My rant about Citrix and VMWare bullshitting the industry.

Recently, we sent out a survey to 7,000 students who completed an advanced XenApp training course or certification to understand what they would like to see and learn in an advanced XenApp 6 course. Thank you to everyone who recently completed this important survey! With your help, we are now able to better shape future curriculum to support this product. We will keep you posted on details of any future course(s) resulting from this feedback as they are available.

Didn't have a chance to participate? We are always looking for your opinion on a variety of topics! Please be on the lookout for more opportunities to tell us what you think via surveys, focus groups, workshops, and betas. These are all easy ways for you to contribute to the development of future Citrix training courses, exams, and certifications!

View Online | Add Comment

At Citrix TechEdge Berlin 2010, you'll get a chance to meet some of Citrix Support's top engineers. One of these is Karen Sciberras. Karen is a Escalation Engineer based in our Dublin office in Ireland. Check out the video interview below.

You can also view some of the previous interviews with Nicolas Ogor, Lalit Kaushal, George Dunlap and Tomasz Czajka.

Learn more about TechEdge Berlin 2010, www.citrix.com/techedge, and stay tuned for more weekly close-up interviews with the TechEdge presenters.

Leave a comment

Let Karen know any thoughts, questions or feedback you might have for her session.

David
Citrix Support on:
Twitter - @citrixsupport & @citrixreadiness
Facebook
LinkedIn

View Online | Add Comment

Sometimes the Delivery Services Console takes a long time to launch. This is due to a .NET delay in the authenticode signature component as described in Microsoft Article Q936707. The following config file can be added to speed up the lauch of the Delivery Services Console. mmc.exe.config Ensure the contents of the file contain the [...]

At Citrix TechEdge Berlin 2010, you'll get a chance to meet some of Citrix Support's top engineers. One of these is Nicolas Ogor. Nicolas is a Escalation Engineer based in our Dublin office in Ireland. Check out the video interview below.

You can also view some of the previous interviews with Lalit Kaushal, George Dunlap and Tomasz Czajka.

Learn more about TechEdge Berlin 2010, www.citrix.com/techedge, and stay tuned for more weekly close-up interviews with the TechEdge presenters.

Leave a comment

Let Nicolas know any thoughts, questions or feedback you might have for his session.

David
Citrix Support on:
Twitter - @citrixsupport & @citrixreadiness
Facebook
LinkedIn

View Online | Add Comment

Citrix Virtualization Solutions Meet Internationally Recognized Security Standards and Government Requirements

Summer is almost over and that means Synergy Berlin is nearly here!  We're busy making final arrangements for our first pan-European show to be held from October 6-8.  In advance of the program,  I want to draw your attention to my favourite part of the program - the Citrix Innovation Award. 

Every day, companies experience the tangible business benefits of virtualisation, networking and cloud computing. Benefits include savings in operating expenses, enhancing productivity and flexibility, cutting power consumption and reducing carbon emissions, to name a few. But there are also a number of organizations that have embraced the power of virtual computing to think about, and to do, business differently.  These include companies like Cocamar in Brazil that have used virtualisation technology to expand their market reach;  government agencies like Fairfax County, Virginia, that have used the technology to offer cloud-based computing services to cities and townships within the county; and ND SatCom that expanded its offerings to include a satellite-based solution for business continuity and connectivity. These are but a few examples of business innovation, and I know that there are thousands of stories about organisations around the world that have embraced virtual computing to spearhead change.

The Citrix Innovation Award highlights the stories of enterprises that are using virtualisation, networking and cloud technologies in exciting ways to drive innovation in their businesses. As we did for Synergy San Francisco, we've thrown open the doors for Synergy Berlin and invited everyone in the industry - partners, customers and employees - to nominate companies that are using virtualisation, networking and cloud technologies in innovative ways  to create a dynamic, agile business environment.

Once again, I'm amazed at the diverse range of businesses that implement these technologies, and use them in new and innovative ways.  Dozens of nominations were received from all over the globe; from those nominations twelve companies that best embody the spirit of the Innovation Award were shortlisted.

The winner is chosen by popular vote of peer organisations (that means all of you!) and members of the IT industry and will be announced at Synergy Berlin.

The full list of Innovation Award finalists is:

• Chemtura Corporation
• Codan Trygg-Hansa
• CZ Healthcare Insurance
• Derby Public Schools
• LG CNS
• MATERNA
• Medical University of South Carolina
• O'Neill Europe
• Perfetti Van Melle India
• Telecom Italia
• TeleComputing
• The Co-operative Group

Check out their stories of innovation and vote for your three favourites today.

And don't forget...you can still register for Synergy Berlin!  For more info go to www.citrixsynergy.com.

View Online | Add Comment

I went kite fishing for the first time last week. Well, during this new adventure I got challenged by my teammates to relate kite fishing to XenDesktop, so this is my public reply to that challenge.

