Monthly Archives: November 2014

New feature in Netscaler – Admin partitions

So this was announced on Synergy earlier this year, and now just arrived in the first enhancement build which is downloadable from Citrix.com

NOTE: There is only a VPX available for XenServer but there is a firmware available which works on regular VPX.

So what is Admin Partitions?

It is a kind of Role-based access segmenting, each user has their own partition which contains their own configuration files and view and logging and so on.

So think like SDX where each department is given their own VPX which has their own SLA using their own build version and so on. Partitions works for a single appliance, so users share the same build and appliancce, but they have their own configuration and setup.

Think of it like a Windows PC, where each user has their own login and they customize their own background and change the shortcuts and so on without it affecting the other users.

So how to set it up ?

image

System –> Partition Administration –> Partitions.

image

Here we define a name for the partition and we define how much bandwidth for this partition. So this can be Citrix department (ICA-proxy) and how much bandwidth, connection limit and memory limit. So after we have created this we can go back to the partitions menu and see how it looks.

Next we can add a bridge group or VLAN to the partition abd bind it to a user

image

We can also change partitions from within the GUI from the admin gui

image

So after I changed partition I can see that I see how much dedicated this resources has.

image

And note that partitions also creates new local groups

image 

But note this allows us to partition the Netscaler into different resources and dedicated users. So we can create a partition for the Citrix guys, some for the Networking guys and for instance a partition for the Exchange guys and dedicating system resources to each department.

Stay tuned for more!

Netscaler 10.5 and Storefront 2.6

During a new setup for a customer we were using the latest build from Storefront 2.6  and latest NS build 10.5 (53) to ensure that there are no bugs and so on.

The pre-existing Storefront was setup using regular HTTP (Not recommended) but it should work just fine.

After setting up Netscaler against Storefront and adding different policies everything looked to be working fine.

Well almost… Receiver for web worked as it should we managed to authenticate and start applications as they should. But! when using Citrix Receiver (latest version) we stumbled across something funny.

After starting Citrix Receiver and entering username and password the “enter URL” dialog window popped up again

image 

annoying….

So I did as every IT-guy does, I enabled logging of Receiver and checked the logs on Storefront and doublechecking on different clients and checked that the store actually was saved in the registry.

Since my first things was that Receiver wasn’t able to store info in registry

NOTE: Citrix Receiver stores info under HKEY_CURRENT_USER
That worked as it should, then I enabled logging on Citrix Receiver and saw trough the logs there.

This is done by adding a couple of registry settings under HKEY_LOCAL_MACHINESOFTWAREWow6432NodeCitrixAuthManager

SDKTracingEnabled = true

TracingEnabled = true

HKEY_LOCAL_MACHINESOFTWAREWow6432NodeCitrix

dword, ReceiverVerboseTracingEnabled = 1

The logs are generated under %AppData%LocalCitrix

but no luck there as well, everything looked as it should be, but still no luck. After that I got some tips from some colleagues that I should enable HTTPS since it was the last logical chooise

and voila! then Citrix Receiver worked as it should.

Veeam Cloud Connect for Microsoft Azure walkthrough

With the recent release of Veeam 8, I was exited to hear that Veeam also added support for Cloud Connect Against Azure. So Cloud Connect is a option for Veeam Cloud providers to offer off-site backup for their customers. So it requires that customers already have Veeam in place, but makes it easy for them to just add a “service provider” to the Veeam console and ship off-site backup to cloud provider.

So why use Azure? First of it might be as simple that you don’t have the available space/hardware/ to supply your customers. Also it might be that you don’t have adequate network infrastructure to support your customers. (NOTE that cloud connect) does not use VPN.

NOTE: That this requires that you have an existing azure account and preconfigured virtual networks and resource groups.

So how do we set this up?
First we go into the newest Azure Portal → portal.azure.com

image 

Then go into Marketplace and then search for Veeam (You can see Cloud Connect appearing there)

image

Choose create, NOTE: This will provision a virtual machine instance in Azure, and note that the default instance is a A2 which can have up to 4 data disks (4 TB of total data)  and total of 2000 IOPS in total. What kind of Disk size you want is up to you to decide. If you need more disk size or more IOPS you need to change to another instance size. 

image

After that is done you can just wait for the provisioning is complete. Now by default the template does a couple of things, firstly it spins up a VM with Veeam Cloud Connect preinstalled and it also precreates an Endpoint (port 6180) which Veeam will use to communicate and send traffic.

image

NOTE: On the top of the menu pane on the VM you need to take note of the FQDN of the VM (Since you need it later when addind the service on-premise)

Also take note that the virtual machine has an VIP if (which is by default dynamic) but will remain with the VM as long as it is allocated. The same goes with the internal IP which is this case is 10.0.0.4 but we can assign them both as an static IP address.

I can assign the internal static IP address from the portal itself.(This means that it sets it as an static DHCP allocation) I can also define an Instance IP address. By default a Virtual IP address is shared by many virtual machines inside a cloud service, but an instance IP address is a dedicated public IP for a single virtual machine.

image

So you should define them both, since if a VM goes down and changes IP-address the cloud connect will not work properly.

After you are done with the ip-addresses you can connect to the VM using RDP (This can be done from the main dashboard and choose connect)
When inside the Cloud connect setup will start automatically

image 

(and yes you need a VCP license) after the license is added it gives you an set of instructions on what do to next

image

First thing we need to do on the Azure part is to add a customer / user to allow them to authenticate and store content.

image

Add a username and password

image

Next, define what type of resources that are available to this customer. Note that by default there is a repository on the local drive C: (This should be changed to a data disk repository) but by default the instance has no data disks.)

image

Then you are done on the Azure part! (Note that the Azure provisioning generated a self-signed certificate) which will generate error messages when connecting from on-premise/customer side so this should be changed to a public certificate to avoid that issue.

