Good and Free Citrix Related resources

Here is a list of five very good Citrix resources that are available if you want to sharpen your Citrix skills:

Citrix E-Docs – This is the official online documentation for all Citrix products, provided by Citrix. You will find tons of answers there. It is a branch of the well-known Citrix support site, which is also provided by Citrix and where most Citrix public CTX articles are located

Brian Madden – One of the best Citrix resources on the web; Very educative and informative. Highly recommended

XenAppTraining – Also very informative and has some great free videos for you to look. You might need to register to watch the videos. I particularly like this Windows 2008 R2 configuration video: Win2008R2 Configuration . It gives you some good tips (time: 17min)

CtxAdminTools – Great variety of tools to make the Citrix and Microsoft Admin’s life easier. The author, Guillermo Musumeci is a Windows Infrastructure Architect with a “passion for designing, building, deploying and supporting enterprise architectures using Microsoft, Citrix and VMware producs” (from his About page )

CitrixExperience – Offers Free study guides for a lot of the Citrix Exams
Here are some free study guides for the Citrix exams.

Enjoy it!

Concepts of XenApp 5 from Citrix E-docs

Farm Terminology and Concepts Terminology

The XenApp planning and installation documentation uses the following terminology.

Multi-user environment
An environment, including XenApp and Terminal Services, where applications are published on servers for use by multiple users simultaneously.
Application servers
The farm servers that host published applications.
Infrastructure servers
The farm servers that host services such as the data store or the license server. Typically, they do not host published applications.
Production farm
A farm that is in regular use and accessed by users.
Design validation farm
A farm that is set up in a laboratory environment, typically as the design or blueprint for the production farm.
Pilot farm
A preproduction pilot farm used to test a farm design before deploying the farm across the organization. A true pilot is based on access by select users, and then adding users until all users access the farm for their everyday needs.
Enumeration
The process in which a client transmits data to locate servers on the network and retrieves information about the server farm’s published applications. For example, during enumeration, the XenApp Plug-in for Hosted Apps communicates with the Citrix XML Service or the ICA browser, depending on the browsing protocol selected in the plug-in.

XenApp Setup comprises two installation wizards:

Create a New Farm. The first time you install XenApp, select Create a New Farm in the installation wizard and Setup creates the farm with that server hosting specific roles.

The server where you installed XenApp and created the farm is the first farm server or the Create farm server.
Join an Existing Farm. When you run Setup on servers after installing XenApp on the first farm server, you take a different path in Setup and XenApp references the settings you specified on the first farm server. These servers join the existing farm and communicate with the first server in the farm.

Farm Environment

You should already be familiar with client-server architecture, redirection, and application publishing.

Citrix Licensing
A Citrix License Server is required for all XenApp deployments. Install the license server on either a shared or stand-alone server, depending on your farm’s size. After you install the license server, download the appropriate license files and add these to the license server.
Data Store
The data store is the database where servers store farm static information, such as configuration information about published applications, users, printers, and servers. Each server farm has a single data store.
Data Collector
A data collector is a server that hosts an in-memory database that maintains dynamic information about the servers in the zone, such as server loads, session status, published applications, users connected, and license usage. Data collectors receive incremental data updates and queries from servers within the zone. Data collectors relay information to all other data collectors in the farm. By default, the first server in the farm functions as the data collector.
By default, the data collector is configured on the first farm server during the Create Farm Setup and all other servers are configured with equal rights to become the data collector if the data collector fails. When the zone’s data collector fails, a data collector election occurs and another server takes over the data collector functionality. Farms determine the data collector based on the election preferences set for a server
The data collector is an infrastructure server and applications are typically not published on it.
Zone
A zone is a grouping of XenApp servers that communicate with a common data collector. In large farms with multiple zones, each zone has a server designated as its data collector. Data collectors in farms with more than one zone function as communication gateways with the other zone data collectors.
The data collector maintains all load and session information for the servers in its zone. All farms have at least one zone, even small ones. The fewest number of zones should be implemented, with one being optimal. Multiple zones are necessary only in large farms that span WANs.
Streaming File or Web Server
Applications can be delivered to users by either streaming or hosting the applications on the server. If you are streaming applications, either to client or server, you must install a streaming file server in your environment. When streaming applications, you create profiles of the application and then store the profile on a file or Web server. The profile consists of the manifest file (.profile), which is an XML file that defines the profile, as well as the target CAB files, a hash key file, the icons repository (Icondata.bin), and a scripts folder for pre-launch and post-exit scripts.
Web Interface
The Web Interface is a required component in any environment where users access their applications using either the XenApp plugin or a Web browser. Install the Web Interface on a stand-alone computer; however, where resources are limited, the Web Interface is sometimes collocated with other functions..
XenApp Web and XenApp Services Sites
XenApp Web and XenApp Services sites (formerly known as Access Platform and Program Neighborhood Agent Services sites, respectively) provide an interface to the server farm from the client device. When a user authenticates to a XenApp Web or XenApp Services site, either directly or through the XenApp plug-in or the Access Gateway, the site:

Forwards the user’s credentials to the Citrix XML Service
Receives the set of applications available to that user by means of the XML Service
Displays the available applications to the user either through a Web page or by placing shortcuts directly on the user’s computer

Citrix XML Service and the Citrix XML Broker
The Citrix XML Broker functions as an intermediary between the other servers in the farm and the Web Interface. When a user authenticates to the Web Interface, the XML Broker:

Receives the user’s credentials from the Web Interface and queries the server farm for a list of published applications that the user has permission to access. The XML Broker retrieves this application set from the Independent Management Architecture (IMA) system and returns it to the Web Interface.
Upon receiving the user’s request to launch an application, the broker locates the servers in the farm that host this application and identifies which of these is the optimal server to service this connection based on several factors. The XML Broker returns the address of this server to the Web Interface.

The XML Broker is a function of the Citrix XML Service. By default, the XML Service is installed on every server during XenApp Setup. However, only the XML Service on the server specified in the Web Interface functions as the broker. (The XML Service on other farm servers is still running but is not used for servicing end-user connections.) In a small farm, the XML Broker is typically designated on a server dedicated to several infrastructure functions. In a large farm, the XML Broker might be configured on one or more dedicated servers.
The XML Broker is sometimes referred to as a Citrix XML Server or the Citrix XML Service. For clarity, the term XML Broker is used to refer to when the XML Service functions as the intermediary between the Web Interface and the IMA service, regardless of whether it is hosted on a dedicated server or collocated with other infrastructure functions.

This illustration uses a large farm to show how the Web Interface and the XML Broker work together. (1) The user connects to the Web Interface through the XenApp plug-in or a Web browser; (2) the Web Interface contacts the XML Broker to determine which applications are available for this user; (3) the XML Broker queries the IMA service for this information and returns the results to the Web Interface; (4) the Web Interface displays the available applications to the user either through a Web page or by placing shortcuts directly on the user’s computer..

Infrastructure Servers
XenApp farms have two types of servers: infrastructure servers and member servers that host published applications. Infrastructure servers perform specific functions and do not typically host published applications, except in small farms. The services include:

Farm infrastructure services – Data store, data collector, and the Citrix XML Broker.
Access infrastructure services – Web Interface, Secure Gateway (optional), and Access Gateway (optional).
Additional services – Citrix License Server, Streaming File or Web Server (optional), a computer for profiling applications, Configuration Logging database (optional), EdgeSight database (optional), and SmartAuditor player (optional).

One or more infrastructure services can be grouped together in small farms. In large deployments, each service runs on one or more dedicated servers.
This illustration suggests which infrastructure functions can be grouped on the same server, depending on the size of your environment.

Factors other than size can affect how infrastructure functions are grouped . Security concerns, virtualized servers, and user load play a part in determining which functions can be collocated.
This illustration depicts infrastructure servers in a large farm. The Web Interface, XML Service, data collector, and data store are deployed on separate servers.

source: XenApp 5 for Windows Server 2008 – E-Docs
Note: This link has also several great illustrations of the components of XenApp. If you learn visually like I do you must see these illustrations

XML Port and SSL Question
Dan Murray made a interesting comment on XML and SSL
You need to do three things… you have to install a certificate on the server that is handling the XML requests, typically a Zone Data Collector in a XenApp farm, or a DesktopDelivery Controller in a XenDesktop farm. Next, setup the SSL Relay on that ZDC/DDC server. Finally, you have to configure the WI XML port to use SSL. You need all three pieces to be working to use SSL across the board the way you want to

Connecting a Computer to a Stereo System

I never done myself, but I found a great link that explains it really well.
Check it out!

