Sunday, November 11, 2007
ESX NTP
Sunday, August 26, 2007
Never REgister XP Again
After you have activated your XP software for the first time, you never need to do so again. Each time you reinstall XP, keep a copy of your wpa.dbl file. This file can be found in your \windows\system32 folder. After reinstallation replace the wpa.dbl back into the windows\system32 directory and forget about reactivation.
Thursday, June 28, 2007
WI and CAG 4.5 on same server fix
http://support.citrix.com/article/CTX112128
HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\MSAM\FilterCacheControl
1. Create a key under FilterCacheControl with the location of the Web Interface site and its .ica file:
/Citrix/MyWISite/site/launch.ica (Example)
2. Create a string within the newly created key with the following name:
application/x-ica
restart IIS
HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\MSAM\FilterCacheControl
1. Create a key under FilterCacheControl with the location of the Web Interface site and its .ica file:
/Citrix/MyWISite/site/launch.ica (Example)
2. Create a string within the newly created key with the following name:
application/x-ica
restart IIS
Thursday, February 01, 2007
VMWare Virtual Server Tips
VMWare Server Tips
Some of our clients will deploy VMWare Server initially or in conjunction with ESX VI3. Here are some tips I want to pass along.
Make sure that new systems do not have privacy permissions assigned to them.
Make sure that new systems operate under local system and not the user ID that powers up the system
Make sure that new systems are properly configured for startup/shut down procedures
Install the VMWare Server Console on your workstation reducing the need to access the host system desktop
Make sure to turn off Automatic Updates for the Windows Operating Systems hosting the Virtual Machines
If you create a new template server, perform the initial install in a VM with two virtual processors. Then drop it back down to one processor (if appropriate) before committing it to a template. This will allow the Multi Processor Kernel to be installed by default which will work for one or multi processor systems.
Some of our clients will deploy VMWare Server initially or in conjunction with ESX VI3. Here are some tips I want to pass along.
Make sure that new systems do not have privacy permissions assigned to them.
Make sure that new systems operate under local system and not the user ID that powers up the system
Make sure that new systems are properly configured for startup/shut down procedures
Install the VMWare Server Console on your workstation reducing the need to access the host system desktop
Make sure to turn off Automatic Updates for the Windows Operating Systems hosting the Virtual Machines
If you create a new template server, perform the initial install in a VM with two virtual processors. Then drop it back down to one processor (if appropriate) before committing it to a template. This will allow the Multi Processor Kernel to be installed by default which will work for one or multi processor systems.
Wednesday, December 20, 2006
Getting NLB CAG SSL Cert
Changing the Name of the CAGs
You will need to use an external CSR generator to achieve this such as OPENSSL.
From an OPENSSL prompt, type;
openssl genrsa -out domainname.key 1024
openssl req -new -key domainname.key -out domainname.csr
You will be prompted to fill out information. Please enter the information correctly.
When it asks you to enter in “YOUR NAME”, enter in the FQDN of the device, (ie, connect.chop.edu)
You have now generated a new SSL Certificate Request file with the new domain name. The contents of this file are what need to be submitted to the Certificate Authority.
When you get the signed certificate back from the Certificate Authority, create a new UNICODE text file with an extension of .crt.
In this text file, copy and paste the contents of the domainname.key file.
Then copy and paste the contents of the signed certificate file.
Your end file should look like this;
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
From the CAG Admin console, upload the file you just created to the CAG using the “Upload a .pem private key and signed certificate” option
Restart the CAG.
Ensure that the CAG is configured to use the new name as its external FQDN on the General Networking page.
Please keep all of these files under tight control. If someone was able to obtain these files they would be able to spoof and or hijack the organization on the Internet.
You will need to use an external CSR generator to achieve this such as OPENSSL.
From an OPENSSL prompt, type;
openssl genrsa -out domainname.key 1024
openssl req -new -key domainname.key -out domainname.csr
You will be prompted to fill out information. Please enter the information correctly.
When it asks you to enter in “YOUR NAME”, enter in the FQDN of the device, (ie, connect.chop.edu)
You have now generated a new SSL Certificate Request file with the new domain name. The contents of this file are what need to be submitted to the Certificate Authority.
When you get the signed certificate back from the Certificate Authority, create a new UNICODE text file with an extension of .crt.
In this text file, copy and paste the contents of the domainname.key file.
Then copy and paste the contents of the signed certificate file.
Your end file should look like this;
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
From the CAG Admin console, upload the file you just created to the CAG using the “Upload a .pem private key and signed certificate” option
Restart the CAG.
Ensure that the CAG is configured to use the new name as its external FQDN on the General Networking page.
Please keep all of these files under tight control. If someone was able to obtain these files they would be able to spoof and or hijack the organization on the Internet.
Wednesday, November 08, 2006
Modify STA number of Citrix Server
STA 4.0 settings are stored in the following file
Edit %ProgramFiles%\Citrix\System32\CtxSta.config
Edit %ProgramFiles%\Citrix\System32\CtxSta.config
Wednesday, October 25, 2006
Set Audio from Web Interface
The default sound quality setting for ICA sessions launched through the Web Interface can be
changed by modifying the template ICA file on the server which is pushed down to the ICA client.
To do this:
1. Log on as an administrator to the server running the Web Interface.
2. Start Notepad and open the file, c:\Inetpub\wwwroot\Citrix\MetaFrame\Conf\default.ica.
3. Browse to the [Application] section in the file and under this section, add the following
parameter and save the file:
AudioBandwidthLimit=0
Clients connecting henceforth are forced to use the audio setting specified on the server.
AudioBandwidthLimit=-1
This sets the audio bandwidth limit or audio quality for the connection. 0 is high, 1 is medium, and 2 is low. Anything else is invalid, though sometimes (but not always) it is set to "-1" if audio is off.
changed by modifying the template ICA file on the server which is pushed down to the ICA client.
To do this:
1. Log on as an administrator to the server running the Web Interface.
2. Start Notepad and open the file, c:\Inetpub\wwwroot\Citrix\MetaFrame\Conf\default.ica.
3. Browse to the [Application] section in the file and under this section, add the following
parameter and save the file:
AudioBandwidthLimit=0
Clients connecting henceforth are forced to use the audio setting specified on the server.
AudioBandwidthLimit=-1
This sets the audio bandwidth limit or audio quality for the connection. 0 is high, 1 is medium, and 2 is low. Anything else is invalid, though sometimes (but not always) it is set to "-1" if audio is off.
Tuesday, October 24, 2006
Enable Pass Through Auth from WI to Citrix Server
Look for APPSRV.ini in this location:
C:\Documents and Settings\USERNAME\Application Data\ICAClient
Open that file and add the following lines under [WFClient]:
EnableSSOnThruICAFile=On
SSOnUserSetting=On
C:\Documents and Settings\USERNAME\Application Data\ICAClient
Open that file and add the following lines under [WFClient]:
EnableSSOnThruICAFile=On
SSOnUserSetting=On
Tuesday, October 03, 2006
Restore Client name in WI
http://support.citrix.com/kb/entry.jspa?externalID=CTX107112
