Remko Weijnen's Blog (Remko's Blog)

About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like

Archive for the ‘Citrix’ Category

This morning I wanted to install the NetScaler patch for the TLS padding vulnerability and of course I made a backup before deploying it.

Note: If you haven’t installed this patch yet I would recommended to do so: see CTX230238 and check out the ROBOT attack -Return Of Bleichenbacher’s Oracle Threat page to check which other products you may have that are vulnerable.

Upon checking the backups (I always download the backup and verify that the archive is intact) I noticed that one of my NetScaler’s uses SHA1 for the password hash whilst the other one uses SHA512:

image

I thought that this was a little strange as both NetScaler’s are running the exact same build. However one of them (the one that uses SHA512) was reinstalled recently whilst the one using SHA1 has been upgraded.

(more…)

  • 0 Comments
  • Filed under: Citrix, NetScaler
  • imageI recently (well today really) started playing with the Citrix Linux VDA. I took Ubuntu to test because I happen to like Ubuntu.

    I didn’t get it to work correctly right away though and during troubleshooting I wanted to know where the VDA is storing it’s settings.

    I found the following file /etc/xdl/ctx-vda.confwith the following contents:

    (more…)

    Google Earth fix for XenApp, RDSH & Horizon

    Google Earth LogoBoth Google Earth and Google Earth Enterprise do not work correctly for multiple users on shared Hosted Shared Desktops (I still prefer to call it Server Based Computing but that’s likely because I’m an oldtimer).

    Problem summary
    So let’s look at the actual issue: the first user on a server is able to launch Google Earth but for any subsequent users on the same server Google Earth fails silently.

    Problem details
    Google Earth uses various synchronization objects such as Events and Mutexes but registers those in the \Global namespace instead of the \Local namespace.

     

    (more…)

    Citrix Receiver Unknown client error 1110

    Citrix Receiver and StoreFront error messages are sometimes confusing or lacking details so I decided to make little blog notes about common issues when I see them. So without further ado here’s #1:

    In Citrix Receiver I tried to logon remotely via NetScaler Gateway and got the following error message: “Cannot get your apps from the store

    Cannot get your apps from the store

    Citrix Receiver

    (more…)

  • 0 Comments
  • Filed under: Citrix
  • clip_image002

    There has long been a debate about how to accurately view the size of your Citrix Provisioning Services ram cache size. SO much so that even Citrix clarified on how to view this detail using yet another tool

    The thing is, this is all fine and well, but it’s a bit of a pig to actually get this data when you need it, or in an automated way. Wouldn’t it be better if we could have something easier?

    Lately, Andrew Morgan and I decided to sit down and create an easy to use, Windows performance counter for the key metrics in a PVS cache and provide them to the community for use.

    These counters turned out to be fascinating, as they really show how the cache works.

    Our latest counters (which can be downloaded below) provide the following counters for easy access:

    Performance Monitor

    • PVS Ram cache size (MB)
    • PVS metadata size (MB)
    • PVS Write Cache VHD disk size (MB)
    • PVS Ram Cache Percent used. *

    • * As there is no accurate way to detect how much ram is assigned to cache via Citrix Provisioning services, this value must be provided or this performance counter is missing.

    (more…)

  • 6 Comments
  • Filed under: Citrix
  • ShareFileLogoThe Citrix ShareFile Sync application is quite limited in functionality, one of those limitations is that you can only synchronize to a single (one) local folder.

    As Helge Klein wrote in his excellent article "Configuring Citrix ShareFile Sync from PowerShell" this is simply a GUI restriction and not a restriction in the actual ShareFile sync engine.

    Helge describes that you can easily do this in PowerShell with the following example:

    While the command was accepted, nothing was synchronized.

    (more…)

    Convert Citrix License Server VPX to OVF

    I wanted to run a virtual Citrix License server in my LAB.

    Unfortunately Citrix only provides the VPX License Server in XenServer format (.xva). If you want to run the VPX on VMware ESX or Microsoft Hyper-V you need to convert it first.

    The option to convert a Xen Virtual Appliance to OVF format was removed in XenConvert 2.4.1. So for a conversion you need version 2.3.1.

    Here are the direct download links:

    However when I tried to convert the downloaded VPX (Citrix_License_Server_VPX_v11.10.0_Build_12002.xva) I got the error "Failed to decode tar header record":

    Failed to decode tar header record

     

    (more…)

  • 1 Comment
  • Filed under: Citrix
  • Run a Process when Citrix Receiver Exits

    A while ago I was doing some research for Magic Filter when I stumbled upon something interesting within Receiver.

    Inside wfica32.exe is a function called _Eng_RunExecutableOnExit. That name caught my interest, I’ve made it a little more readable with Ida Pro:

    (more…)

  • 4 Comments
  • Filed under: Citrix
  • PNAgent Icon Data Algorithm

    Some time ago I wrote about the PNAgent data that is stored in the registry in XML format.

    After that post Andrew Morgan asked me if I could extract the PNAgent icons from the XML data.

    That got me interested so let’s look at this data!

    If you look at XML from PNAgent the icondata as in the AppData.Details.Icon node you’ll see something like this:

    image

    Seems like the icon data is stored/encrypted in a proprietary format.

    (more…)

    ClickOnce is a Microsoft technology that enables an end user to install an application from the web without administrative permissions.

    That’s great isn’t it?
    While ClickOnce may sound great to developers it’s actually a nightmare for Enterprise administrators because they try to prevent users from installing software themselves.

    ClickOnce also incorporates an Automatic Updates mechanism which means that users might run different or not tested/approved versions…

    Virtual Environments
    It get’s even worse in virtual environments such as VDI and SBC where machines are often non-persistent. Each time the users starts the application they will see a screen similar to the one below while they actually download and install it over and over again:

    SNAGHTML87937a

    If the environment is persistent, it’s not guaranteed that the user works on the same machine each day. This means that the application will be installed on every box the user ever logs onto…

    How does it work?
    In order to understand how we can best treat ClickOnce applications we need to understand how they work since MSDN documentation does not describe this in detail.

    (more…)

    Blogroll


    Categories


    Archives