves
This guide demonstrates how to deploy Citrix NetScaler in conjunction with Citrix XenDesktop 7 with a focus on both simplicity in configuration and advanced features not easily delivered with other products. This guide shows how to provision the XenDesktop 7 infrastructure, the NetScaler appliance and NetScaler Insight Center services to extend Citrix virtual desktop infrastructure and services to remote users in small to medium-size enterprises.
Recorded webinar is here: https://www1.gotomeeting.com/register/927927145
This session will take a technical look into XenApp 7.5 and how to approach an deployment. We’ll cover general architecture, new features and how to best move to the platform.
Citrix TechEdge 2014 - Citrix Group Policy Troubleshooting for XenApp and Xen...David McGeough
Understanding the Citrix Group Policy architecture and how to troubleshoot is key to ensuring a stable environment. This session will provide an overview of the Citrix Group Policy architecture and troubleshooting tool and steps that can be leveraged in both XenApp and XenDesktop environments.
What you will learn
- General components and architecture of Citrix Group Policy
- Best practices and disaster recovery for Citrix Group Policy
- Troubleshooting Citrix Group Policy issues
Manage and Diagnose your Environment using Citrix Insight ServicesDavid McGeough
Citrix Insight Services (CIS) is a simple, online troubleshooting platform and health-checker for your Citrix environment. It provides known issue diagnostics, as well as best proactive advice and a simple interface to review your environment.
Join this webinar to learn about this exciting tool, and how it can help you in managing and optimizing your Citrix environment
What you will learn:
- What Citrix products are supported and how to generate log files
- How to navigate the console (demo)
- Types of issues CIS can resolve
- How to sign up and starting using it (its free!)
Citrix TechEdge 2014 - Best Practices for Implementing, Administering, and Tr...David McGeough
Citrix XenDesktop introduced a number of new concepts and processes for Desktop Administrators. Understanding these advancements and their effect on is key to a stable XenDesktop environment. This session will discuss core deployment and configuration concepts and considerations and provide proven practices for troubleshooting the top three XenDesktop issues.
What you will learn
- Concepts for successful deployment of a XenDesktop site
- Configuring a typical site and understanding the common challenges
- Troubleshooting registration, connection, and machine creation issues
- Citrix Quick Launch
Best practices for implementing, administering, and troubleshooting XenDeskto...David McGeough
Recording from this webinar can be found here:
http://www.citrix.com/tv/#videos/11549
Citrix XenDesktop introduced a number of new concepts and processes for Desktop Administrators. Understanding these advancements and their effect on is key to a stable XenDesktop environment. This session will discuss core deployment and configuration concepts and considerations and provide proven practices for troubleshooting the top three XenDesktop issues.
What you will learn
- Concepts for successful deployment of a XenDesktop site
- Configuring a typical site and understanding the common challenges
- Troubleshooting registration, connection, and machine creation issues
- Citrix Quick Launch
Maintaining and Troubleshooting your XenDesktop 7.5 EnvironmentDavid McGeough
This session will step through the most common issues you can experience with XenDesktop 7.5. In addition, we’ll also cover the best troubleshooting tools to maintain your environment.
The scripts referenced in this webinar can be found here:
https://citrix.sharefile.com/d/s1e724ab3ab14a96a
The recording of this webinar can be found here:
http://www.citrix.com/tv/#videos/11494
Using NetScaler Insight to Troubleshoot Network and Server Performance IssuesDavid McGeough
"During this session we will cover NetScaler Insight, which gives you visibility across your network AND allows you to see the end user experience. In this session, Ronan will install and configure Insight, and demonstrate how to use it to drill down and pinpoint network or performance issues.
During this session, you will learn:
- Basics of the HTTP protocol
- How to Install & configure Insight
- Use Insight to pinpoint performance issues
- NetScaler performance metrics when load balancing traffic"
NetScaler Deployment Guide for XenDesktop7Nuno Alves
This guide demonstrates how to deploy Citrix NetScaler in conjunction with Citrix XenDesktop 7 with a focus on both simplicity in configuration and advanced features not easily delivered with other products. This guide shows how to provision the XenDesktop 7 infrastructure, the NetScaler appliance and NetScaler Insight Center services to extend Citrix virtual desktop infrastructure and services to remote users in small to medium-size enterprises.
Recorded webinar is here: https://www1.gotomeeting.com/register/927927145
This session will take a technical look into XenApp 7.5 and how to approach an deployment. We’ll cover general architecture, new features and how to best move to the platform.
Citrix TechEdge 2014 - Citrix Group Policy Troubleshooting for XenApp and Xen...David McGeough
Understanding the Citrix Group Policy architecture and how to troubleshoot is key to ensuring a stable environment. This session will provide an overview of the Citrix Group Policy architecture and troubleshooting tool and steps that can be leveraged in both XenApp and XenDesktop environments.
What you will learn
- General components and architecture of Citrix Group Policy
- Best practices and disaster recovery for Citrix Group Policy
- Troubleshooting Citrix Group Policy issues
Citrix TechEdge 2014 - Troubelshooting Top Issues with XenMobile Enterprise E...David McGeough
XenMobile Enterprise Edition includes multiple Citrix components which can result in many different integration issues. In this session we will review the top integration issues and discuss the recommended troubleshooting and prevention steps for each issue.
What you will learn:
- Device Manager and App Controller integration best practices
- NetScaler configuration troubleshooting - SSL Bridge vs. SSL Offloading
- Device Manager enrollment - using a 3rd party certificate
This session will take a technical look into XenDesktop 7.5 and how to approach an deployment. We’ll cover general architecture, new features and how to best move to the platform.
