Kenneth is Speaking at BriForum Denver

I sat down with one of Lewan’s Solution Architects, Kenneth Fingerlos, to discuss his upcoming speaking engagement at the BriForum conference on July 20th.  Our brief conversation covered the details of his session, “vSGA, vDGA, vGPU, and Software – When and Why“, his background in the industry, and what gets him excited in the technology space right now.

Me: Kenneth, can you tell me a little bit about your industry experience?

Kenneth: So, after college I took a left turn in my career path and went into corporate IT for ten years.  Various positions: desktop management, server management, data center.  Various kinds of things.  After ten years of that I decided I didn’t care for IT management and tried to correct the course change and landed in consulting.  I’ve been doing IT consulting for about the last ten years around storage, data management, virtualization of various types, and building up my skill sets trying to help customers solve problems.

Me: Great, great.  So have you been to BriForum before?

Kenneth: I have not been to BriForum.  This will be my first year.

Me: What attracted you to BriForum?

Kenneth: I’m excited.  The whole idea of a conference that has some size to it and is established that is not tied to a specific vendor is just exciting, right?  You go to a Cisco conference and it is all about what is the latest widget from Cisco.  Cisco can do no wrong.  You find the same thing if you go to, you know, Dell World.  Dell is perfect.  Whatever Dell has got going is awesome and whatever everyone else has is garbage.  BriForum excites me because it is everybody. It is a marketing company–a media company that puts on the conference as opposed to a product manufacturer.

Me: So what will you be discussing at BriForum?

Kenneth: I’m discussing a topic that is near and dear to my heart which is the idea of virtualized graphics.  Taking things we do everyday in the physical world with physical PCs and trying to bring this into this virtualized environment.  Things like disaster recovery, security, flexibility.  You know, the physical world is pretty restricted.  Graphics have always been one of these things that is hard and is difficult.  Technology is evolving and has advanced dramatically over the last couple of years in terms of what we can do.  But there is also a lot of complexity and a lot of information and I find my customers have a lot of confusion about what they can and can’t do.  What works, what doesn’t work.  My session is all about trying to bring some clarity to that area.

Me: Ok, so I am going to open this up a little bit and say maybe don’t limit this to just the enterprise world but what is the technology you are most excited about right now?

Kenneth: The technology I am most excited about right now….I think the stuff that is most exciting is really this idea of graphics virtualization.  I mean, so many things go into a user experience, right?  And all of the traditional things that you think about: servers, storage, memory, CPUs–graphics is part of that.  Remoting protocols, right?  What’s going on with actually getting that content delivered to a user.  Networking, right? 3G, 4G networks and starting to think about what’s next, what’s beyond 4G.  These are huge enablers to let people consume and develop content in ways that have never been envisioned before.  Letting you take that stuff to the cloud, to the remote data center, and access it from anywhere.  I’ve been sitting on top of a mountain in my 4×4 holding a virtual desktop, just because I’m a geek and into this stuff, but yes–I can access that app, whatever it is, from a mountain top in the middle of nowhere.  That’s cool stuff. And it’s all about enabling people to work and function in ways they’ve never been able to before.  That excites me.

Me: Very cool.  Well, looking forward to seeing your session at BriForum!  Until next time.

As I wrote about earlier, BriForum Comes to Denver, and I am excited to have such a great event in my backyard.  If you are going to be at BriForum or just have general questions about Denver, reach out to either @kfingerlos or myself (@sagelikebrian) and let’s catch up.

Brian @sagelikebrian

Citrix Default Printer Won’t Retain

The Windows default printer is a magical thing. This is the printer that is selected by default when you print in an application. Depending on your particular printing workflow this may be the only printer you ever use. Some applications have a quick print functionality that sends a print job to the default printer using default settings and no prompts (for example, portrait orientation and a single copy). To make a printer your default, simply right-click it and select default printer.

When you use Citrix, a Windows default printer is still a Windows default printer. The difference is that Citrix has administrative policies to help you decide what will be the default.

