Raspberry Pi – the plan (business)

Business:

Thin Client device. It’s ideal. The nature of the cost to use, ease of deployment –once you have a working configuration– robust nature and with some work, secure, it’s ideal for getting users online as cheap as possible.

There is a blog out there called RPITC that is deep-diving this, and doing some great work at a dedicated device for all things thin-client.

They are covering things like Citrix, VMWare, RDP etc so I’ll be keeping a close eye on that.

The problem with the Raspberry Pi at the moment is that not all of the pre-requisites for a great experience have been ported to the Debian distributions that most people are using. The software that I see needs work is X11 drivers, essential for that very much needed GUI speed injection. With that, the platform should be able to handle long term use of the device, to perform office tasks, much like any other thin client user.

CItrix is a little behind here too. Sure they have a Linux Debian client 12.x that is compiled to run on the armel distributions but it isn’t as efficient as the armhf distribution of Raspbian that is available. Something to do with soft floating point versus hard floating point. I did say I’m a noob at this, so that’s as deep as I get. There is a definite difference though.

I think I’ll get on to one or two folks at Citrix and see if I can influence them to get an armhf compile completed, there’s a lot of people out there who could test it for them – and what about v13??? 🙂

I don’t have a lot of interest in using RDP or PCoIP but I’ll keep an eye on that in case the company I work for has a need. I own the Citrix platform though, so I can’t see any change happening any time soon!

Have you had any success in this area?

Do you work for Citrix? Can you get us a decent linux client compiled 🙂

PL

Raspberry Pi

Did you get one? Like many out there I did, not so much early on in its release phase but maybe a few months in. It took forever to arrive and then when it did, I didn’t have much appetite to play around with it.

Saying that, now the dark evenings are upon us, I’ve been doing some research and dabbling in all things Pi. It’s proving to be enjoyable, frustrating, fruitful and fruitless at the same time 🙂

I have a few things in mind for it, ranging from personal to business and maybe somewhere in-between. I imagine the stuff I’m looking to do with it will hardly be ground breaking but what I want to do is document the stuff that I find that works and then also stuff that I know is crap!

I’ve been doing a lot of trawling forums and blogs alike and what I find is that there isn’t much of the ‘definitive’ out there. A lot of conjecture, advice, ‘solutions’ that actually don’t work etc. so, what I have in mind here is to only blog about stuff I know works and exactly how I got it to work.

I will of course credit any sources I take my snippets from but hopefully, like other posts in the past, you will be able to take the scripts, understand them, and if you feel like it, follow them/run them yourselves.

I’m a bit of a noob when it comes to Linux but I know command line from my DOS days (yes I’m that old) and once you get into it, it’s quite good!

So, what have you done with yours?

PL

XenApp 6.5…incoming!

Hey folks,

I know it’s been a while and I’m still getting visits to the site.  A lot of the information I posted here is still valid, so thanks for your continued visitations.

I’m just about to embark on getting XenApp 6.5 put into our environment, based on Windows 2008 R2 (of course).  Whereas I won’t be doing the direct engineering myself, I’ll be heading up the team doing it (stuff happens, people move on) but I’ll be able to bring you information as it comes in.

So, keep tuned in.

What’s more we’re looking to do a sizeable implementation of XenDesktop on XenServer too, so I’ll be sure to update you on some of that too.

If you have any requests, let me know – I’ll be sure to try to get the info!

PL

Citrix Receiver and Juniper SSLVPN

What do you do if you have a requirement to have your Citrix Farm(s) available outside of the company firewall. ‘Available’ meaning usable on any device, become truly device agnostic!

You could punch some holes through your firewall and hope it meets the stringent company security regulations.

You could buy a Citrix Netscaler solution and use their in-built Access Gateway functionality to ‘easily’ allow ICA traffic into your network.

But…What if your company had already invested in SSLVPN technology and couldn’t justify Netscaler?

The answer, if you chose Juniper, which many companies do due to it’s standing in the technology space and magic quadrant position with Gartner and Forrester, is actually all rather simple.

On September 8th, Juniper released their new Junos Pulse app for iOS4.1 and above. This means that any device currently compatible with iOS4.1 can utilize an SSL connection through the Juniper devices, into a secure company network. Once the connection is established, you can fire up Citrix Receiver, put in your simple connection string for your farm and hey presto, access to your published applications and desktops on XenApp and XenDesktop.