If you haven't gone kite fishing, I'll try to give you a brief explanation from a layman's perspective. Kite fishing is on the ocean and you fly a kite off the back of the boat. Attached to the kite line at intervals is a break-a-way loop that you run the fishing line through. The fishing line is then suspended from kite string with the bait in the water and the job of the fisherman is to keep the bait in the water by either letting out the fishing line when the kite goes higher or retracting the fishing line as the kite drops.

After carefully considering the experience, I came up with four areas where I saw similarities. First, I had never been kite fishing before and quite honestly, I would have never figured out how to kite fish without an experienced person to show me the ropes. Second, choosing the right kind of bait to attract the fish we were seeking required a specific knowledge of the fish diet. Third, setting up the kites and stringing the fishing lines didn't really require a lot of skill, but you had to have done it before - reading it from a book would not have worked for me. (They tried to explain it to me before they did it and I did not understand until I saw it occur). Finally, keeping the bait in the water was the key to getting a fish on the line.

Experienced Guidance

If this is your first time kite fishing, you want someone who had done it before to show you the ropes. Similarly, if this is your first time building or architecting a XenDesktop farm, you want someone knowledgeable to provide that guidance. As a XenDesktop architect with experience designing and architecting large farms, most of my blogs and whitepapers are targeted to providing you the information I believe is relevant to these tasks. In addition, Citrix has many partners (silver, gold, and platinum) and a professional services organization that are trained in XenDesktop design and deployment as well.

Customer Requirements

Selecting the right kind of live bait is key to a successful fishing trip. If the captain is unable to locate the right type of bait fish for the big fish his charter is seeking, he will not likely be successful. In most cases, an assessment should occur which provides input into the next phase. With fishing, the assessment is fairly simple since the captain just asks, "What kind of fish do you want to catch today?" From the conversations that I had, different type of fish required not only different bait, but different fishing techniques and different locations on the ocean. In much the same way, if you understand the customer's needs and long-term plans you can better design the XenDesktop farm. The XenDesktop assessment answers questions like "Where will the virtual desktops be accessed from?", " What applications will the users have?", and "What application virtualization platforms will be required?"

Setup and Installation

When feeding out the kite and the fishing lines, the whole environment must be configured in a specific order. With the kite going out first, followed by the first latch with the longest fishing line, then the second latch with the medium fishing line, and finally the short fishing line. If the correct process is not followed, it is likely the lines will get tangled and the first mate is not happy with you... Similarly, the XenDesktop farm needs to be installed and configured correctly to meet the customer requirements. Citrix provides many complimentary resources, such as the XenDesktop Checklist, the XenDesktop Quick PoC Kit, and XenDesktop Training. These items plus many resources are available from the XenDesktop website.

Fine Tuning the Environment

When kite fishing you need to work to keep the bait at a fairly consistent level in the water by playing out or retracting the fishing line based on the changing conditions. You have to account for the constantly changing distance between the free-flowing kite and the ocean waves as well as the direction the live bait chooses to swim. Now I know what a "fish out of water" looks like as it hangs from a kite, pretty funny really, but I digress. The skill comes in accurately judging the amount of line to release or reel in based on the environment. Much like fishing, once you get your XenDesktop environment up and running you will need to adjust for your user behavior. Things like desktop boot storms, user login storms, idle pool settings, patches, etc. all take a little bit of planning and adjustment after you get the environment into production.

If you are ever in the Miami area, I highly recommend Captain Nel Martinez of Top Gun Fishing Charters where I guarantee you will be well taken care of. If you are lucky, you will find some way to relate the trip to work and expense the whole thing.

View Online | Add Comment

First off: if you are using the XenApp 6 SDK exclusively for scripting your farm actions and configuration, then this blog entry will not apply to you. If, however, you are a programmer and you wish to use the XenApp 6 SDK to build an application that interacts with XenApp, then you, my friend, are the target audience!

Note: Be sure you are using XenApp 6 SDK Version 6.1.2 when following along with this blog. The previous versions have bugs that prevent some of the programming features shown from working.

For those who have programmed against MFCOM in the past, programming against the PowerShell API is quite different. MFCOM exposes a COM API with an object model that can be traversed, from the IMetaFrameFarm interface, through an object hierarchy, eventually reaching the "leaf nodes" such as applications, servers, and sessions. Once you reach an object of interest, you call a method exposed by that object to perform an action. In PowerShell the approach is much more task-based. You start by choosing a task to perform, and then you either provide a wildcard to select objects that the task should operate on, or alternatively, pass objects into the task.

Another big change is that MFCOM calls are simply APIs that the programmer calls directly. In PowerShell, the approach is a bit more complicated. The programmer must:

1. Create a Runspace, with the relevant snap-ins loaded. This is relatively expensive; but assuming the Runspace executes on the local machine this can live for the lifetime of your program, and can be reused any time your program needs to execute PowerShell commands. (I'll get into remote Runspaces in a future blog about PowerShell Remoting.)
   
   
2. Create a Pipeline within the Runspace. Each time that you want to perform an atomic operation, you create a pipeline. A pipeline is equivalent to one command that you would type in the PowerShell command prompt.
   