I recently ran into an issue with a new XenDesktop v7.6 environment where users could select a new default printer using the method above but the next day when they logged on to their desktop it was set back to Microsoft XPS Document Writer. A quick note on Microsoft XPS Document Writer, as you may have noticed it installed on your computer, it is really a print-to-file driver Microsoft created to allow you to save print output in the Microsoft XML Paper Specification.  If you have never used it, do not feel bad, it is more likely you have used the immensely popular PDF format made popular by Adobe before becoming an open standard in 2008.

By default, the user’s current printer is used as the default printer for the session. For example, my laptop’s default printer is HP Deskjet 3520 series (Network).  When I logon to my Citrix desktop it will redirect the laptop printers into the session including my default printer.  That is ideal for a laptop user.

For my next example, I am using a thin client that does not have a default printer because it does not have an OS. It can only connect to a Citrix desktop. When I logon from the thin client it will not see a default printer so it will make the first printer on the Citrix desktop the default. Often times this ends up being the Microsoft XPS Document Writer instead of the HP Deskjet 3520 series (Network).

At first, the issue seemed related to a Windows user profile issue since everyone lost their setting from one logon to the next.  After verifying that other Windows user settings were being retained (i.e. wallpaper, Office settings, and the printer mappings themselves), I moved on to Citrix print policies.   There is a specific policy I found interesting:

Default printer

Looking closer at the policy it defaults to “Set default printer to the client’s main printer”.  Most of the time this will result in using the default printer on the user’s endpoint (e.g. laptop or desktop).  If that endpoint is a thin client or even an iPad it will not have a default printer to redirect so you will end up with the first printer in the session.

I made a new policy and set it to “Do not adjust the user’s default printer” and gave it a higher priority then the others and assigned it to my test user account.

I then ran a gpupdate on each test worker to verify it had the new policy.  To test, I logged on with the test user, changed my default printer to a network printer.  I then logged out and put that test server in maintenance mode ensuring my next logon would go to the other test server.  Success, my new default printer was retained.  To be extra sure there was not anything cached locally, I rebooted both non-persistent workers and logged in again.  Success.  The final steps were to make the policy apply to more users and have them test before rolling it out to everyone on both the test and production workers.

Printing is rarely thought of as complicated but it always is.  If you are running into a similar issue then this policy change could be your answer.

Brian Olsen @sagelikebrian

BriForum Comes to Denver

IT conferences are a great way to catch up on what is new, take classes, and network with peers in the industry. I have been lucky enough to attend great shows like Citrix Summit and Synergy as well as VMware VMworld over the years. The conference for me that always fell just out of reach was BriForum. This year it is all going to change. I am more than a little excited that one of the world’s premier IT conferences has chosen Denver, Colorado for this year’s US location. BriForum is an independent conference that provides vendor-neutral perspective on current and emerging technologies and services.

Check out this year’s list of sessions:
http://www.brianmadden.com/blogs/gabeknuth/archive/2015/03/09/check-out-the-list-of-sessions-for-briforum-denver-2015-july-20-22.aspx

If you have a keen eye, you may have noticed a third of the way down the list a special session, “vSGA, vDGA, vGPU, and Software – When and Why“, being presented by Lewan’s very own expert speaker Kenneth Fingerlos (@kfingerlos).

Kenneth will be talking about the new graphics intensive workloads that are possible in VDI thanks to highend GPUs from NVIDIA.  He will specifically be digging into the different methods you can use to virtualize the GPU and when and why you would want to choose each method.  I promise you this will be a deep technical dive preparing you for your next graphics intensive virtual desktop project.

Check out the Lewan IT Solutions Technical Blog for more great technical information from Kenneth.

Come join Lewan at BriForum 2015 if you would like to learn more about solutions from Citrix, VMware, Microsoft and much more.

Brian Olsen (@sagelikebrian)

39.739236 -104.990251

Marlins Score Big with Citrix

It seems like every other week there is an IT security breach that makes the news.  Many of these hacks score credit card information that can immediately be used or sold.  Recently there have been allegations that members of the St. Louis Cardinals hacked into the Houston Astros’ system to gather information on players.