How to Connect a Computer to a Stereo System

You probably need to buy an inexpensive “Y” RCA female adapter

Do a google search on this:
stereo audio female Y cable
or this:
“2 x RCA Male / 1 x 3.5mm Stereo Female, Y-Cable, 6 inch”
or this:
mini 3.5mm stereo plug to dual RCA plug cable, 3 to 25 feet long

It costs less than 6 dollars. I saw as low as $1.45

Read the rest of this entry »

25 most visited websites as of Jan 10, 2012

• 1 Google

google.com

• Enables users to search the world’s information, including webpages, images, and videos.

• 2 Facebook

facebook.com

A social utility that connects people, to keep up with friends, upload photos, share links and … More

• 3 YouTube

youtube.com

• YouTube is a way to get your videos to the people who matter to you. Upload, tag and share your videos

• 4 Yahoo!

yahoo.com

A major internet portal and service provider offering search results, customizable content,

• 5 Baidu.com

baidu.com

• The leading Chinese language search engine, provides “simple and reliable” search experience

• 6 Wikipedia

wikipedia.org

A free encyclopedia built collaboratively using wiki software. (Creative Commons Attribution-Sh… More

• 7 Windows Live

live.com

Search engine from Microsoft.

• 8 Blogspot.com

blogspot.com

• 9 Amazon.com

amazon.com

Amazon.com seeks to be Earth’s most customer-centric company, where customers can find and discover

• 10 Twitter

twitter.com

Social networking and microblogging service utilising instant messaging, SMS or a web interface.

• 11 QQ.COM

qq.com

• China’s largest and most used Internet service portal owned by Tencent, Inc

• 12 淘宝网

taobao.com

包括电脑通讯、数码、男装、女装、童装、化妆品、书籍音像、运动用品、游戏装备等各种商品的买卖，还有相关的社区交流，同时提供支付宝网上交易安全保证系统。.

• 13 Google India

google.co.in

Indian version of this popular search engine. Search the whole web or only webpages from India

• 14 MSN

msn.com

Portal for shopping, news and money, e-mail, search, and chat.

• 15 Yahoo! Japan

yahoo.co.jp

Japanese version of popular portal site.

• 16 LinkedIn

linkedin.com

A networking tool to find connections to recommended job candidates, industry experts and busin… More

• 17 新浪新闻中心

sina.com.cn

包括即日的国内外不同类型的新闻与评论，人物专题，图库。

• 18 WordPress.com

wordpress.com

Free blogs managed by the developers of the WordPress software. Includes custom design template

• 19 eBay

ebay.com

International person to person auction site, with products sorted into categories.

• 20 Google

google.de

Suche im gesamten Web, in deutschsprachigen sowie in deutschen Sites. Zusätzlich kann gezielt n… More

• 21 Google谷歌

google.com.hk

谷歌搜索在中国的官方网站。

• 22 Яндекс

yandex.ru

Поиск информации в интернете с учетом русской морфологии, возможность регионального уточнения. … More

• 23 Google UK

google.co.uk

The local version of this pre-eminent search engine, offering UK-specific pages

 

• 24 Google 日本

google.co.jp

多言語対応サーチエンジンの日本版。ウェブ、イメージおよびニュース検索、Usenet掲示板。… More

• 25 Google France

google.fr

Version française du moteur de recherche. Propose des outils et des services pour les internaut.

Difference between a registry Hive and a registry Key

The Windows registry is divided into several root keys. They can also be called Hives.

The  hives are as follows:

Registry Hive	Abbreviation	Files Associated	Comments
HKEY_CLASSES_ROOT	HKCR	N/A	File name ext/assoc.
HKEY_CURRENT_USER	HKCU	Ntuser.dat, Ntuser.dat.log	Settings interactive users
HKEY_LOCAL_MACHINE\Hardware	HKLM-Har	N/A	hardw data recr. during each startup
HKEY_LOCAL_MACHINE\SAM	HKLM-Sam	Sam, Sam.log, Sam.sav	Security Accounts Manager
HKEY_LOCAL_MACHINE\Security	HKLM-Sec	Security, Security.log, Security.sav	Password Related
HKEY_LOCAL_MACHINE\Software	HKLM-Soft	Software, Software.log, Software.sav	Software Configuration
HKEY_LOCAL_MACHINE\System	HKLM-Sys	System, System.alt, System.log, System.sav	Stores drivers and services inf.
HKEY_USERS\.DEFAULT	HKU-Def	Default, Default.log, Default.sav	profile for the Local System acct
HKEY_CURRENT_CONFIG	HKCC	N/A	Config. data for current hard prf
HKEY_USERS	HKU	N/A	Inform. and settings of all users
HKEY_PERFORMANCE_DATA	HKPD	N/A	NT based OS; invisible
HKEY_DYN_DATA	HKDD	N/A	Win 9x/Me only