Webinar recording: http://www.citrix.com/tv/#videos/11383
Maintaining and Troubleshooting your XenApp 7.5 EnvironmentDavid McGeough
Recording of this webinar is here
http://www.citrix.com/tv/#videos/11450
This session will step through the most common issues you can experience with XenApp 7.5. In addition, we’ll also cover the best troubleshooting tools to maintain your environment.
Citrix TechEdge 2014 - A Deep Dive Look Into Supporting XenDesktopDavid McGeough
Supporting a XenDesktop environment is not just about being able to collect and consume detailed log files and traces. The fact is, it is much more than this. A good understanding of the FMA architecture and expected behavior can go a long way to resolving various technical issues. Join Kimberly Ferrie and Mick Glover as they discuss and demonstrate how to apply this knowledge when supporting a XenDesktop environment.
What you will learn
- How the various FMA services interact with each other and the Site Database
- How to check the true state of FMA services and validate site functionality through PowerShell
- How to create various types of Service and Database Schema scripts
- How to configure Site policies to control access to resources
10 Tips Every XenDesktop Admin Should KnowDavid McGeough
The recording of this webinar can be found here:
https://www1.gotomeeting.com/register/549106393
PoSH scripts used in webinar
https://citrix.sharefile.com/d/s6f2aa129f424c43b
As a XenDesktop administrator, it’s your responsibility to make sure your XenDesktop infrastructure is running smoothly and your users are working efficiently. In this webinar our very own XenDesktop master, Michael Glover will guide you in utilizing our award winning solution for virtual desktop delivery, XenDesktop, with some really key tips and time savers to help you make the very most of your investment. Michael has been involved in XenDesktop from day one and has gathered a huge amount of knowledge which he would love to share with you.
During this webinar you will:
• Learn to carry out advanced administration tasks using the public PoSH SDK
• Troubleshoot and resolve serious Site issues
• Learn how to carry out real-time infrastructure testing to validate site functionality
• Learn how to use key Tools to Troubleshoot XD issues
• Gain greater in-dept knowledge of the internal workings of XenDesktop
Virtualization Forum 2015, Praha, 7.10.2015
sál Citrix
Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf.
Troubleshooting a XenDesktop Environment using the PowerShell SDKDavid McGeough
The Citrix XenDesktop PowerShell SDK is the foundation for all interactions with a XenDesktop database and is the same SDK used by Desktop Studio.
This deep dive session will include a behind-the-scenes look at several tools used by Citrix Technical Support that utilize the PowerShell SDK, including common configuration cmdlets and scripts. Learn how to use the SDK to more effectively configure, monitor and troubleshoot issues in a XenDesktop environment.
What you will learn:
• About the PowerShell SDK and the role it plays in a XenDesktop environment
• Common configuration cmdlets and scripts used by Citrix Technical Support
• Advanced scripting techniques used to troubleshoot complex issues
Common Pitfalls when Setting up a NetScaler for the First TimeDavid McGeough
Sometimes setting up a NetScaler may seem an impossible. What do you do when you hit a roadblock at an early stage?
In this session, Ronan will step through the most common issues you can experience at an early stage of your NetScaler deployment, and how to diagnose them using on-box tools.
During this session you will learn:
- Troubleshooting basic setup issues
- Health Checks
- Introducing redundancy and removing single point of failure
- Logging – what happened historically
This webinar will cover the current state of MCS and PVS. We'll look at how MCS and PVS work differently on hypervisors like ESXi and Hyper-V. We will look at new target platforms such as Windows Server 2012 R2 to see if PVS or MCS behave differently.
And lastly we will dive into the new VHDX-based PVS wC option and why you should be using it for all your workloads.
The webinar will be presented by Nick Rintalan
Citrix Provisioning Services (PVS) functionality targets network client machines that boot and connect to provisioning services servers under the guidelines specified in the PXE 2.1 specification. This in-depth technical session will provide a step-by-step detailed overview of the target boot process used by provisioning services versions 5.6.x and 6.x.
In this session you will learn about:
• Components and architecture of the PVS boot process
• Troubleshooting PVS boot issues
• Load balancing and failover technology
Troubleshooting XenApp with the Citrix Diagnostic ToolkitDavid McGeough
When problems occur, support engineers need data points, debug tracing and context information to help determine root causes. Preparation and organization of commonly used tools has always been a time-consuming challenge, especially during outages. The Citrix diagnostics toolkit (CDT) addresses these challenges by rapidly deploying a suite of tools and options in an easy-to-use structured format.
What you will learn:
• What is the Citrix Diagnostics Toolkit?
• How and when to use the CDT?
• How the CDT helps Citrix deliver better technical support?
The
This webinar will touch on the architectural changes in XenApp 7.5. The session will also cover the Citrix Consulting Methodology, which focuses on ensuring that projects are properly planned and designed before implementation begins.
Advanced Tools and Techniques for Troubleshooting NetScaler AppliancesDavid McGeough
This session will cover advanced techniques in troubleshooting the Citrix NetScaler Appliance using tools such as Citrix TaaS, IPMI, nsconmsg, wireshark and log analysis. We will review usages of these tools along with case studies showing how to best troubleshoot common issues seen in operating Citrix NetScaler Appliances.
What you will learn
- Various tools available to troubleshoot issues and how to use them to isolate NetScaler Issues
- Common deployment problems and how to isolate the causes
Slides der Präsentation von Simeon Bosshard, Citrix, am Citrix Day 2014 von Digicomp.
Das HTML 5 GUI im Release 10.5 des NetScaler ist eine Neuerung, aber nicht die einzige. Erfahren Sie mehr über die wichtigsten Änderungen wie etwa MobileStream, Cisco RISE und ACI Integration sowie die Erweiterungen im Authentication-Bereich. Natürlich kommen die Neuerungen in den Core-Bereichen Loadbalancing, SSL Offloading etc. ebenfalls nicht zu kurz.