New York Times – Cardinals Investigated for Hacking Into Astros’ Database
Kansas City Star – Astros GM Luhnow disputes details related to Cardinals hacking probe

At face value, it seems shocking to hear about hacking in Major League Baseball.  There was a time when America’s favorite pastime was not considered high tech.  It was the boys of summer playing a great game and the best team won.  In this Moneyball era of baseball statistics, numbers and data win big.

 

You don’t have to believe me, just ask Brad Pitt.

As soon as I heard the news it made me think of what the Marlins are doing with technology from Citrix.

 

The Marlins are scoring two big wins with Citrix.  First, they are doing things that have never before been possible and making a better experience for their customers.  Second, they have a focus on security that has kept their IT department out of national headlines while protecting their team and intellectual property.  It is hard to put a price on the total package.

We should not give all the credit to the Marlins’ IT foresight.  After all, the Simpsons predicted this way back in 1999.

Brian Olsen @sagelikebrian

How to Fix Java issues with Citrix Netscaler GUI

We have all encountered the dreaded Java error when trying to connect to the Citrix Netscaler GUI.  In this post I would like to walk through the steps of resolving those Java error messages. There are a few technical articles that TRY to walk you through the process of troubleshooting this issue, but I have found the method that I use to be the most successful.  For me this is one of the most frustrating error messages, as I am constantly working in different versions of Java, Netscaler firmware or browser.

For starters, lets go ahead and uninstall any version of Java you currently have installed.  Most versions of Netscaler 10.1 and above will support the most recent version of Java.  You can download the most recent version Here.  For this exercise, we are going to assume you are using chrome, Firefox or IE.  In my experience, I have had the most success with the Netscaler GUI and the Chrome browser.

After you have successfully installed Java and went through the confirmation process go ahead and browse to your java configuration applet or go to control panel > Java (32bit).

Once the Java Control Panel pops up, click on the Settings button.

You will now be redirected to the Temporary Internet files dialog.  First, click on the “Delete Files” button

One the “Delete Files and Applications” box appears, UNCHECK all of the checkboxes and click OK.

Before clicking out of the Temporary Internet files dialog, make sure to uncheck ” Keep Temporary files on my computer” and click OK.  Having all of these temporary files are one of the main causes for applet corruption.

That last set of steps will clear out all the previously downloaded temporary applets, cookies and certificates you currently have in your configuration.  If you are launching java for the first time after the new install this might be a moot point, but I do it anyway 🙂

Now, stay in the Java Control Panel and at the top, click on the “Security” Tab.  Inside of that tab, click on “Edit Site List” at the bottom.

Once you have clicked on Edit Site list, Click on Add.  Here you will be able to add the Netscaler access gateway FQDN as an exception.  Only add websites here that you know you can trust their certificate.

After you click add you will notice a text box appear in the same window.  Go ahead and add your Netscaler FQDN into that field and click OK  example:  Https://yournetscaler.yourdomain.com

After clicking OK, you will notice your Netscaler FQDN is now in the exceptions list.  Click Ok to exit the Java Control panel and relaunch your browser to test.

 

This article applies to Netscaler versions 9.3, 10.0, 10.1

Let me know how it goes.  Add your comments below!

 

 

Kevin B. Ottomeyer @OttoKnowsBest

 

 

Configuring Citrix Storefront Domain Pass-through with Receiver for Windows

I would like to discus the procedure for configuring and implementing Domain Pass-through with Citrix Storefront and Citrix Receiver.

First things first, let’s get a receiver installed on a test machine.

****Note, this machine and all subsequent machines must be a member of the domain that your storefront server is currently attached to in order for the pass-through to work.

Download the Citrix receiver Here

Once downloaded find the path of your download location.  Now, we will need to install the receiver with the single sign on switch as follows:

This will install the receiver, enable and start the single sign-on service on that machine.  After your installation is completed and the machine is rebooted,  log back in to your workstation and double-check to make sure the ssonsvr.exe service was installed and is currently running under services.

Once you have confirmed.  Lets move over to your Storefront server.