So now that we have setup everything on the virtual machine in Azure we need to add the “service provider” gateway on our customer VM running Veeam V8.

image

image

Note that the DNS name can be found inside the dashboard of the virtual machine in Azure.

Next we need to add username and password that can be used to authenticate against the providers, and note that by default the Veeam VM in Azure uses a self-signed certificate therefore customers need to add the certificate thumbprint to verify the connection.

image
Next we see that the Cloud repository we created is available after authenticating in the service provider. Note that it is also possible to use WAN accelerators between customers and Azure. But using WAN accelerator requires more CPU and disk IO on the Azure side (therefore you should look at D-instances Azure Vms (Which has SSD diskes)

image

Now that we have added the cloud repository we are good to go, now we can just create a new copy backup job and point it to the cloud repository.

image

Think you manage to get all the news that has appeared from Microsoft the last month ? don’t think so

So there is alot happening at Microsoft these days. I’ve had trouble my self keeping track what has happend the last weeks or so. Therefore I decided to write this blog to just get an overview myself what’s happend.

Microsoft and Dell launch Cloud Platform Suite
http://www.microsoft.com/en-us/server-cloud/products/cloud-platform-system/

Azure: D-series virtual machine instances
https://weblogs.asp.net/scottgu/new-d-series-of-azure-vms-with-60-faster-cpus-more-memory-and-local-ssd-disks

Azure: Network security Groups, Multi NICs on virtual machines, Announcement of Azure Marketplace, New VPN gateway sizes, Force tunnelig, GA of Automation Services, preview of Batch Services, Antimalware of VMs in Azure
https://weblogs.asp.net/scottgu/azure-new-marketplace-network-improvements-new-batch-service-automation-service-more

Azure: Docker and Microsoft
https://weblogs.asp.net/scottgu/docker-and-microsoft-integrating-docker-with-windows-server-and-microsoft-azure

Azure: Traffic manager, nested profiles
http://azure.microsoft.com/blog/2014/10/29/new-azure-traffic-manager-nested-profiles/

Azure: Website migration tool
http://azure.microsoft.com/blog/2014/10/28/introducing-azure-websites-migration-assistant/

Azure: Operations Insight announced
http://azure.microsoft.com/blog/2014/10/28/exciting-updates-to-microsoft-azure-at-teched-europe-enabling-simplicity-scale-and-innovation/
https://preview.opinsights.azure.com/

Azure: G-sizes, Premium Storage
http://azure.microsoft.com/blog/2014/10/20/azures-getting-bigger-faster-and-more-open/

Azure: Netscaler and Azure
http://azure.microsoft.com/blog/2014/10/30/multiple-vm-nics-and-network-virtual-appliances-in-azure/

Azure: General availability for disaster recovery
http://blogs.technet.com/b/in_the_cloud/archive/2014/10/02/announcing-the-ga-of-disaster-recovery-to-azure-using-azure-site-recovery.aspx

Azure: PowerShell DSC extensions
http://blogs.msdn.com/b/powershell/archive/2014/10/28/manage-the-powershell-dsc-extension-in-the-azure-preview-portal.aspx

Office365: Outlook for Mac
http://blogs.office.com/2014/10/31/new-outlook-mac-available-office-365-customers/

Office365: Builtin MDM
http://blogs.office.com/2014/10/28/introducing-built-mobile-device-management-office-365/

Office365: DLP in Office365
http://blogs.office.com/2014/10/28/expanding-data-loss-prevention-dlp-sharepoint-online-onedrive-business-windows-file-share-office-clients/

Office365: new plans
http://blogs.office.com/2014/10/02/announcing-availability-new-office-365-plans-small-midsized-businesses/

Office365: Unlimited Storage
https://blog.onedrive.com/office-365-onedrive-unlimited-storage/

 

Intune: Secure browser
http://blogs.technet.com/b/in_the_cloud/archive/2014/11/03/success-with-enterprise-mobility-secure-browser.aspx

Intune: MAM features for Office
http://blogs.technet.com/b/in_the_cloud/archive/2014/10/28/emm-game-changing-announcement-1.aspx

Intune: Mobile data management
http://blogs.technet.com/b/in_the_cloud/archive/2014/10/31/success-with-enterprise-mobility-containing-corporate-data.aspx

System Center and Windows Server vNext announced
http://blogs.technet.com/b/server-cloud/archive/2014/10/01/announcing-availability-of-windows-server-technical-preview-and-system-center-technical-preview.aspx

Coming with Netscaler soon..

So alot is happeing with Netscaler these days. So this is a quick post to tell abit about what is happening.

1: Netscaler appliance in coming in Azure. There is now ETA to when this is coming but this is really important to Citrix workloads. I’m also guessing that this is because of Citrix Workspace Services that i coming.

http://azure.microsoft.com/blog/2014/10/30/multiple-vm-nics-and-network-virtual-appliances-in-azure/

2: Netscaler partitions

http://www.slideshare.net/citrix/syn207-newest-and-coolest-net-scaler-features-you-should-be-jazzed-about?qid=8a786939-a19f-41ef-b7d7-172610a76a8f&v=qf1&b=&from_search=9

Heard a rumour that this is coming reaaaaly soon. with partitions a system admin would be able to logical split up a Netscaler into different entities. Think of it like a windows computer with multuple users. Every user has the option to create their own desktop background and customized GUI, and be able to use their own appliations.

So no longer do we need an SDX to do multi tenancy. Even thou we share the same hardware and OS underneath. It is a really cool feature!