Configuring and Troubleshooting XenDesktop SitesDavid McGeough
Citrix XenDesktop introduced a number of new concepts and processes for desktop administrators. The goal of this session is to demystify these concepts and provide a tactical approach to deployment and troubleshooting of a XenDesktop environment. In this session we will demonstrate the core configuration that is required, and also cover proven troubleshooting approaches to the top three problems we see in customer deployments.
Citrix TechEdge 2014 - Troubelshooting Top Issues with XenMobile Enterprise E...David McGeough
XenMobile Enterprise Edition includes multiple Citrix components which can result in many different integration issues. In this session we will review the top integration issues and discuss the recommended troubleshooting and prevention steps for each issue.
What you will learn:
- Device Manager and App Controller integration best practices
- NetScaler configuration troubleshooting - SSL Bridge vs. SSL Offloading
- Device Manager enrollment - using a 3rd party certificate
This session will take a technical look into XenDesktop 7.5 and how to approach an deployment. We’ll cover general architecture, new features and how to best move to the platform.
Webinar recording: http://www.citrix.com/tv/#videos/11383
Maintaining and Troubleshooting your XenApp 7.5 EnvironmentDavid McGeough
Recording of this webinar is here
http://www.citrix.com/tv/#videos/11450
This session will step through the most common issues you can experience with XenApp 7.5. In addition, we’ll also cover the best troubleshooting tools to maintain your environment.
Citrix TechEdge 2014 - A Deep Dive Look Into Supporting XenDesktopDavid McGeough
Supporting a XenDesktop environment is not just about being able to collect and consume detailed log files and traces. The fact is, it is much more than this. A good understanding of the FMA architecture and expected behavior can go a long way to resolving various technical issues. Join Kimberly Ferrie and Mick Glover as they discuss and demonstrate how to apply this knowledge when supporting a XenDesktop environment.
What you will learn
- How the various FMA services interact with each other and the Site Database
- How to check the true state of FMA services and validate site functionality through PowerShell
- How to create various types of Service and Database Schema scripts
- How to configure Site policies to control access to resources
10 Tips Every XenDesktop Admin Should KnowDavid McGeough
The recording of this webinar can be found here:
https://www1.gotomeeting.com/register/549106393
PoSH scripts used in webinar
https://citrix.sharefile.com/d/s6f2aa129f424c43b
As a XenDesktop administrator, it’s your responsibility to make sure your XenDesktop infrastructure is running smoothly and your users are working efficiently. In this webinar our very own XenDesktop master, Michael Glover will guide you in utilizing our award winning solution for virtual desktop delivery, XenDesktop, with some really key tips and time savers to help you make the very most of your investment. Michael has been involved in XenDesktop from day one and has gathered a huge amount of knowledge which he would love to share with you.
During this webinar you will:
• Learn to carry out advanced administration tasks using the public PoSH SDK
• Troubleshoot and resolve serious Site issues
• Learn how to carry out real-time infrastructure testing to validate site functionality
• Learn how to use key Tools to Troubleshoot XD issues
• Gain greater in-dept knowledge of the internal workings of XenDesktop
Virtualization Forum 2015, Praha, 7.10.2015
sál Citrix
Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf.
Troubleshooting a XenDesktop Environment using the PowerShell SDKDavid McGeough
The Citrix XenDesktop PowerShell SDK is the foundation for all interactions with a XenDesktop database and is the same SDK used by Desktop Studio.
This deep dive session will include a behind-the-scenes look at several tools used by Citrix Technical Support that utilize the PowerShell SDK, including common configuration cmdlets and scripts. Learn how to use the SDK to more effectively configure, monitor and troubleshoot issues in a XenDesktop environment.
What you will learn:
• About the PowerShell SDK and the role it plays in a XenDesktop environment
• Common configuration cmdlets and scripts used by Citrix Technical Support
• Advanced scripting techniques used to troubleshoot complex issues
Common Pitfalls when Setting up a NetScaler for the First TimeDavid McGeough
Sometimes setting up a NetScaler may seem an impossible. What do you do when you hit a roadblock at an early stage?
In this session, Ronan will step through the most common issues you can experience at an early stage of your NetScaler deployment, and how to diagnose them using on-box tools.
During this session you will learn:
- Troubleshooting basic setup issues
- Health Checks
- Introducing redundancy and removing single point of failure
- Logging – what happened historically
This webinar will cover the current state of MCS and PVS. We'll look at how MCS and PVS work differently on hypervisors like ESXi and Hyper-V. We will look at new target platforms such as Windows Server 2012 R2 to see if PVS or MCS behave differently.
And lastly we will dive into the new VHDX-based PVS wC option and why you should be using it for all your workloads.
The webinar will be presented by Nick Rintalan
Citrix Provisioning Services (PVS) functionality targets network client machines that boot and connect to provisioning services servers under the guidelines specified in the PXE 2.1 specification. This in-depth technical session will provide a step-by-step detailed overview of the target boot process used by provisioning services versions 5.6.x and 6.x.
In this session you will learn about:
• Components and architecture of the PVS boot process
• Troubleshooting PVS boot issues
• Load balancing and failover technology
Troubleshooting XenApp with the Citrix Diagnostic ToolkitDavid McGeough
When problems occur, support engineers need data points, debug tracing and context information to help determine root causes. Preparation and organization of commonly used tools has always been a time-consuming challenge, especially during outages. The Citrix diagnostics toolkit (CDT) addresses these challenges by rapidly deploying a suite of tools and options in an easy-to-use structured format.
What you will learn:
• What is the Citrix Diagnostics Toolkit?
• How and when to use the CDT?
• How the CDT helps Citrix deliver better technical support?
