Fantastic Citrix Workshop

Andy Whiteside and Paddy Harrington put on a fantastic Citrix workshop in Charlotte today — see below for some notes. They’re by no means comprehensive — what caught my ear when not stuck on calls or replying to urgent emails. The bolded titles below are for the various modules we covered today.

Random

Load Manager = big obvious benefit over RDS.

Resource Manager = powered by Edgesight, monitor, report, and collect server resource metrics.
Licensing
Microsoft Licensing = Regular CALs (usually fine), RDS Cals, Windows 2008 server licenses.
First thing you do is install License Server.
License Server = license file names are case sensitive…common fix if licensing server issues.
Subscription Advantage = yearly renewal to have access to new major and minor releases (bug fixes as well). Licenses are perpetual (so never expire) but you do get new license files each year you renew Subscription Advantage.
Updates for 5 products within the last 2 months for instance.
Customers can assign a partner to have access to view license details (helps a lot for renewals/upgrades).
License HA Considerations – can have a Duplicate License Server at a second site. It needs same IP # and you keep it powered off (since Citrix products work for 30 days without license server being online). Setup via duplicating or imaging existing server…or building manually.
Quiz Questions
Grace Period — products run for 4 days unlicensed, 30 days if license server goes offline.
RDS Licensing — emphasis….we need it!
Install Licensing server before XenApp.
Get licenses files off MyCitrix using account credentials of person who bought Citrix license.
Install
XenApp 6 requires 2008r2 64 bit period. If want to do 32 bit or 2008r1 or 2003 Server, you get to do XenApp 5.5
Web interface on same box as XenApp server — all right for PoC or very small environment. Don’t do it for medium to larger environments.
We love MS MMC — yes, we do.
Web Interface — it does use IIS and IIS will get automatically installed.
Farms and Zones
How many farms? Depends on versions and administrative separation.
How many zones? Often geography…keeping less data from going over the WAN.
Database – SQL all the time….haven’t seen anyone who does Oracle (one person who does DB2.
SQL Express makes it easy.
Shadowing – enable it upfront. If you don’t turn it on during install, you can’t change it later (default is to allow) unless you do a complete reinstall.
Recommendation = enable during install, disable during policy so keep flexible to enable it later.
Adding users to Remote Desktop group
Anonymous users….kind of cool….let any user who walks up get at Citrix apps.
Passthrough Authentication — can have it on or off…requires reinstall of Receiver to change it.
IMA Encryption — it’s not part of the installer now and done via CTXKEYTOOL….don’t know anyone who does it.
Web Interface Install Decisions — always let it copy the plugins to make life easier later…gives you the folder structure you can then copy around.
Quiz Questions
Data Collector is not available in XenApp Server Role Manager.
Can config License Server by name or IP #.
If want passthrough auth later, have to reinstall Receiver.
XenApp Admin
Worker Groups — love them.
Let you group multiple serers as a single unit.
Can have a server being a member of multiple worker groups.
Also helps with load balancing.
Policy goodness….how we filter things down to servers.
Admin Privilege Levels
Account you install XenApp with will be full admin to the farm.
As soon as add another account with full admin, the local admin privilege goes away.
If you lock yourself out, there’s no back door — MAKE SURE TO ENABLE MULTIPLE ACCOUNTS.
Best Practice = add a group with permissions and a group for local admins ASAP after installing XA.
Can easily create admin account but leave disabled for manual type access.
Admin Console folders — we can use those for admin permissions. This is separate from the folder list that clients see in Web Interface/Dazzle/etc.
Config Logging – very nice to show who made each change and when.
Do NOT use a generic account to administer Citrix – make sure to use individual accounts.
Web Interface
Chrome not supported yet.
Unique Name in AD = User Principal Name
A Smart card can be used to authenticate
Streaming Apps
App-V, ThinApp, XenApp Streaming Apps — 2 out of 3 supported by Citrix.
Provides application in a bubble.
Dual-Mode Streaming – if non-Windows endpoint, can revert back to running off XenApp server
Stream to XenApp Server — provides nice isolation, makes PVS easier too for XA servers.
Offline mode — once cached, can run offline. Also, application runs out of local cache and only grabs new bits each time launched.
App-V Integration – can point to App-V package rather than Citrix package.
Next version of Office will come as App-V package (either definitely or very likely).
This is a big deal because….who’s more likely to have the primary application packaging method after all?
Multiple delivery protocols — either CIFS or HTTP/HTTPS.
Architecture
Citrix Online Plugin — connects to Web Interface
Citrix Offline Plugin — need this in general but also has offline functionality. Has overall packaged app functionality.
File or Web Server — used to host the applications.
Citrix Streaming Profiler (Profiler) — used to package an application and configure its profile for streaming.
Core Components — IMA Data Store, XenApp Server (to run on non-Windows endpoints or in general),
XenApp Enterprise Minimum License required for this piece.
Policies
Group Policy Integration — biggest thing they did in XA 6, integrates dieclty with Group Policy engine.
IMA-based is still there but don’t do both.
No AD schema changes required.
Have to keep precedence in mind.
Processing order = Local GPO, IMA-based Policy, Site GPO, Domain GPO, OU GPO
Can import GPO’s.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s