OK, so we’re not device agnostic yet, but…

iOS4.2 is out in November, which will be release for the iPad, a big game changer for mobile computing due to it’s portability and screen real estate (self confessed fanboy!), which will mean Junos Pulse will work immediately, once installed and connected to your SSLVPN device.

For the non-Apple devices, I have it on good authority that Droid, Symbian, Windows Mobile and Blackberry are all in Beta development at the moment and will be released ‘soon’. Great news…and a step towards device agnostic usage, so long as there is a Citrix Receiver for your platform too.

Getting it to work:

Installing the app is as simple as any app from the App Store, configuring it is also pretty simple, what’s more, with the Apple iPhone Configuration Tool for OSX/Windows v3.1, you can create pre-configured connections for your device, which does the ‘hard’ work for your end users!

Configuring the Juniper SSL device is fairly simple too, as long as you are using the NetworkConnect, function your device will have access, albeit fairly pervasive, to the network you’re connecting to.

What do I recommend you do is:

Set up a separate realm for mobile devices, which you specify as the connection string
Create a new sign-in page that is friendly to small screens – check out the Juniper knowledge base for a sample download.
Limit the devices you want to have connect by specifying the client device identifier.
Limit the sign-in screen to be available to the *Junos* browser only.
Add black lists of network locations you don’t want everyone to have access to. These could be highly confidential data repositories or your ‘crown jewels’.
Add white lists of citrix servers you want your folks to have access to while on the network, or if you’re happy that the blacklist is sufficient, allow * for a more seamless and agile implementation which will not need adjustment as your farm grows.

There is a lot of flexibility in the solution and depending on your security needs you can mix and match some of these ideas and more in what constitutes a valid policy for your company. The more controls you add, the more you may need to revisit the configuration as devices arrive and requirements change.

Once you are up and running with NetworkConnect you can configure your Citrix Receiver client, connect and start using your Citrix apps strait away.

I was impressed how quick it was to achieve and painless the process has been made.

I don’t work for Juniper and have only recently become familiar with the technology but in my mind, Junos Pulse is a complete breath of fresh air. In forthcoming releases there will be host checkers and cache cleaners etc to ensure the device is adequately secure before allowing connection.

The area of mobile security is still in it’s infancy, it will be interesting to see if Juniper keeps up with the requirements for more security, or my hope is be the lead for others to follow!

PL

Citrix Merchandising Server 1.2 on VMWare ESX (vSphere)

I recently acquired (yesterday) the Tech Preview version of Mechandising Server 1.2 from Citrix, which is specifically packaged for use on VMWare ESX.

Version 1.2 has been out or a short while, and whereas I had it running rather well on a XenServer, my company is a VMWare-only place right now, so getting this into a Production state would have meant jumping through several hoops.  I attempted to convert the Xen package over to VMWare but consistently got issues with the XML data in the OVF.

The new VMWare packaged file, which is around 450Mb, imported without a hitch!  Now I’m up and running on the platform of choice and this should make it easier for me to use in Production!  Good news!

Citrix recommends 2CPUs and 4Gb Ram for the instance.  Depending on your scale of usage, you can get it up and running with 1CPU and 1Gb RAM but that really does depend on how large your Directory data is.  For testing, I recommend 2Gb RAM, although it’s simple to adjust when you are more familiar with the load that is required for your environment.

If I find any gotchas with the configuration or getting Receiver/Plug-ins working with the Web Interface, I’ll let you know!

Thanks for reading, leave a comment!

PL

AppSense 8.0 SP3 CCA Unattended

If you’re wanting an unattended installation of you AppSense CCA (Client Communications Agent) you will want to look here.

This is documented in the Admin Guide but I missed it on my first run-through.

The installation is the same for the 32-bit or 64-bit version, simply call the right MSI for your server type.  This is also true for the compatible Operating System versions, there’s only one per architecture but covers all compatible OS, which keeps it relatively simple.