   
3. Add either individual commands or a script to the Pipeline.
   
   
4. Invoke the Pipeline. When you call this method, you can optionally pass objects in, and it returns the objects that are output from the commands or script in the pipeline.
   
   
5. Convert the objects that are output from the pipeline (which are all of type System.Management.Automation.PSObject) back into concrete .NET types.

When developing the XenApp 6 SDK, we recognized that this is quite a lot of effort, especially when you just want to do something simple. We also recognized that there is potential for errors because the command names, parameter names, and object property names are all just strings. It is easy to make a mistake and enter "Enalbed" instead of "Enabled", and you won't find that error until you actually run the program. Therefore, to make development easier and more robust, we have implemented a set of SDK "wrappers" that simplify programming against the XenApp SDK.

The first thing we provide is a simple, predefined "default" runspace for executing Citrix commands. This runspace will have the Citrix.XenApp.Commands and Citrix.Common.Commands snap-ins already loaded, and it is created on demand and lives for the lifetime of your application. You can reuse it as often as you need; the only limitation is that you should ensure that multi-threaded applications do not try to execute multiple commands within the runspace at the same time.

To use the default runspace, reference the System.Management.Automation.dll assembly from the Microsoft SDK and the Citrix.Management.Automation.dll assembly, which can typically be found at "C:\Program Files\Citrix\XenApp Server SDK\bin". Add "using" references to the following namespaces:

using System.Management.Automation;
using System.Management.Automation.Runspaces;
using Citrix.Management.Automation;

Then, use the static property CitrixRunspaceFactory.DefaultRunspace:

Runspace runspace = CitrixRunspaceFactory.DefaultRunspace;

Note that there is also a method called CitrixRunspaceFactory.CreateLocalRunspace() that creates another runspace with the Citrix snap-ins loaded. You can use this in the rare case that you need multiple local runspaces, for instance to handle multiple threads.

Now that you have a Runspace, you need a Pipeline. PowerShell makes this trivial, so we do not provide a wrapper for this. Simply call the method CreatePipeline() on the runspace instance. The return value is a Pipeline object:

Pipeline pipeline = runspace.CreatePipeline();

Into the pipeline you need to add one or more instances of System.Management.Automation.Runspaces.Command. To simplify the creation of Command objects, we provide an assembly that has classes capable of automatically generating them, pre-populated with XenApp 6 SDK PowerShell commands. This assembly is Citrix.XenApp.Sdk.dll and can be found in the same directory where Citrix.Management.Automation.dll is located. You will also find Citrix.Common.Sdk.dll which is the analogous assembly for the cmdlets in the Citrix.Common.Commands snap-in.

To use the Citrix.XenApp.Sdk.dll assembly, add a reference to it and a "using" statement for it:

using Citrix.XenApp.Sdk;

If you use the Visual Studio object browser to inspect the contents of Citrix.XenApp.Sdk.dll, you will find that it contains classes matching every XenApp 6 PowerShell SDK cmdlet, and every parameter set of those cmdlets. For example, there is a class matching the cmdlet Get-XAApplication with the parameter set "ByName"; this class is named GetXAApplicationByName. It has properties named BrowserName and Command (among others). You use this class by creating an instance of it, setting the properties as you would set the parameter values on the PowerShell command line, then getting the value of the Command property. This returns an instance of the PowerShell Command object, already set up to execute the cmdlet represented by the class' state. You can add one or more of those Command objects to the pipeline you created.

For example, to create a Command that gets all applications whose names match the pattern "A*", you can do:

var getAppByName = new GetXAApplicationByName { BrowserName = new[] {"A*"} };
Command command = getAppByName.Command;

The reason that the BrowserName property is an array is that the PowerShell command can accept multiple inputs, even on the command line.

Add the commands to the pipeline using the pipeline's Commands.Add method:

pipeline.Commands.Add(command);

Once the pipeline contains the command(s) that you want to execute, you invoke it. The pipeline has an Invoke method, which you can optionally pass objects into. This works as you would expect it to, if you are familiar with piping objects into commands via the PowerShell command-line. The Invoke method also returns a list of objects, which are the output of the commands in the pipeline:

var output = pipeline.Invoke();

The next step is to take those objects from the output and convert them back into concrete .NET types. The objects as returned are all of type System.Management.Automation.PSObject which can be used as a type of generic property bag; that is, you can get and set properties within it, referencing those properties by name. For example, you can get the value of an application's DisplayName property using (keeping in mind the output of pipeline.Invoke is a collection):

foreach (var app in output)
{
// 'app' is an instance of PSObject
Console.WriteLine("DisplayName: {0}", app.Properties["DisplayName"]);
}

(I apologize for the lack of indent; I can't get an indent to show here.)

However, we do not wish to reference properties by name. It is too easy to make a mistake and introduce a bug that is not found until you run the application. You really want to use a concrete, typesafe .NET type to store the output objects.