The
This webinar will touch on the architectural changes in XenApp 7.5. The session will also cover the Citrix Consulting Methodology, which focuses on ensuring that projects are properly planned and designed before implementation begins.
Advanced Tools and Techniques for Troubleshooting NetScaler AppliancesDavid McGeough
This session will cover advanced techniques in troubleshooting the Citrix NetScaler Appliance using tools such as Citrix TaaS, IPMI, nsconmsg, wireshark and log analysis. We will review usages of these tools along with case studies showing how to best troubleshoot common issues seen in operating Citrix NetScaler Appliances.
What you will learn
- Various tools available to troubleshoot issues and how to use them to isolate NetScaler Issues
- Common deployment problems and how to isolate the causes
Slides der Präsentation von Simeon Bosshard, Citrix, am Citrix Day 2014 von Digicomp.
Das HTML 5 GUI im Release 10.5 des NetScaler ist eine Neuerung, aber nicht die einzige. Erfahren Sie mehr über die wichtigsten Änderungen wie etwa MobileStream, Cisco RISE und ACI Integration sowie die Erweiterungen im Authentication-Bereich. Natürlich kommen die Neuerungen in den Core-Bereichen Loadbalancing, SSL Offloading etc. ebenfalls nicht zu kurz.
Configuring and Troubleshooting XenDesktop SitesDavid McGeough
Citrix XenDesktop introduced a number of new concepts and processes for desktop administrators. The goal of this session is to demystify these concepts and provide a tactical approach to deployment and troubleshooting of a XenDesktop environment. In this session we will demonstrate the core configuration that is required, and also cover proven troubleshooting approaches to the top three problems we see in customer deployments.
Cliqbee is quite young and promising e-commerce company located at Lucknow (India) and serving at global level. Day by day increasing strength of online shoppers is self explanatory. We are getting attention of people and exploring new localities with every effort. Huge range of products for buyers as well as sophisticated and simple seller panel differentiates us from our contemporaries. We are reaching to a level where equilibrium between buyers and seller sets on a specific psychological point. Our major strength is to access and satisfy isolated areas where online shoppers are available but delivery system normally fails. Cliqbee.com believes in making solid and long relationship with customers. You will witness world class operating panel and easy accessibility. Cliqbee has a vision and mission to unveil the curtain from online shopping difficulties. Coming time is of online shopping. Speedily increasing numbers of online shoppers is self explanatory that people are transforming their shopping habits. Our focus is pointed towards the person who has access to internet either through PC or Smartphone. Fastest delivery is our sharpest weapon and we are providing 24 hours delivery in Lucknow and within 3-4 working days in PAN India. For faster delivery, we have a strong tie-up with leading courier companies. Every succeeding month, we add a new target for increased shipment. Buyers! This is all because of you. We are committed to serve you better and better.
How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....Denis Gundarev
Imagine that you just found the new job of your dreams: You are now a system administrator in a large enterprise. Everything is going like clockwork, except for one major problem: There are 5 different versions of Presentation Server in use and there is no documentation for any system. Now imagine you are a consultant ready to do an assessment of Citrix infrastructure, but nobody in the company knows how many farms and servers exist, or how they are configured. (Wanting a new imaginary job yet?) In this session, Denis Gundarev will share tips on how to document infrastructure and tricks on how to find all components or users that are "forgotten." Attendees will learn several methods for elevating permissions and taking ownership of forgotten systems.
- Introduction to Web Security
- Why Is Security So Important?
- Web Security Considerations
- Web Security Approaches
- Secure Socket Layer (SSL) and Transport Layer Security (TLS)
- Secure Electronic Transaction (SET)
- Recommended Reading
- Problems
Basic overview, testing, mitigation plan for popular web application vulnerabilities such as: XSS, CSRF, SQLi etc.
Updated "Web Security - Introduction" presentation.
Slides zur Präsentation von Claudio Mascaro, BCD-SINTRAG AG, am Citrix Day 2014 von Digicomp.
Citrix bietet mit XenMobile eine umfassende Suite für das Enterprise Mobility Management, die viele Einzelaspekte in einer Lösung vereint: XenMobile bietet einen integrierten Ansatz, der es erlaubt, mobile Endgeräte, Apps und Daten von einer zentralisierten Stelle zu sichern und zu verwalten sowie Richtlinien auf Basis von Gerätebesitz, Status und/oder Standort festzulegen. Wir stellen die Lösung, Vorteile und Funktionen für MDM, MAM, EMM, Daten-Management und mobile Apps vor.
Vskills certification for Cloudstack Professional assesses the candidate as per the company’s need for deploying and managing cloud infrastructure. The certification tests the candidates on various areas in installation, configuration, deployment and management of cloudstack, applying authentication, provisioning cloud resources, offering various services, managing networking, hosts and storage, managing network traffic, system reliability and high availability.
MGT300 Using Microsoft System Center to Manage beyond the Trusted DomainLouis Göhl
Numerous Microsoft technologies are now taking advantage of digital certificate-based authentication to enable the support for and management of systems outside trusted networks and domains. Join us to learn how you can use digital certificates with System Center to extend your management capabilities beyond your immediate environment, and enable a single management infrastructure to manage systems and IT services across multiple trusted and untrusted domains.
Troubleshooting Tools – How to isolate and resolve issues in your XenApp & Xe...David McGeough
Part of the Citrix Support Secrets Webinar Series
This troubleshooting tools webinar will cover how to quickly define and troubleshoot problems in your Citrix XenApp and Citrix XenDesktop environment. We will look at various tools offered by Citrix to help identify, analyze and resolve the most common problems observed by Citrix Technical Support engineers.