Installation Script

@echo off
REM *** SETTING UP THE ENVIRONMENT
NET USE M: "\\server\share\folder" /pers:no
SET INSTALLDIR=M:\

REM **** Installing the AppSense Communications Agent (WatchDog agent installed also!)
REM **** Set this VARIABLE for your own (primary) Management Server
SET APPSENSESITE=SERVERNAME
ECHO Installing AppSense Communications Agent..
cd /d %INSTALLDIR%\AppSenseCCA
SET OPTIONS=INSTALLDIR="D:\Program Files\AppSense\Management Center\Communications Agent\"
SET OPTIONS=%OPTIONS% WEB_SITE="http://%APPSENSESITE%:80/"
SET OPTIONS=%OPTIONS% WATCHDOGAGENTDIR="D:\Program Files\AppSense\Management Center\Watchdog Agent\"
SET OPTIONS=%OPTIONS% GROUP_NAME="ZeroPayload"
SET OPTIONS=%OPTIONS% REBOOT=REALLYSUPPRESS /qb- /l*v c:\setup\log\cca.log
START /WAIT MSIEXEC /i ClientCommunicationsAgent32.msi %OPTIONS%

This will install the CCA, set the installation folders, choose your “preferred” Management Server and then add it to a Deployment Group.

Management Console Considerations

One requirement for the Deployment Group is that it set for “Allow CCAs to self-register with this group”

This is set in the Management Console, in the group you have created, called ZeroPayload here, under the Settings section.  Putting a tick in the box is sufficient to complete the registration setting.

Now, a server will be able to join the group with the above unattended script.

What I have done, to manage how and when the agents and pacakages are deployed, is set the “Installation Schedule” to be set to “At Computer Startup – Agents are installed only when computers are started“.  I have added all the agents into this group but no PACKAGE payloads.  If you now reboot the server at your convenience, once the CCA is installed (in my case part of a wider XenApp install) the server will install the agents and immediately REBOOT the server one more time, since you need to remember that the Performance Manager agent will automatically issue a reboot request upon installation.

If you were to set this as “Immediate” in the Installation Schedule, there would be no control over when your server reboots.  Many people fall foul of that nuance of PM as it’s easy to forget (I’m sure the guys at AppsSense forget that on occasion too!).

One very cool behaviour is that you can add both 32-bit and 64-bit agents into this Deployment Group and your server will only install the version it needs for the given architecture.

So now your server is configured and ready for it’s final deployment.  If you’re like me and have  number of active Deployment Groups, some with a slightly different package payload, you can use this method initially, then move your server to the required deployment group.  If all agent versions are the same, and in the beginning they certainly should be, all that will be deployed when you move to another group is the Packages, and these don’t force a reboot.

One last thing to consider.  Any Environment Manager packages that have “Computer” settings will not be invoked until the next reboot.

So… there you have it in a nutshell.

Leave me a comment if you have experiences to share.

PL

XenApp PowerShell Command Pack CTP3

I’ve recently started looking at PowerShell 2.o and bought the “for dummies” book to get me started.  My immediate need for usage of PowerShell was to automate some XenApp farm configurations.  This is where the XenApp Command Pack CTP3 comes into the picture.

Installation:

A pre-requisite, in addition to installing the following two components, is to install .Net Framework 3.5SP1 – this is specific to the XenApp Command Pack and use of CTP3 functionality.

NOTE: Anywhere a ♦ is shown, this is not intended as line break merely a line continuation to overcome the shortcomings in WordPress!

ECHO+
ECHO Installing Windows Management Framework Core (including PowerShell 2.0)..
start /wait WindowsServer2003-KB968930-x86-ENG.exe ♦
/quiet /log:c:\setup\log\WMF-PS.log /norestart

ECHO Installing XenApp PowerShell Commands..
cd /d "%INSTALLDIR%\Citrix Presentation Server"
start /wait msiexec /i Citrix.XenApp.Commands.Install_x86.msi ♦
INSTALLDIR="D:\Program Files\Citrix\XenApp Commands" ♦
/norestart /qb /l*v c:\setup\log\xa-cmds.log

Now I have the Commands installed, it’s relatively simple for me to manipulate the farm in any way I want! As far as I can see, anything that is configurable within the AMC (XenApp 5.0 FP2) can be manipulated with a PowerShell command. This includes both farm settings and server settings. I’ve also been able to set Server Groups, Server Console published icons, Administrator Access, Lesser-mortal-being Access (defined access rights) and more besides.

I would have added some of my code here but there are some sensitive items in it and would have to rewrite a lot just to display it.  It’s quite simple to get some quick results, believe me!

It’s a given that Citrix will increase their use of PowerShell in versions to come, such as FP3 and XenApp 6 for W2K8-R2. This for me can only be seen as a positive move!