You will need a definition of the types that are output from the cmdlets. You can find these types defined in an assembly named Citrix.XenApp.Commands.Data.dll, and in the equivalent Citrix.Common.Commands.Data.dll for the Citrix.Common.Commands snap-in. Add a reference to that assembly, and a "using" statement for it:

using Citrix.XenApp.Commands;

There are a couple of options as to how to convert the PSObject values into concrete types. One option is to use the PSObject.BaseObject property, and cast it to an SDK type.

XAApplication xaApp = (XAApplication) app.BaseObject;
Console.WriteLine("DisplayName: {0}", xaApp.DisplayName);

This approach works, but only when the object is actually of the type that you are requesting. Rarely, what you will get from the pipeline is really a pseudo-type; one that has all of the same properties as the type you expect, but which is not actually an instance of the type you expect. This happens when some cmdlet in the pipeline must serialize the type. Typically this happens when using PowerShell remoting, or when using the Export-CliXml and Import-CliXml cmdlets.

To help you handle these pseudo-types, we have created a method that can convert them back into a XenApp SDK type. This method is implemented as an extension method on the PSObject type, named ConvertTo<T>():

XAApplication xaApp = app.ConvertTo<XAApplication>();
Console.WriteLine("DisplayName: {0}", xaApp.DisplayName);

This method is smart enough to do a direct cast if possible, otherwise, it will try very hard to convert the properties contained in the PSObject into the properties of an instance of the type you specify. I therefore recommend always using this method rather than just casting the BaseObject property.

You may wonder how you know what type the objects are that a cmdlet will output. This information is available in the cmdlet help; however, we have also built in some assistance here. If you used one of the "Command generator" classes in the Citrix.XenApp.Sdk.dll assembly, for instance the GetXAApplicationByName class, you will find it contains a method named ParseResult. This method takes in a list of PSObjects, and returns a list of the objects of the proper type which is expected to be output from that cmdlet. So you can rewrite the loop that handles the output as:

foreach (var app in getAppByName.ParseResult(output))
{
// 'app' is now an instance of XAApplication
Console.WriteLine("DisplayName: {0}", app.DisplayName);
}

At this point, everything is typesafe, and the invocation steps are quite straightforward. The entire sample looks like this:

Runspace runspace = CitrixRunspaceFactory.DefaultRunspace;
Pipeline pipeline = runspace.CreatePipeline();
var getAppByName = new GetXAApplicationByName { BrowserName = new[] {"A*"} };
Command command = getAppByName.Command;
pipeline.Commands.Add(command);
var output = pipeline.Invoke();
foreach (var app in getAppByName.ParseResult(output))
{
// 'app' is now an instance of XAApplication
Console.WriteLine("DisplayName: {0}", app.DisplayName);
}

Hopefully you will agree, this is getting pretty simple and straightforward. But we still didn't like that it takes several lines of code to execute a simple command. So, we added extension methods to the Runspace type which make this even easier. The methods are called ExecuteCommand and ExecutePipeline. These methods are not quite as powerful as doing all of the steps yourself; for instance, you cannot add arbitrary PowerShell commands, only those that are part of the XenApp 6 SDK. But they are extremely simple.

Runspace runspace = CitrixRunspaceFactory.DefaultRunspace;
var apps = runspace.ExecuteCommand(new GetXAApplicationByName { BrowserName = new[] {"A*"} });
foreach (var app in apps)
{
Console.WriteLine("DisplayName: {0}", app.DisplayName);
}

That's all there is to it! We have tried to make programming against the XenApp 6 SDK as easy as scripting against it, and I hope that it is straightforward enough to enable 3rd party developers to leverage our SDK to create some really amazing applications as they have done in the past with MFCOM!

View Online | Add Comment

Share 0savesSave The enterprise application store? Really?

Citrix calls Dazzle, it’s self-service “iTunes”-style appstore for your published applications, an “enterprise application store” .

Is that accurate though?

In reality, it’s PNAgent  (or the XenApp Online Plug-in for those new to all this) with some flash animation and freedom as to what you add to your start menu.

Lets look at what Dazzle currently does, or doesn’t do:

• There is no single-sign on. You are prompted to re-enter your desktop credentials when you launch it. A real pain.
• It only gives you what you already have access to via your AD group memberships.
• It only provides access to XenApp/XenDesktop hosted applications or desktops. It doesn’t integrate with other distribution mechanisms (e.g. SCCM) to allow on-demand deployments of other applications (not all apps can be streamed after all)
• If you want something new, you’ve still got to make a call to the help desk, who then initiate whatever approval workflow is in place (outside of Dazzle)

At Synergy earlier this year, Citrix announced that the next version of Dazzle with have more workflow capabilities.

Dazzle v.next – the story so far

What have Citrix told us so far?

• Some kind of integration with Workflow Studio (is this just going to be adding/removing users to AD groups?). Hmm..does anyone actually use Workflow Studio?
• Managerial approval for application access requests
• Mac support
• Application searching
• FAQ support (hooking into your help desk knowledge base of application problems so users can find the answer themselves before calling?)

