NetScaler 10.5 GUI LDAP Authentication

Setting up LDAP-based authentication the the NetScaler GUI is usually one of the first things I do on a NetScaler build…except on NetScaler 10.5 – it looks like this feature is broken NS 10.5 build 50.10 nc. The procedure is simple – configure an LDAP server and policy (or use an existing server\policy configured for CAG, etc). Then create a local group that matches the name of an Active Directory group – ‘Domain Admins’ for … Read more…

XenApp 7 User RDP Connections Disconnect Immediately

In the old days of XenApp, the XenApp servers were TS\RDS servers as well – this has not changed. What has changed is the mechanism for controlling connections to sessions on the server – they are now brokered by the Delivery Controller. Previously, if you wanted to allow users to connect you needed to grant the ‘Citrix Users’ group (or Domain Users if everyone used Citrix) the ‘Allow logon locally’ and ‘Allow logon via terminal … Read more…

XenApp and XenDesktop 7 Useful Powershell Reference

Here’s a quick list of Powershell commands I find myself using frequently. I’ll keep this updated. Get a list of all brokered connections I always sort by BrokeringTime because the order appears to be odd otherwise because the log is updated with the initial brokering time as well as the EndTime. Add an application to multiple delivery groups Adding an application to multiple desktop groups is 100% supported, it’s just not exposed in the GUI … Read more…

XenApp 7.1\7.5 Disconnected Sessions not Logging Off

There are a lot of timeouts in any XenApp environment – active session timeout, idle timeout, disconnected session timeout…the list goes on. Recently, I ran into an environment that was having a problem with disconnected sessions staying on the server – it was a newly deployed XenApp 7.5 site with infrastructure and VDAs on 2012R2. There were some issues with applications pegging resources when users connected to disconnected sessions – turns out the disconnected sessions … Read more…

Using Citrix XenMobile to Manage Corporate Email Access

In the old days, IT departments would usually just expose Microsoft ActiveSync externally and allow anyone that could authenticate to connect and sync corporate mail. Sure Exchange brought some control over these devices, including the ability to enforce a security PIN number lock and wipe them (full wipe) if they ever tried to connect after the wipe request was issued. But this still presents a problem: all of your corporate email data, including the top … Read more…