What you will learn:
- How to troubleshoot and isolate connectivity/policies/session sharing issues
- How to use Citrix XDPing tool to troubleshoot
- How to use Citrix Quick Launch tool to troubleshoot
- How to use Scout for Citrix XenApp and Citrix XenDesktop
This webinar took place on Nov 29th, see recording here.
https://www1.gotomeeting.com/register/284459393
HBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data Centerdavehill99
In his article Virtualization 2.0 Is Your On-Ramp to the Cloud published on SIliconANGLE, VMware Cloud Strategist David Hill, writes, “Many companies today are recognizing value in the cloud even though they have no plans to mothball their own data centers. To them, the cloud represents both an extension of their on-premises infrastructures and the latest chapter in the ongoing evolution of their IT practice.”
David goes on to describe this latest chapter as “Virtualization 2.0,” because just as virtualization untethered workloads from servers, this stage is about untethering those same workloads from the data center itself, enabling apps to freely move between clouds the way they can move between servers today.
In this session you will learn about architecting your private cloud infrastructure for speed and agility using Citrix cloud solutions, including:
Considerations for cloud infrastructure deployment
How Citrix diamond-validated partner SSI used Citrix cloud solutions to enhance business for their customers
A cloud product demo highlighting speed and agility of infrastructure deployment
ControlCase discusses the following:
•About the cloud
•About PCI DSS
•PCI DSS in the cloud
•How to keep sensitive data secure as you move to the cloud
•Q&A
Slides zur Präsentation von Roger Bösch, Citrix, am Citrix Day 2014 von Digicomp:
XenDesktop ist Marktführer im Bereich Desktop-Virtualisierung und liefert die einzige Komplettlösung zur Mobilisierung von Windows-Anwendungen und -Desktops für beliebige Anwendungsfälle. Sie lernen die Neuerungen der aktuellen Version aus technischer Sicht kennen, erhalten Tipps und Tricks und weitere Informationen darüber, was Citrix Workspace Suite zu bieten hat.
Similar to Citrix TechEdge 2014 - How to Protect Against the Top 10 Web Security Issues with NetScaler (20)
Citrix Group Policy Troubleshooting for XenApp and XenDesktopDavid McGeough
Understanding the Citrix Group Policy architecture and how to troubleshoot is key to ensuring a stable environment. This session will provide an overview of the Citrix Group Policy architecture and troubleshooting tool and steps that can be leveraged in both XenApp and XenDesktop environments.
What you will learn
- General components and architecture of Citrix Group Policy
- Best practices and disaster recovery for Citrix Group Policy
- Troubleshooting Citrix Group Policy issues
Recording associated with this webinar can be found here - http://www.citrix.com/tv/#videos/12508
How to Protect Against top Web Security Issues With Citrix NetScalerDavid McGeough
This session will cover some of the industry-standard OWASP Top 10, a list describing the most prevalent security attacks on production environments. We will cover the Citrix NetScaler appliance and its role in shutting down these common vulnerabilities, and how to effectively do so through the use of the Application Firewall and protection features.
What you will learn
- How to protect against security attacks with Application Firewall
- How to reinforce your environment through NetScaler protection features
- How to simulate a vulnerable web server environment for testing
This session will cover how Worx home user authentication and communication flow works and what tools can be used for troubleshooting common authentication issues.
What you will learn
- XenMobile Enterprise authentication flow
- How Single Sign-on works between NetScaler Gateway and App Controller
- How "Step up" authentication works for WorxMail and WorxWeb
Citrix TechEdge 2014 - How to Troubleshoot Deployments of StoreFront and NetS...David McGeough
This session will cover common deployment methods for StoreFront using NetScaler Gateway as well as review troubleshooting techniques to isolate deployment issues.
What you will learn
- Configuration steps for deploying StoreFront server with NetScaler Gateway
- Design considerations when preparing for deployment
- Tools for troubleshooting it isolate issues
Citrix TechEdge 2014 - Advanced Tools and Techniques for Troubleshooting NetS...David McGeough
This session will cover advanced techniques in troubleshooting the Citrix NetScaler Appliance using tools such as Citrix TaaS, IPMI, nsconmsg, wireshark and log analysis. We will review usages of these tools along with case studies showing how to best troubleshoot common issues seen in operating Citrix NetScaler Appliances.
What you will learn
- Various tools available to troubleshoot issues and how to use them to isolate NetScaler Issues
- Common deployment problems and how to isolate the causes
Troubleshooting Common Network Related Issues with NetScalerDavid McGeough
Webinar recording: https://www1.gotomeeting.com/register/737119097
As a NetScaler Administrator, you will need to understand how the NetScaler interacts with the network to ensure an optimally running environment for your applications. In this Webinar delivered by NetScaler Escalation Engineers you will learn some of the common network configuration issues, how to avoid them and when necessary how to troubleshoot them.
You will learn how to troubleshoot:
- HA issues
- GARP issues
- LA channel issues
- Layer 2 issues
In-depth Troubleshooting on NetScaler using Command Line ToolsDavid McGeough
Webinar recording - https://www1.gotomeeting.com/register/753997104
Citrix NetScaler has a rich Web-based management suite of tools available. To dig deep troubleshooting NetScaler, sometimes it’s best to roll up your sleeves and dig out the command line!
The goal of this session is to demystify some useful command line tools and provide a tactical approach to troubleshooting of NetScaler.
In this session we will demonstrate troubleshooting approaches using the command line and many tips for common issues seen in customer deployments.
In this session you will learn about:
· Differences between NetScaler kernel and BSD
· Processes and disk layout
· Look up stats and statuses
· Troubleshoot using various different logs
· Use counters to help identify issues
Top Troubleshooting Tips and Techniques for Citrix XenServer DeploymentsDavid McGeough
This session will provide an expert insight into the most common issues encountered by Customers, Partners and Support engineers.