What should Dazzle offer?

Here is my “Dazzling” shopping list:

• Allow an administrator to define a list of available applications
• Define how a user gains access to them (all the time, by instant approval, by managerial approval)
• Provide reports on who has access to what, and who uses what (some kind of Edgesight integration for reporting?)
• Provide approval mechanisms via email and web
• Single sign-on
• Integrate with SCCM for on-demand deployment of MSIs and access to locally-installed applications in the same manner

What would you like to see in the next release of Dazzle? Comment away…

It's been a while since my last blog.  In the last couple of months, we have been very busy preparing some fixes to the XenApp PowerShell SDK.  I'm happy to announce the immediate availability of Version 6.1.2 of the PowerShell SDK.  Since we never really explained the differences with previous versions, here's a recap:

• Version 6.0.0 is the version that shipped with XenApp 6.0.  Yes, that's correct: the SDK was there from launch day!  We did not have a unified help file, start menu shortcuts, and complete help for the Group Policy Provider available in this version.  But on a vanilla XenApp 6 deployment you can start Powershell, add the Citrix snap-ins, and start using the Powershell SDK without any further installation.
• Version 6.1.0 is the first version that was available for download.  This release was primarily intended to help out administrators by providing more thorough and simpler-to-use help.
• Version 6.1.1 was released shortly after 6.1.0, and it fixed a bug that affected programmers.  In 6.1.0 the Citrix.XenApp.Sdk assembly, which simplifies programmatic SDK usage, did not work as intended and did not match the documentation.  This release did not affect administrators that use the cmdlets for scripting only.
• Version 6.1.2, released today, fixes a bug that prevented the Edgesight agent from working when the 6.1.x versions of the SDK are installed.  It also helps programmers using the SDK, by enabling better cross-version portability of programs written and linked against the XenApp SDK.  Now, programs that leverage the XenApp PowerShell SDK are forward-compatible so that, for example, programs built against version 6.0.0, 6.1.0, or 6.1.1 will work when installed on a system with SDK version 6.1.2 installed.

If you have downloaded the XenApp SDK in the past, I encourage you to update to the latest version.  Those using the SDK as a programmer's API are especially impacted by these updates.

View Online | Add Comment

The new carbon look is something you like or you don't.

The problem is that many customers may need to have a white theme for marketing / logo integration purposes.

I've been used to release white themes for Web Interface but I've stopped mainly because Citrix was releasing their owns.

After waiting for a while, and as I needed White Themes for Web Interface 5.3 and Access Gateway Enterprise 5.2, I've decided to create them.

So if you want to replace the carbon look by a white one, you just have to ...

I'm often asked why I'm so passionate about Dazzle, so I thought I'd blog about the origins of Dazzle, and help explain why I think this approach gives a better user experience and reduced cost.

Like the vast majority of Citrites, I use our software pretty extensively - and like most with a technical bent, I tend to use the early pre-alpha buggy stuff with all the extra goodness. It was one particular incident with this that lead directly to the first brain storming around Dazzle.

At the time I was in the middle of an important set of off-site meetings and my laptop and the pre-alpha software I was using was working well. Now it is never good to tempt the gods of software, but that is exactly what my "nanny knows best" software chose to do - it reconfigured my world - and in the process broke it.

Now all software can have bugs (especially early stuff) but the frustration I had wasn't so much caused by the bug, but by a case of poor timing by 'the system'. We have all seen people trying to avoid this - turning off virus scanning, avoiding networks - even refusing to logoff or power down incase that lurking update happens just before you get on a plane/enter the board meeting or whatever.

This particular incident propelled me into writing up a set of rules as to how the client software should behave. Here it is:

• "Don't remove (or update) software without asking"
  Users need confidence that if software worked yesterday it should continue to work today.

• "Don't give me stuff I don't want"
  We all have to cope with the clutter of junkware we don't want - and one person's "really useful app" is another person's junk.

• "Citrix apps should behave like local apps"
  This was nearly true before Dazzle, but not quite - and every minor difference leads to helpdesk calls and user frustration.

These three things were the original motivation behind 'Anthem' - or Dazzle as it later became. The idea resonated with the 'simpler' and 'user empowerment' camps, and fitted in with ideas of reducing IT costs, both through less support (because the user is in control) and lower software cost - if users only get the software they want, IT gets higher visibility over what is needed, and can reduce the amount they over provision.

Of course this was just the start of Dazzle, and I'll be talking about what else it does (and why) at Synergy in Berlin in talk SYN317 - Dazzle and Receiver vs. ICA clients - what's the difference, why it matters and how to make the move. I'll be joined by Simon Frost, the architect for Receiver who will be explaining how Receiver can make life simpler for the user whilst giving IT sufficient control to ensure that each user has exactly the right client side infrastructure and configuration, across a diverse world of Windows, Mac and other devices.

Hope to see you there.