Launch the Storefront administration console from the storefront server and on the left side of the console, click on Authentication.

Once authentication is selected move over to the right side of the console screen and under actions > authentication, click on add/remove Methods.

After clicking on Add/Remove Methods, a dialog box should appear with options to select what methods you would like to enable in Storefront.  The second option from the top is, “Domain pass-through”, click on the check box next to that option and click OK.  This will enable Storefront to take the credentials from the ssonsvr service on your workstation and pass them through Storefront and enumerate the app list without authenticating twice.

Depending on your Citrix infrastructure, you might need to propagate the changes to the other Storefront servers in your Server Group.  If you have more than one Storefront server and you do not propagate changes, you might see mixed results in your testing.

To do this, click on “Server Group” on the right side of the console and then on the left side under actions, click on “Propagate Changes”.    This action will replicate all the changes you just made to your authentication policies over to the other Storefront servers in your Server Group.

Now that you have all the configuration pieces in play, reboot the workstation you installed the receiver to and log back in.  Once logged in your should be able to right-click on the receiver and click open.  Receiver will now prompt you for your Storefront FQDN or email address if you have email based discovery enabled.  At this point your application list should enumerate without prompting for credentials. This also goes for the Web portal. Test both to make sure they are passing those credentials through appropriately.

********If your credentials still do not pass through, below are a few troubleshooting steps you can take.  Of course this all depends on how your environment is set up and what access you have to modify certain components in your windows infrastructure.

Modifying local Policy to enable pass-through on the workstation

Apply the icaclient.adm template located in C:\Program Files\Citrix\ICA Client\Configuration to the client device through Local or Domain Group Policy.

Once the adm template is imported, Navigate to Computer Configuration\Administrative Templates\Classic Administrative Templates\Citrix Components\Citrix Receiver\User authentication\, then double-click on the “Local user name and password” setting.

The following box should appear and make sure to select both “Enable pass-through authentication” and “Allow pass-through authentication for all ICA connections”.

Adding Trusted Sites in your browser

On the same workstation you are testing the pass-through.  Open IE and navigate to Tools > Internet Options.  Click on Trusted Sites and add your Storefront FQDN (the same address you entered into the receiver when you set it up.

Also, it wouldn’t hurt to configure pass through in IE.  In The Internet Options Security tab with Trust Sites selected, choose Custom level, security zone. Scroll to the bottom of the list and select Automatic logon with current user name and password.

Configure the NIC provider order

On the workstation you installed the receiver, launch control panel and click on Network Connections, choose Advanced > Advanced Settings > Provider Order tab and move the Citrix Single Sign-on entry to the top of the Network Providers list.

If you are still having problems with the receiver not passing the credentials, leave a comment with your specific issue.

References:

https://www.citrix.com/downloads/citrix-receiver.html

http://support.citrix.com/article/CTX200157

 

 

Kevin B. Ottomeyer @OttoKnowsBest

 

 

 

 

Citrix Access via Chrome is Broken

Purpose:
This post explains Google Chrome functionality that can negatively impact the access to any Citrix environment.

Symptom:
After clicking on a published application or desktop icon in StoreFront using Chrome–nothing happens.

or

After logging on to StoreFront using Chrome, it never thinks Citrix Receiver is installed and offers it to me to download before I get to see my icons.

or

You have a warning to, “Unblock the Citrix plug-in.”

Resolution:
1) Re-enable the plugin using CTX137141.  This workaround will end in November 2015 when Google permanently disables NPAPI.
2) Customize StoreFront to remove the prompt to download Receiver with customized code.
3) Customize StoreFront with a link to download Receiver with customized code.
4) Enable a user setting to always open .ica files using CTX136578.
5) Use another browser not affected by the Chrome changes.

Cause:
Back in November 2014, Google announced it would remove NPAPI support from Chrome.  They are making this change to “improve security, speed, and stability” of the browser.   In April 2105, they will change Chrome’s default settings to disable NPAPI before removing it entirely in September of 2015.

What does this mean for my Citrix users who use Chrome?