“Registry keys are similar to folders — in addition to values, each key can contain subkeys, which may contain further subkeys, and so on” ( wikipedia )

The hierarchy of registry keys can only be accessed from a known root key handle or a Hive.

E.g. HKEY_LOCAL_MACHINE\Software\Adobe\Adobe Reader refers to the subkey “Adobe Reader” of the subkey “Adobe” of the subkey “Software” of the HKEY_LOCAL_MACHINE root key.

So, a registry Hive is higher in the registry hierarchy than a registry key. A registry key is normally contained inside of a registry hive or a root key

Good source of information about the registry: technet

Basic XenApp Licensing troubleshooting

Troubleshooting licensing issues in XenApp 6 and 6.5

1. Make sure the license server name on the license file has the same name as the hostname of the license server (note: the name is case sensitive, so if the hostname has upper and lower case, the license file must match the upper and lower case of the hostname)

The license file is located in c:\program files (x86)\citrix\Licensing\My Files folder. The license file has a .LIC extension.

It can be opened by MS WordPad, but it cannot be modified (it has a signed key, which is a encrypted signature for the number of licenses described in the top of the file, so if you change the number of licenses manually, the signed key won’t match the signed key and this will make your license file useless)

NOTE: The license file is tied to dates, not the version of XenApp. As long as the date interval for the license is  valid, the subscription advantage  license is valid and the license file doesn’t care what version of XenApp you have.

Also

2. Open a command prompt and type : “netstat -a” on the licensing server and see if port 27000 is listening.

3. If you change the license file name or did any modifications  in the policies container of XenApp (DSC or Apps Center) make sure to run from the command prompt “gpupdate /force” on the server you made the change(s)

4. Open a command prompt and type “net stop imaservice” and “net start imaservice“  to restart the IMA service after the gpupdate,  so IMA can re-read the policies

5. To check if the Licensing registry key is correct: (on the XenApp server or servers), open regedit and look into the [HKEY_LOCAL_MACHINE\Software] hive for this key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Citrix\IMA] and

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Citrix\IMA\Licensing]

Make sure you see something like this:

“LicenseServerPortNumber”=dword:00006978

“LicenseServerHostName”=”server name”

To recreate the ICA listener in XA6.0 or XenApp 6.5:

Navigate to the [HKEY_LOCAL_MACHINE\System] hive and look for this key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\ICA-Tcp]

Delete the ICA-Tcp key and reboot.

After rebooting import the ICA listener key from another server that is working properly

(see this Citrix article here for more details)

IPA files – Apple’s proprietary format for archive files for Iphone Ipod Touch and Ipad applications – Uses Apple’s FairPlay DRM technology

When we download I-Phone, Ipad and IPod Touch apps from the Apple store, we are actually downloading IPA files, which is Apple’s proprietary format for archive files that contains the binary code used by the “I” family of products from Apple

As an analogy, think of the IPA file as a “zip” file used in the Apple realm.

Apple created the ITunes and App Store to control and manage the deployment of all  products for the “I” family.

So, how can “jailbroken” devices install  ”I” apps?

The answer lies on an obscure command:

zip -0 -y -r myAppName.ipa Payload/

This unsigned, unofficial .ipa file can be created by some smart re-engineering efforts as follows:

1. You first copy the file with the extension .app from the Products folder of the application called Xcode to a folder called Payload

2. Compress the file located in Payload by using the zip command described above

3. This “new” unsigned, unofficial .ipa file can now be installed on jailbroken devices

4. There is a thrid party software called Appsync that allows such maneuver.

Read the rest of this entry »

Admin 101 – How to find out if you are logged on as a local admin or domain admin on a workstation or server

The easiest way to find out if you are logged on as a local admin or domain admin is to logoff and log back on, but before you logon  click on the Options button to see where you are logging on to.