View Online | Add Comment

Share 0savesSave

After using WordPress for the SynergyBerlin.com site, I decided I like it so much I’d change my other sites over to it.

Also, as I’ve now almost completed my Citrix Integration Architect series of exams, a name change was in order.

The site layout and navigation is still very much work in progress, but I’ve migrated some recent content in from the old Drupal-based blog so it didn’t look bare!

Now I just to get back to writing some decent informative updates again!

Yesterday at VMworld I endured sitting through a mind numbing session hosted by VMware End User Computing (formerly desktop) CTO, Scott Davis. This was a session where Scott made bold erroneous claims and assertions which I tweeted about. Then I saw this tweet from @claytonprice

claytonprice: Where do I find the desktop panel discussion featuring Scott Davis and @harrylabana? I can't find it in the schedule! #vmworld

I responded "he's scared" in jest. However as I think about this, I wonder if this is true. Earlier this year Brian Madden asked me if I would be willing to have an open debate at BriForum about the desktop on a panel that would include Scott Davis and myself. I agreed to it, but Scott apparently declined and instead opted to present a riveting session on his future vision which was met with thunderous ZZZZZZZZZZZ.

In today's 90 minute VMworld keynote, a generous 10 minutes was granted to talk about the desktop. We learned VMware CTO Steven Herrod likes to play a lot of Minesweeper. He also asserted that Windows was not very relevant and that the desktop of the future is all SaaS based. Hmm feels a lot like the Citrix Dazzle strategy extended to SaaS, but with the delusion that Windows is not relevant. Nonetheless a good discussion to have.

So since this is VMworld, and the desktop is important to VMware, let's arrange to have a public discussion on the topic, no need for canned PR scripts. Let's talk about the desktop today and the desktop of tomorrow. Perhaps if they are willing we can have Brian Madden or Chris Wolf moderate at a neutral location? We're all here in San Francisco so we can even arrange some logistics now.

The question is, Scott are you up to discussing the desktop or do we continue to listen to fantasy's of desktops morphing into SaaS based applications everywhere and Windows going away?

View Online | Add Comment

Security has been blamed as the biggest barrier to cloud adoption. Organizational leaders are walking into IT departments with their brand new iPads and demanding access to the network from these convenient devices. And, the beast known as compliance continues to breathe down our necks.

Whether you're primarily concerned about the cloud, endpoint protection or data security, one thing is for sure - security is broken. Organizations routinely spend way too much on security measures that mostly serve to frustrate users, while contributing little to the overall security of truly sensitive data. And, legacy security practices such as end-to-end ownership, malware signatures and full physical isolation continue to be challenged by end-user demands, highly evolved attacks and new usage patterns.

All is not doom and gloom though - virtualization presents some innovative ways to respond to these business challenges and transcend security challenges that have plagued computing for decades.

In the CTO Crystal Ball session at Synergy Berlin, I'll be demonstrating the following security trends and more:

• Situational Security - protective measures that are fine-tuned to specific data needs and context
• BAOC (Bring Any Old Computer) - providing realtime device control to take endpoint security concerns out of the equation
• Flying through the Clouds - architecting true multitenant and mixed-mode data cloud security

Please join me along with Harry Labana, Martin Duursma, and Simon Crosby from the Citrix CTO office as we look into the future at Synergy Berlin!

More info on this demo-filled session and the CTO team's prognostication can be found at:
http://citrix.g2planet.com/synergyberlin2010/public_session_view.php?agenda_session_id=305

View Online | Add Comment

In my first post I introduced all the great new features and enhancements to the XenClient software that runs on the laptops and desktops. Now I wanted to turn the attention to the Synchronizer for XenClient. This is the centralized delivery system that can deploy, update, backup, and secure virtual machines running on XenClient.  We will also have a few more surprises before GA that I'll share in late September.
 

Dynamic Image Mode (Experimental)

This is one of the most exciting capabilities that we added in RC2 and it really spans both the backend and the client. This capability allows layering of VM images. By separating the image into different layers (Base OS, Apps, User profile) administrators can maintain a single copy of the base image in the datacenter. As the base image is updated the Synchronizer will automatically generate a delta to upgrade the image deployed on existing XenClient systems or send the latest version to new XenClients. This not only allows for upgrades to your deployed virtual desktop images but allows roll-to any version of an image. So you can rollback or roll forward to any version of the VM image with a few mouse clicks. So if you deploy an update and it has some unintended interaction, no problem just flip a switch and roll everyone back. The user profile data is stored in a separate layer that allows it to remain untouched as the rest of the system is updated or rolled back. Additionally by separating the user data into a separate layer backup sizes are dramatically reduced. This is being delivered as an experimental feature in this release as it's a new model for image deployment and we want to get feedback on how it works for you in your environment.

Simplified disk space expansion for image and backup storage

Administrators will now be able to easily increase the amount of storage available for storing VM images and user backups. Now you can simply shutdown the Synchronizer appliance, increase the data disk drive in XenCenter and boot up the appliance. The Synchronizer will automatically find and use the newly added space it's as simple as that.