Receiver detection.  The NPAPI plugin that Receiver (Windows and Mac) installs allows Receiver for Web (aka StoreFront) to detect if Citrix Receiver is or is not installed.  Without this plugin, it assumes you do not have Receiver and will offer it for you to download and install.  As an aside, you may have noticed that Internet Explorer has an ActiveX control that does the same thing.  If your user does not have Receiver then they can not launch their Citrix application or desktop, so this is a good thing. If your user is already running Receiver but gets offered the Receiver download this will be confusing and could potentially be a bad thing.

Launching applications and desktops.   Let me explain what should happen when you click on the icon for, say, Outlook 2010 in StoreFront (aka Receiver for Web).  StoreFront will talk to a delivery controller to figure out what machine is hosting Outlook 2010 and has the lowest load.  StoreFront will then offer you a .ica file to download.  If you have the plugin, Windows will know that this is a configuration file that should be opened by Receiver.  Receiver will then connect you to your application.  This all happens quickly and seamless making it seem like Outlook 2010 launches immediately.

Without the plugin, you will download an .ica file but Outlook 2010 will not open until you click it.  Chrome does have the option (the arrow on the downloaded file) to “Always open files of this type” as shown in CTX136578.

References:
http://blogs.citrix.com/2015/03/09/preparing-for-npapi-being-disabled-by-google-chrome/
http://blog.chromium.org/2014/11/the-final-countdown-for-npapi.html
http://support.citrix.com/article/CTX141137
http://support.citrix.com/article/CTX136578

Brian Olsen @sagelikebrian

LoginVSI “VSISetup has stopped working”

One of the real challenges of testing a Virtual Desktop Infrastructure (VDI) is getting enough users to logon to the system to test it at the same time.  While load testing should be an essential part of validating a new system, scheduling three or four users to test applications can be challenging.   What if you would like to simulate the load of 25 or 50 users?  Often, due to the challenges of scheduling and man hours involved load testing gets ignored and you end up hoping for the best on go live day.

LoginVSI is an application that allows you to orchestrate as many users as you would like to test the system while having it all be automated.  Out of the box, LoginVSI will simulate a user logon and then perform a series of very real activities like surfing the web, reading emails, or editing spreadsheets.  This simulated workload progresses for about an hour per user.  This allows you, the administrator, to observe how resources are used and look for issues related to a stressed system.  LoginVSI can be set up to keep having new users logon until the system stops responding or crashes.  It then compiles the performance metrics and tells you the optimal amount of users the system can handle before the server starts to have poor response time.  They call this number the VSImax.

This article explains how to resolve the error, “VSISetup has stopped working” while setting up LoginVSI.  During the install process of the LoginVSI management console the setup program crashes shortly after starting it.

Resolution:
Add the .NET Framework 3.5.1 using the Add Features wizard.  Before continuing on with the LoginVSI install, run Windows Update and patch .NET.  This can be time consuming as there are lots of updates available and this may require a reboot or two.

Cause:
While it is documented in the excellent install guide, it is easy to forget that the default install of Windows Server 2008 R2 does not have .NET 3.5.1 installed and it is required.

Brian Olsen @sagelikebrian

Lewan Named to 2015 Tech Elite 150 List

For the third year in a row, Lewan has been recognized for our exemplary approach to delivery of Managed IT Services and been awarded a spot on the 2015 MSP Elite 150 list, part of CRN’s Managed Service Provider 500 (MSP500) list. The Elite 150 group is recognized as large data center-focused solution providers with a strong mix of on-premise professional services as well as off-premise services.

From CRN:

This annual list distinguishes the top technology providers and consultants in North America whose leading approach to managed services enables their customers to improve operational efficiencies, elicit greater value from their IT investments, and successfully leverage technology to achieve greater competitive advantage.

In today’s world of outsourced IT, the expertise of MSPs has become increasingly important to organizations. The plethora of choices in terms of consumption and procurement of technology can become overwhelming. To help facilitate companies’ selection and adoption of managed services and providers, CRN, the leading media outlet for technology vendors and solution providers who serve end-user customers, has identified the top 500 MSPs.