It’s a feature packed agenda which gets to the point quickly and concentrates on the issues we encounter continuously with XenServer deployments.
Implementing and Troubleshooting EdgeSightDavid McGeough
This presentation covers an overview of the product, detailed architecture and component review as well as an in-depth look at troubleshooting and tools available.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
Citrix TechEdge 2014 - How to Protect Against the Top 10 Web Security Issues with NetScaler
1. How To Troubleshoot Deployments of
StoreFront and NetScaler Gateway
Citrix Synergy, May 2014
Juan Zevallos, Escalation Engineer
Tweet about this session with hashtag #SYN401 and #citrixsynergy
Thank you for joining this session on How To Troubleshoot Deployments of StoreFront and NetScaler Gateway.
In this session, we are going to cover how to try and avoid issues altogether
How to find the real issue by understanding the communication flow
Then once you find the issue, what tools can you use to troubleshoot
Now that we went over the flow from authentication to establishing the ICA session, let’s go over what is needed to accomplish this
Let’s quickly go over the StoreFront integration steps and what you will need
Step 1: Enable Single Sign-On Authentication on StoreFront
This setting will allow StoreFront to evaluate the incoming HTTP request and perform the Authentication Callback if it determines that the user is coming from a Gateway
Step 2: In the StoreFront management console you will need to add a Gateway instance to associate with the StoreFront Store. Let’s go over each field
Display name: This can be whatever you’d like, just keep in mind that end users WILL see this display name if they open their Receiver options to select a Gateway. If you have multiple Gateway in different geographical locations, you can name each Gateway accordingly and have the user select which Gateway to access based on their current location, or you may have a disaster recovery environment that you want to include. This piece of information is included in the Discovery file that the Receiver client downloads to add the account.
NetScaler Gateway URL: This is the FQDN that end users will be accessing from the external network, end users should be typing this exact FQDN into their browser address bar. Receivers on mobile devices or windows and mac devices will automatically use this FQDN after it downloads this information from the StoreFront Store via the Store’s Discovery file.
We’ll cover the Subnet IP later in the presentation
The logon type should match the authentication method configured on the Gateway. So if you have LDAP and RSA authentication, change this field accordingly. This information gets entered into the Discovery file also
Callback URL: Whatever FQDN is entered in here, you should be able to open Internet Explorer on the StoreFront server and browse to this FQDN without certificate warnings and successfully load the logon page. If not, then Single Sign-On from the Gateway will most likely not work.
The last thing to configure is the Secure Ticket Authority (STA). This is the ticketing service used to securely launch an ICA session through the Gateway
Step 2: In the StoreFront management console you will need to add a Gateway instance to associate with the StoreFront Store. Let’s go over each field
Display name: This can be whatever you’d like, just keep in mind that end users WILL see this display name if they open their Receiver options to select a Gateway. If you have multiple Gateway in different geographical locations, you can name each Gateway accordingly and have the user select which Gateway to access based on their current location, or you may have a disaster recovery environment that you want to include. This piece of information is included in the Discovery file that the Receiver client downloads to add the account.
NetScaler Gateway URL: This is the FQDN that end users will be accessing from the external network, end users should be typing this exact FQDN into their browser address bar. Receivers on mobile devices or windows and mac devices will automatically use this FQDN after it downloads this information from the StoreFront Store via the Store’s Discovery file.
We’ll cover the Subnet IP later in the presentation
The logon type should match the authentication method configured on the Gateway. So if you have LDAP and RSA authentication, change this field accordingly. This information gets entered into the Discovery file also
Callback URL: Whatever FQDN is entered in here, you should be able to open Internet Explorer on the StoreFront server and browse to this FQDN without certificate warnings and successfully load the logon page. If not, then Single Sign-On from the Gateway will most likely not work.
The last thing to configure is the Secure Ticket Authority (STA). This is the ticketing service used to securely launch an ICA session through the Gateway
Once the Gateway is created, you’ll be able to bind it to the Store
The first thing you’ll have to do is select ‘No VPN tunnel’. The Full VPN tunnel is not necessary, unless you have XenMobile App Controller publishing Internal Web Links that require a full VPN tunnel from the client to the Gateway, this requires different configuration (See CTX139319)
Then you’ll select the Gateways to bind with the Store – you do have the option to bind multiple Gateways to a single Store
And then select the Default appliance, in cases where you have multiple Gateways
A file that can be used to automatically configure the Store Account into Receiver for any platform – Win/Mac, mobile, linux
End users can access the Discovery file by logging into the Receiver for Web site and clicking on Activate on the top right corner of the web site
Administrators can access the file by Exporting the Provisioning File from the StoreFront Management console, and then distribute the file to the end users
The Discovery file is meant to be opened by Receiver to add the account, but it can also be opened using a text editor since it just contains XML content
The top of the content contains the Store information, including the SRID, Name of the Store, and the BaseURL
Next, we have the information about the Gateway that is bound to the Store, including the Display Name, Authentication type, and the External FQDN that Receiver would use when connecting remotely
So how does Receiver determine whether it should use StoreFront’s BaseURL or the Gateway URL? It relies on the beacons
It’s going to first try to access this Internal beacon by sending an HTTP request to it, if the request comes back successful, then Receiver will connect to the StoreFront FQDN
If the HTTP request is NOT successful, then Receiver is going to check the External beacons and then eventually fallback to the Gateway FQDN
These beacon values can actually be changed from the StoreFront console, in case you want granular control of how and when users access StoreFront or the Gateway
The StoreFront’s BaseURL is the FQDN, configured during the initial setup of StoreFront, used by end users for internal access. This FQDN should be added to your DNS server and needs to resolve to the StoreFront’s server IP address or, if you have multiple StoreFront servers, the load balancer’s virtual IP address. The BaseURL can be found in the StoreFront’s management console and can be changed at any time.