 

Simplified and Expanded Synchronizer Setup

We have revamped the Synchronizer setup process to be cleaner and easier to use. This includes streamlined HTTPS support and support for static networking configurations.

In place upgrade for Synchronizer

Just as you can move XenClient from RC1 to RC2 we also added the ability to upgrade Synchronizer to RC2 while keeping existing settings, images, and backups intact.

Scalability enhancements

Our Synchronizer wizards have been doing a bunch of scalability testing and optimization to increase the data transfer throughput and increase the number of XenClients per Synchronizer server. We will share some more detailed results including rules of thumb by the time we GA. We have also optimized the storage of compressed VM image and user backup data to reduce the amount of storage space required on the backend.

Usability Enhancements

We spent a lot of time on incorporating usability feedback into this release. We have a crack team of UX experts at Citrix that watched ITPros first use of the system and we learned some great information about how to make the product even simpler to use. While we made a host of enhancements and these are some of the ones that stand out:

Revamped web console

We have done a big revamp of the web admin interface touching almost every square inch of the UI. We got a chance to incorporate a lot of valuable feedback from the UX testing and feedback from users in our beta programs. And we are not done yet, look for additional enhancements in the GA release as well. Some highlights are below:

New user and group details pages with ability to easily view and modify user and group assignments

New multi-step assignment wizard

Version and author information display enhancements

Device filtering support

So you can see our engineering team has been hard at work adding some great new capabilities to both XenClient and the Synchronizer for XenClient. If you are using RC1 today upgrade and check out the new features if you have not tried it yet now is the time.

You can download XenClient and the Synchronizer for XenClient RC2 here.

View Online | Add Comment

I'm excited to let everyone know that we just posted the second release candidate of XenClient and the Synchronizer for XenClient to the web. This will be our last stop before GA and I wanted to tell you about some of the great new features and enhancements in this release in XenClient, tomorrow I'll share more details about enhancements to the Synchronizer for XenClient. We will also have a few more surprises before GA that I'll share in late September.

Windows 7 x64

This was one of the top requests as we are seeing about a 50/50 split with customer deployments of Windows 7 between 32bit and 64bit. The Xen virtualization technology we use in XenClient is 64bit so adding this support was really a matter of porting the graphics, USB, and other supporting drivers over to 64bit. The storage and networking drivers were already 64bit ready courtesy of the XenServer group.

Improved USB

Another top request was improvements to USB device support. So we spent a lot of time making major improvements to the USB support in XenClient. This includes support for integrated USB devices such as webcams and fingerprint readers. Also we built a new user interface for routing USB devices between VMs and setting up persistent connections between VMs and USB devices. At this point most USB devices should work with the platform. If not let us know. I've listed some of the top requests below.

Added support for the following devices:

Apple iPod, iPhone, iPad

Microsoft Windows Phones

Android Phones

Headsets

Fingerprint Readers

Webcams

Smart Card Readers

3G data modems

And many more...

 

Bluetooth

With our new improved USB support comes support for a variety of Bluetooth devices. On most systems in our HCL the Bluetooth system is actually a USB device that can be assigned to a virtual machine. This allows that virtual machine to talk to your Bluetooth devices.

Usability Enhancements

We spent a lot of time on incorporating usability feedback into this release. We have a crack team of UX experts at Citrix that watched ITPros first use of the system and we learned some great information about how to make the product even simpler to use. While we made a host of enhancements and these are some of the ones that stand out.

Simplified VM upload and download process

We removed combined steps and even removed a number of steps to make the process of uploading a VM image to a Synchronizer super simple. We also removed the duplicate publish VMs that were cluttering the UI.

Improved display of upload/download progress

Along with enhancements to the actual upload and download process we enhanced the display of upload and download progress information and now include this information on the main Receiver for XenClient UI.

Enhanced client authentication experience

Here again we combined steps and cleanup up the UI to make the authentication experience on XenClient simpler to use and understand.

In VM alerting system

We have a brand new in VM alerting system that will make sure users are aware of critical issues affecting the system such as low disk space, policy actions, or impending lease time expiries. Previously this type of information was only available in the Receiver for XenClient UI.

Mouse pointer trails support

We have starting extended XenClient to be more accessible to all users and the first area of focus was on the mouse and trackpad. In this release we added pointer trails support 

Automatic slipstream of Intel Graphics drivers

XenClient has some amazing 3D graphics support that lets a virtual machine have direct access to the Intel graphics system for a native graphics experience. Now in this release we automatically slipstream the Intel graphics drivers into most versions of Windows. So you can flip on the 3D graphics feature and be ready to go without having to download any drivers.

Intel AMT KVM Remote Control

The latest version of Intel vPro technology includes a great new feature called AMT KVM Remote Control. This allows you to remotely view and control a laptop using a VNC viewer. This works on systems shipped this year with Intel vPro on Core i5 and i7 systems.  We did some nice integration work that allows you to remote control not only the XenClient UI but also switch between all of your VMs. It's useful for remote troubleshooting and training with users. I also find it helpful for doing demos of XenClient over Go2Meeting. You need a second PC running Go2Meeting and then you can connect via a VNC viewer to the XenClient system. This lets everyone on the Go2Meeting see everything on the XenClient system.