I can’t recommend this one highly enough.  Check it out.

Leave a comment and thanks for reading.

PL

AppSense 8.0 SP3 Unattended Installation

It’s been a long time in coming but I finally got round to getting some progress with AppSense 8.0 @ work.

I don’t do anything unless I can automate it, so here’s my take on the unattended method for AppSense v8.0, in this case the files I used were SP3.  There is some great information in the documentation for the pre-requisites needed to get the software installed.  This is the condensed and automated sequence.  I recommend you read the documentation too!  One thing that is missing is how to do an unattended installation, which is where I felt it necessary to share my knowledge with you!

A word of warning, this isn’t as end-to-end as I’d hoped.  The pre-requisites and MSI installations are all you need to get the product running on your server but you still have to configure the product with the relevant databases for Management Server, Statistics Server and Personalisation Server, if you are using them.  I did manage to do a lot more with AppSense 7, like defining the database schema to use and setting the admin account to use etc, but I’ve since lost my snippets for v7 (an over zealous colleague being “tidy” on our code file server) and couldn’t find any settings within the MSI that looked like they would be relevant, so it’s install-then-configure this time!

My script here starts off with a server that already has IIS installed, but didn’t have BITS installed, so SYSOCMGR was used to add BITS.  If you’re installing IIS from scratch, ensure you add this component!

The IIS-BITS.inf file is simply:

[Components]

BITSServerExtensionsISAPI = ON

NOTE:  Anywhere I added the ♦ symbol, it’s not intended as a line break!  I’m just overcoming the shortcomings in WordPress for long lines of continuous text.

@echo off

REM *** SETTING UP THE ENVIRONMENT

NET USE M: "\\server\share\folder" /pers:no

IF NOT EXIST M:\ GOTO FAULT

SET INSTALLDIR=M:\

REM ** Enable BITS for IIS

ECHO Enabling BITS for IIS

START /WAIT sysocmgr.exe /i:%systemroot%\inf\sysoc.inf /u: ♦
"%INSTALLDIR%\AppSense\32-bit\IIS-BITS.inf" /r /x

REM *** Installing Dot Net 3.5

ECHO .Net Framework 3.5..

cd /d "%INSTALLDIR%\32bit.kit\DotNet35"

START /WAIT dotNetFx35sp1.exe /Q /PASSIVE /NORESTART

REM *** Installing Visual C++ Runtime 2005 SP1 (needed for hotfixes etc)

ECHO Visual C++ Runtime 2005 SP1..

cd /d "%INSTALLDIR%\32bit.kit\vcredist.2005.sp1"

START /WAIT vcredist_x86.exe /q:a /c:"VCREDI~3.EXE ♦
/q:a /c:""msiexec /i vcredist.msi /qn"" "

REM *** Install MS XML6 Runtime

ECHO MSXML6..

cd /d "%INSTALLDIR%\AppSense\32-bit"

START /WAIT msiexec /i msxml6.msi REBOOT=ReallySuppress ♦
/qb- /l*v "c:\setup\log\msxml6.log"

REM *** Installing AppSense Components

cd /d "%INSTALLDIR%\AppSense\32-bit"

ECHO Installing 32-bit AppSense Management Server component..

START /WAIT MSIEXEC /i ManagementServer32.msi ♦
INSTALLDIR="D:\Program Files\AppSense\Management Center" ♦
ALLUSERS=TRUE REBOOT=ReallySuppress ♦
/l*v "c:\setup\log\AS-ManagementServer.log"

ECHO Installing 32-bit AppSense Management Console..

START /WAIT MSIEXEC /i ManagementConsole32.msi ♦
INSTALLDIR="D:\Program Files\AppSense\Management Center" ♦
ALLUSERS=TRUE REBOOT=ReallySuppress ♦
/l*v "c:\setup\log\AS-ManagementConsole.log" /QB-

ECHO Installing 32-bit AppSense Application Manager Console..

START /WAIT MSIEXEC /i ApplicationManagerConsole32.msi ♦
INSTALLDIR="D:\Program Files\AppSense\Application Manager" ♦
ALLUSERS=TRUE REBOOT=ReallySuppress ♦
/l*v "c:\setup\log\AMConsole.log" /QB-

ECHO Installing 32-bit AppSense Environment Manager Console..