Let’s go through the Gateway configuration steps
To start the wizard, change the Deployment Type to NetScaler Gateway on the NetScaler console logon page
Then click on Create New NetScaler Gateway on the top right of the page
The first step in the wizard is to create the Gateway virtual server by giving it a name, IP address, and port number.
There’s also an option create a virtual server that will redirect users who didn’t type HTTPS in there web browser’s address bar
The next step in the Wizard is to bind the certificate
You can select one already installed on the NetScaler
Or, you can upload one right then and there
The next step in the Wizard is to configure the authentication settings, the primary authentication is typically LDAP and once again you can choose an existing LDAP profile or configure a new one
You also have the option to setup a Secondary authentication
Keep in mind that the StoreFront FQDN and the Use HTTPS options should be based on the StoreFront BaseURL
A common mistake made is forgetting to specify the STA port
No matter how much we prepare, we can still run into problems. Now we are going over some typical issues that we run into in Support and how we troubleshoot these issues using various tools.
To troubleshoot an issue, or to narrow it down to something more specific, we first have to understand how all the pieces work together
“It’s easier to play the game, if you know the rules”
The user will establish an SSL connection to the Gateway virtual server and get prompted to enter their credentials
NetScaler will verify the credentials with Active Directory
Once authenticated, the user will be redirected to StoreFront
StoreFront will realize that the user authenticated at the Gateway and will retrieve those credentials
Once those credentials are received, the user’s resources will be enumerated
When the user clicks on a desktop to launch, StoreFront sends the ICA file to the user
The ICA file contains the necessary information to launch the Desktop through the Gateway (STA ID and Gateway FQDN)
The end user’s Receiver will establish a connection back to the Gateway on the NetScaler
The STA ticket StoreFront originally created for the ICA file will be retrieved by the NetScaler
NetScaler will then establish a connection to the server hosting the Desktop or App
One of the first things the user has to do is successfully authenticate at the Gateway before they have access to anything in the internal network
When authentication fails, there’s not much information presented to the client, other than their credentials were rejected.
One of the best tools to use for authentication issues is Aaad.debug – this is the output of the authentication pipe on the NetScaler that will display authentication and authorization processes that are happening
To start this output – start an SSH session into the NetScaler and go into the shell
Once in the shell, go the /tmp directory and then run cat aaad.debug to begin displaying the information
Here is an example of a failed attempt captured with aaad.debug
There’s usually a lot more lines of information but I just cut out the key ones
The first line listed here is that the authentication process for user juanz is starting
The first thing it does is an LDAP check, which means its trying to access the domain controller with the Service Account configured in the LDAP profile
In this case, it failed with Invalid credentials – this would be considered an LDAP error that would end the entire authentication process
Finally, the kernel is instructed to REJECT the user trying to log in
More examples/information about this tool can be found in CTX114999, including invalid usernames or password and group extraction failures
Internal Server Error 29 is a common error that we see in support.
It’s usually either 1 of 3 things that cause this error
DNS – NS can’t resolve the BaseURL
Network communication from the NS SNIP to the IP of the StoreFront server or load balancer VIP
StoreFront services or IIS is not accepting connections
Once Authentication is successful – the user will be issued their respective policy, depending if they’re coming from a web browser or citrix receiver
The wizard creates and bind 2 session policies to the Gateway virtual server.
One policy is for Receiver – with the Expression that looks for CitrixReceiver in the HTTP Header User-Agent OR the Referer HTTP header does not exist in the HTTP request
The other policy is for the Web Browser which has a general ns_true expression. The thought here is that if the HTTP request does not meet the requirements for the Receiver policy, then the request MUST be coming from a Web Browser.
On the right hand side, a Session profile is associated, that’s where the FQDN, sson domain, and ICA Proxy settings are configured
To make sure you’re hitting the right policy, you can use the nsconmsg tool from the NetScaler’s CLI
Verify that you’re hitting the right policy with the nsconmsg command in a SSH session.
This tool shows which authentication policy you’re hitting also – so the first policy the user gets is the LDAP policy. So you can use this tool to verify which authentication policy the end user is hitting when the user firsts accesses the logon page
If authentication is successful, then the session policy will need to be applied right after.
If the policy that is bound to the Gateway virtual server, created with the wizard, is not being hit, then you’ll need to verify the policy priorities on the NetScaler.
Policies will be applied in 4 levels – to the User, which is the highest priority, then Group, Virtual Server, and Global level which is the lowest priority.
However, no matter at what level the policy is bound, the policy with the highest priority will always take precedence. Keep in mind, the lower the number, the higher the priority.
All of that can be tested and confirmed by just changing the Web Interface Address in the Session Profile for Web browsers
You can change the FQDN to an IP address, to see if DNS is causing the issue
You can also bypass a load balancer this way by entering the IP address of the StoreFront server itself, to verify if there’s an issue with the load balancer
Try changing protocols from HTTPS to HTTP to narrow it down to a possible port communication issue or an SSL communication issue
When StoreFront determines that the end user is coming from a Gateway, StoreFront will attempt to access the callback URL to grab the user credentials
So assuming the communication is working from the SNIP to the StoreFront server, the end user may be presented with a double authentication issue
So this indicates the single sign-on is NOT being engaged by the StoreFront server
Or Remote Access is NOT enabled for the Store NetScaler is directing you to
What if both those options are checked? Why doesn’t the StoreFront server start the authentication callback process instead of asking for credentials from the end user?
Single Sign-On is invoked by the NetScaler Gateway URL setting in the StoreFront config
This value must match exactly what the end user types into their Web browser
How does StoreFront know what the user is typing into their Web Browser address bar?