“The allure of Everything-as-a-Service to organizations is largely rooted in the appeal of predictable operational expenses, cost-cutting, resource allocation and access to on-demand/pay-as-you-go technology. Therein lies a great need for the expertise of managed service providers,” said Robert Faletra, CEO, The Channel Company. “We congratulate the managed service providers who have engineered, or re-engineered, their businesses to deliver the services their customers rely on for future growth and ongoing success.”

Citrix Summit 2015

Citrix Summit is an annual conference where partners gather to hear the latest technical and sales information.  This year it was held in exciting Las Vegas at the sprawling Venetian conference center.  Coverage of Summit is always tricky because, while it is a partner only event and mostly covered by NDA, there are aspects that are already public.  This article will strive to keep the balance and leave what happened in Vegas–well, safely behind in Vegas.

This year Lewan sent four engineers to take part in the festivities. We came back with our heads full of announcements, product updates, and experience with what is coming next.  It is going to be an exciting year for Citrix customers.

The Annoucements

Mark Templeton is back at the helm as CEO.  This is excellent news as the 20 year veteran of Citrix is beloved by both employees and the industry.

Citrix acquires Sanbolic.  Sanbolic allows customer deployments to be geo-distributed across multiple locations and to scale in a linear and predictable manner.  We will have to wait and see what this means for Citrix’s product portfolio.

WorkspacePod Powered by HP is announced.  The solution is integrated Citrix infrastructure software with HP’s Moonshot platform.  HP considers this integrated compute, storage, networking, plus GPU to be the next step beyond hyper-converged infrastructure and they have labeled it ultra-converged.  Time will tell if this moniker will be adopted by the industry.  A tech preview is expected to be available Q1 of this year.

Product Updates

Workspace Cloud is announced.  Formerly Workspace Services, Workspace Cloud is a revolutionary new way to deliver Windows and mobile apps, data, and desktops.  I say revolutionary because it is clearly a new way of thinking.  I had several discussions over the week with some people hesitant on how this would incorporate in their environment and others who cannot wait for it to be released.  This is by no means a desktop as a service (DaaS) play.  Citrix is very specific with the choice of the word workspace.  To quote Mark T, “the desktop is to the PC-era as Workspace is to the Cloud-era“.

XenMobile 10 is announced.  XenMobile 10 represents a big step forward for the product in areas like security (FIPS 140.2) and flexibility. Users get updated Worx apps and a new self service portal for tracking, locking, and wiping lost or stolen devices.  Our hands-on experience makes us believe the people most excited about this release should be the administrators as significant steps have been made to make this product easier to deploy and use.

XenServer 6.5 is announced.  Major improvements have been made to the hypervisor in the areas of performance.  The new 64-bit kernel architecture has resulted in dramatic improvements in networking and storage performance.  I do not have the numbers in front of me but I remember my jaw dropping in the keynote because some of them had triple digit percentage improvements.  The timing could not be better with the uptick in XenServer deployments in 2014 due to industry leading support of NVIDIA GRID vGPU technology.

Improvements to XenApp and XenDesktop are coming.  Citrix is hard at work improving their flagship products.  Enhancements are coming to Microsoft Lync optimization and session recording will be added to Director.  If the last one sounds a lot like SmartAuditor, it is because I believe it will be replacing that functionality.

XenApp and XenDesktop technology previews are coming.  DesktopPlayer for Windows will be a welcome addition for offline virtual desktop and BYO Windows users.  Linux fans rejoice, a virtual desktop agent is coming.  The most exciting thing I witnessed (at the conference 😉 ) was the integration of Framehawk into Citrix’s already amazing HDX protocol.  Framehawk is the special sauce that overcomes very challenging network conditions like high latency (often seen in cellular) or packet loss (often seen in poor Wi-Fi).  Check out the pre-Citrix acquisition video from a few years ago below to see why I am excited.

The demo lab is already being prepared to make room for all of this awesome tech.  All of these updates are bound to set the stage for an exciting week in Orlando at Citrix Synergy in May.  For more information, do not hesitate to contact us.

Brian Olsen @sagelikebrian