START /WAIT MSIEXEC /i EnvironmentManagerConsole32.msi ♦
INSTALLDIR="D:\Program Files\AppSense\Environment Manager" ♦
ALLUSERS=TRUE REBOOT=ReallySuppress ♦
/l*v "c:\setup\log\EMConsole.log" /QB-

ECHO Installing 32-bit AppSense Performance Manager Console..

START /WAIT MSIEXEC /i PerformanceManagerConsole32.msi ♦
INSTALLDIR="D:\Program Files\AppSense\Performance Manager" ♦
ALLUSERS=TRUE REBOOT=ReallySuppress 
♦/l*v "c:\setup\log\PMConsole.log" /QB-

For the .Net Framework file, don’t go looking for dotNetFx35sp1.exe, since this is merely the download of 3.5SP1 renamed so it doesn’t look like standard 3.5, and was done for my own future sanity if nothing more.

.Net Framework 3.0 is the minimum requirement but I’m aligning all my current work on 3.5SP1 since I may wish to use PowerShell 2.0 as and when possible.  I certainly did for XenApp with favourable results (will post about that later).

Post Installation work:

Once the software is installed, you need to connect to or create the databases you’ll need for your choice of functionality you’re going to make active.

Click Start -> All Programs -> AppSense -> Management Center -> AppSense Management Server Configuration

Go through the GUI, tell it where your blank (but already created) schema resides, present it with some credentials and you’re set!

The only other step you *may* be faced with is that the configuration tool analyses the installation to see if there any anomalies.  These are termed as variances in the GUI.  For me, since I’m logged in as an Administrator anyway, I ask the GUI to repair all variances, in all locations.  Once done, the installation is complete.  The steps are very similar for the Statistics Server and Personalisation Server.  It is recommended (for larger installations) that you put Personalisation on it’s own server instance, but Management Server and Statistics Server can occupy the same instance.

I’m planning on installing the CCA with the XenApp base build, so I will likely post that unattended install next.

Leave a comment, thanks for reading.

PL

Citrix Merchandising Server 1.2

I’ve been experimenting with Merchandising Server recently.  Primary objective: To see what all the fuss is about.  How will this make my life (or at least the support team @ work)’s life easier?

Well on first look, it’s all looking rather good!  Here’s why:

• Delivery of the Receiver software to any compatible device (Windows & Mac)
• Delivery of Plugins (ICA aka Online/Offline Plugin, EdgeSight, Dazzle, EasyCall, etc)
• Seamless Updating of new plugin versions (all fully customisable with rules for when to do or when to not do an action)

I can see our rather large user base (35k ICA installs and counting) being quite taken by the fact that they don’t have to seek out a “scripted” install to replace what they already have, we can do the “hard work” for them – and roll it back if a new version sucks (you know it happens occasionally!)

So what’s the catch:

Well since I am bound by the rules that *essentially* we are a VMWare shop at my place of employment, the Merchandising Server is a VM Appliance that is only available for those running XenServer.  This is a big disappointment.  Do you guys realise how many hoops I’d have to jump through to get a XenServer (or two) installed in Production.  Not only that but I’d have to write the documentation to support it, in addition to documenting the Merchandising Server, not a prospect I relish.

Look Citrix we know XenServer is a good product – and it’s free for simple implementations – but it’s not really “enterprise” thinking when you limit the use of a product like this.

But “WAIT”, I hear you say…breaking news…

The good folks at Citrix, in their infinite (albeit slightly tardy) wisdom have done the “enterprise” thing!  Whilst browsing around myCitrix.com today, I noticed that they have just released a VMWare instance!  Now that is good news.

I do have a slight challenge though, my subscription level seems to be limiting my ability to acquire said item.  Fear not, I tell myself, I have an email sat in my Citrix Account Manager’s inbox, asking for assistance of the intervention kind!  If/when I get it, I’ll post about it.  If the step-by-step documentation sucks, I may even write that up too.

If you have client sprawl in your Citrix jurisdiction, I really do recommend you check out the Merchandising Server, it could pave the way for an integrated solution for the future!

PL

Google…Sesame Street

Today’s entry is brought to you by the letters J, P and G.

Sesame Street is 40 today and Google is paying homage by changing it’s image to commemorate this momentus day!

I know I spent many an hour clocked in front of the TV watching big bird and the gang…

Google's Image of the day...10th November 2009