NetScaler includes this information in the HTTP Header XCitrixVia
StoreFront analyzes every HTTP request that comes in and if it finds this Header value matches a Gateway FQDN, then single sign-on will be invoked
I was able to see this information using StoreFront’s verbose logging, CTX139592 provides instructions on how to gather them
The NetScaler knows to inject the hostname that the user typed into their web browser address bar into an HTTP header call X-Citrix-Via
This value must match the Gateway URL configured on StoreFront
If you see this error during the SSON process, it’s most likely the StoreFront’s Callback process that’s failing
To make sure, check Event Viewer and also test StoreFront internally, to make sure StoreFront is functioning properly outside of the NetScaler integration
StoreFront may not be able to resolve the FQDN, or there’s a typo in the configuration. Check DNS or modify the HOSTS file on the StoreFront server
There could be a network issue as well, including some kind of Proxy interfering with the communication
The quickest way to eliminate these two issues is to open up Internet Explorer and try to browse to that FQDN – if you can successfully reach the logon page of the Gateway, then all should be well
So even though Internet Explorer successfully connected to the Gateway logon page, StoreFront can definitely run into an SSL Trust issue if the Certificate chain is not properly linked on the Gateway
Using http://www.digicert.com/help/ in this example
It verifies the FQDN being used and most importantly, the Certificate Chain
This example shows a properly configured certficate chain, indicated by the blue links
You can verify the chained certificates by opening up the Certificate itself and looking at the Intermediate certs under the Certification Path tab
Also, taking care of this now will help avoid issues with Mobile devices launching ICA sessions through the Gateway
A common problem we see in support is when there are multiple Gateways being load balanced, fronting a single StoreFront server group.
When an end user authenticates to one of the NetScalers and gets routed to a StoreFront server, the StoreFront server needs to be able to communicate back to the NS where the user authenticated from
In this scenario, you will have to configure a gateway instance for each NetScaler respectively, even though they have the same Gateway FQDN.
Each Gateway will have its own Callback URL that resolves to the Gateway virtual server on different NetScalers
Each NetScaler will have a Gateway virtual server with a different IP address – just enter the virtual server IP address in the Subnet IP address field.
StoreFront will decide which callback URL to use based on that Subnet IP address value, by comparing it to the IP address that comes in the HTTP request header X-Citrix-Via-VIP
This value, along with other HTTP header values, can be seen with DebugView on the StoreFront server
Now, when the user goes through NetScaler 1 – the NetScaler automatically adds the virtual server IP address into this X-Citrix-Via-VIP header for StoreFront to analyze.
StoreFront will know which Callback URL to use based on this
In the DebugView, you can verify the credentials that StoreFront grabs from the Callback service
It will show the username, single sign-on domain, and whether a password was supplied – passwords aren’t supplied with Smart Card authentication
StoreFront will send verify the credentials again and then send the request to the Farm XML brokers to enumerate your applications and desktop(s)
At this point, we have completed the single sign-on process and we are ready to launch
And now – we get an error
When launching an application, StoreFront sends an ICA file to the client that contains the STA ticket information and the Gateway FQDN
Receiver first establishes a connection to the NetScaler, and then the NetScaler first needs to retrieve the STA ticket that StoreFront created for the ICA file
DebugView needs to request a ticket from the STA server
The critical information here is the IP address of the XA server or VDA desktop that will be hosting this session
The STA server then responds with its STA ID and the Ticket number
This information gets added in the ICA file that gets sent back to the client
Here’s a snippet of 2 key values in the ICA file
The Address = the first value is the number 40 – which tells the Gateway that we want to use Session Reliability and instructs the Gateway to communicate to the back end server over port 2598
If Session Reliability was disabled, it would show 10, which would force the Gateway to use port 1494
The second value is the STA server ID, this is how the Gateway knows which STA server to reach out to in cases where there are multiple STA servers
Then there’s the STA ticket ID that’s being held on the STA server which has the session information that StoreFront provided
You can verify that the STA server is reachable and the ID that it is returning back to the NS
While the app is launching, you can watch the NetScaler grab the STA ticket by running a tcp dump command
Here’s an example of the request you would see the NS make to the STA server during app launch
In blue, you’ll see highlighted the Ticket ID that was found in the ICA file generated by StoreFront
Here’s the response from the STA server
It was able to find the STA ticket and retrieve the server details that is going to be hosting this application or desktop
Once the NetScaler has the information from the STA ticket, it’s time for it to establish the connection to that server
At this point of the process, if it fails, it’s usually a communication issue or DNS issue
A DNS issue can occur if you have DNS Translation Policy enabled on the farm, which will return the FQDN of the servers to the NetScaler, instead of the IP address as we have been seeing in these samples.
One of the quickest test you can do is test connectivity from the NetScaler to the back end servers over 1494 and 2598
All you have to do is create a service, specify the IP and port and check the state
For XenDesktop VDA – this is a little trickier – VDAs do not actively listen on the ICA ports until they’re about to begin a session
One trick is to open a VDA session on the internal network, and create the services to the IP address of the internally launched VDA desktop
This whole time, I was showing screenshots from a web browser
That is because it is MUCH easier to troubleshoot with the web browser, Receiver does a very good job of masking the real errors
Once the Web Browser is working, you know that the configuration on StoreFront is accurate, so, in most cases, you can eliminate that out of the troubleshooting equation
So you can focus on the NetScaler and the client
The StoreFront Store is inaccessible (internally)
Misconfigured StoreFront BaseURL in Session Profile for Receiver
Internal Beacon is reachable externally
Customizations on the Gateway logon page
iOS Receiver does not support SHA256 SSL Certificates
Android does not support SAN SSL Certificates
Enable Windows Receiver logging – CTX134101