Ex: if it says something like [servername or machine-name] followed by the words: (this computer), it means you are logging on locally to your computer or server and therefore you are not automatically mapping the network drive, printers and other network resources available to you in the Windows AD environment

On the other hand if you are logging on to [domain name] and without the words “this computer” between parenthesis you are definitely logging on to a domain environmnent

See screen shot below:

What is the Icaclient.adm and how to use it – ICA and IMA explained… briefly

Intro

ADM files are Network and System administrators best kept secrets. If you know how to use and configure them you will look like a genius in your IT department. To explain in simple words: ADM files populate user and computer interface settings and allow you to edit and make modifications to those settings(see Microsoft link further below to download O.S. ADM files)

If you use Citrix in your environment, there are two acronyms you must know:
ICA and IMA

ICA or Independent Computing Architecture is Citrix proprietary protocol that specifies how data travels between server and clients. I like to use the middle letter “C” as a mnemonic to remind me that ICA is a “client” protocol because it is installed on a “client” device; when installed it allows the “client” to gain access to applications and other resources stored on a server. That is the reason why you need a “client” plugin (aka as Citrix Online plugin, Citrix Receiver, Program Neighborhood, etc). The plugin contains the code and the set of files used for the ICA protocol.
The ICA protocol uses port 1494 to communicate (and port 2598 if session reliability is enabled)

What most people don’t know is the fact that there is a ADM file associated to the Citrix plugin that manages several client settings when data is received on the client
To use the ICA.ADM administrative template you need to load two components:
1. Load the GPOE (group Policy Object Editor) by opening MMC (start-run-MMC) and clicking on File-Add/Remove Snap-in and select GPOE from the list
2. Load the ICA.ADM file by right clicking on administrative templates and selecting “Add Remove Templates”. Browse to the Citrix ICA configuration folder (c:\program files\citrix\ICA client\configuration) and selecting the icaclient.adm file there
Once loaded you can then edit the GPO file and enable and disable several ICA settings.
The modifiable container settings are:

Network Routing
User authentication
Remoting client devices
User Experience
Client Engine and
Multi-Stream ICA

These 6 containers have 27 configurable settings. These 27 configurable settings have 98 possible options that can be modified for the Citrix Receiver plugin version 13! These numbers will vary depending on the version of the plugin)

The ICA protocol has a server component called the ICA Listener; the settings on the ICA Listener can be modified on the server under the Terminal Services Configuration Menu

Important things to remember:

“In Citrix products, Citrix policies always supersede all other policies and settings in your environment, including Active Directory policies and Windows settings

BUT (and this is a big BUT!) Always remember:

the most restrictive settings usually wins! (contradictory but true!)

Any rule that is disabled takes precedence over a lower-ranked rule that is enabled. Policy rules that are not configured are ignored.

Using Citrix policies with Active Directory
Active Directory and Windows policies do not take precedence over XenApp
policies. In a XenApp environment and with XenApp features, Citrix policies always take precedence over Windows policies and settings. Citrix XenApp policies were designed, so that they do not conflict with Active Directory policies.
In a Citrix environment, XenApp policy rules override the same settings
configured in an Active Directory policy or using the Terminal Services
Configuration tool. They also override Microsoft policies, including those that
are related to typical Remote Desktop Protocol (RDP) client connection settings such as the policies for Desktop wallpaper, Menu animations, and Windows contents while dragging.
However, XenApp policy rules do not always override policies for encryption and shadowing. These policies behave according to the most restrictive settings configured by the Terminal Services Configuration tool, Active Directory group policies, application configuration, and Citrix policies.
If you are familiar with Active Directory, note these important distinctions:
• For Active Directory policies, the disabled setting affects how the feature
functions. That is, it disables or enables the feature.
• For XenApp policies, the disabled setting only prevents a lower-priority
policy from being able to enable the policy rule. Disabling a XenApp policy
rule does not disable its corresponding feature in the product.” source: Citrix XenApp Admin Guide

Read the rest of this entry »

Medley of MS articles on trusts, NTLM and Kerberos

Medley of Microsoft articles on Domain and forest trusts, Microsoft NTLM, external trusts and Forest Trusts

The source of these articles contain well explained pictures to clarify the subject better, so I recommend the reader to actually visit the links indicated here

********************************************************************

Read the rest of this entry »