 

Intel Extended Page Tables support

In this release we added support for hardware acceleration of virtual memory operations for increased memory performance. In the past the Xen hypervisor we use in XenClient did an admirable job of page table virtualization but nothing beats hardware assist and this will give us an extra boost in overall performance for memory operations.

 

In place upgrade for XenClient

We have had a tremendous response to the first release candidate and every time I go to a field event I get people showing me their laptops running XenClient. We have a legion of fans running XenClient as their daily software and so we wanted to make sure they had a path to move to the latest version of the software. So you can boot your existing system with an RC2 CD and the installer will find your existing setup and upgrade it. Once the software is upgraded be sure to update the XenClient tools software in each of your virtual machines. And as usual be sure to backup your system before doing the upgrade.

Local authentication enhancements

We made some nice changes to the authentication experience on XenClient simplifying the way you enter credentials as part of the usability upgrade mentioned above. We also added support for manual and automatic locking of the system. This means if you walk away from your XenClient system we can lock it automatically to protect your VMs and configuration.

Secure Application Sharing

We made a large number of enhancements to the secure application sharing feature to make it easier to use and provide helpful guidance if a publishing VM is not active.  Below are a list of some of the enhancements that have been made:

Automatic resolution changes when attaching a projector or external monitor

Notifications if the publishing VM is alseep or powered off

Ability to adjust thickness and color of secure shared application windows

Blacklisting of non-essential Windows utilities and built-in apps

Expanded hardware compatibility

This was also a big area of feedback from RC1 and over the next few releases you will see a big increase in the number of systems and peripherals we support. You will even see some new additions by the time we get to XenClient 1.0 GA.

Added support for the following laptops:

HP EliteBook 2540p

Dell Latitude E4310

Dell Latitude E4200

Added support for the following desktop:

HP Compaq 8000 Elite

Added support for the following wireless adapters:

Support for Dell Wireless™ 1501 adapters

Support for Dell Wireless™ 1520 adapters

Support for Intel 5150 Wireless adapters (WiFi Only)

Support for Intel 6250 Wireless adapters (WiFi Only)

Support for Broadcom 4312G Wireless adapters

Support for Broadcom 4322AGN Wireless adapters

So that's some of the great new features and enhancements we have made to XenClient, see my second post to find out about some of the great new features in the Synchronizer including our new Dynamic image mode.

You can download XenClient and the Synchronizer for XenClient RC2 here.

View Online | Add Comment

Companies migrating their users to Windows 7 desktops are facing the challenge of supporting legacy IE 6 enterprise web apps on Windows 7 OS. Since IE 6 is not supported on Windows 7, customers need to find a way to deliver IE 6 to these users. The supported and cost effective way of doing this is using XenApp. Several XenApp customers are doing this today by hosting the IE 6 browser on XenApp and seamlessly delivering it to both virtual and physical desktops. And the reasons for doing that are

• IE 6 delivered via XenApp on RDS is supported by Microsoft. In this option, you are hosting the IE6 browser on an RDS server and delivering it using XenApp

• This is the most scalable and cost effective way to deliver IE 6 to all your enterprise Windows 7 desktop users
• Since most companies average around 3-5 IE 6 enterprise web apps they need to deploy, they probably get high concurrency among their users and can use 1 XenApp CCU license for every 5 to 10 users

For those who are new to XenApp, I have recorded a short video to demonstrate how simple it is easy for administrators to deliver IE 6 using XenApp 5 on Windows Server 2003 and how seamless it is for end users to access IE 6 enterprise web apps in conjunction with other Windows 7 desktop apps

View Online | Add Comment

Thank you to all those that attended the Essentials for using Windows PowerShell with XenApp and XenDesktop  Tech Talk on August 24th, 2010 - we had a fantastic turnout! For those of you that missed it, both the recording and presentation have been posted.

• Tech Talk Full Recorded Presentation
• Tech Talk Presentation Slides

This FAQ focuses answering questions on the XenApp Section of the presentation, and has answers about functional questions as well as useful scripts. For the XenDesktop side, please see the XenDesktop PowerShell SDK FAQ. If you have any XenApp questions that weren't answered, please post them here!

Here is the full list of questions answered in this FAQ:

• Can you use the PowerShell SDK for XenApp 5 (2003 or 2008)?
• How do you set up Remote Administration for a XenApp server?
• Can PowerShell manage other products, such as Provisioning Services, XenServer, ESX, SQL?
• Do the SDKs get installed separately from the main product?
• Is there a book available for training on Citrix Powershell SDKs?
• Is there an MFCOM to PowerShell converter?
• How would I remove multiple XenApp servers from a specific published app?
• How would I disable a specific app in a XenApp farm?
• Is it possible to set Custom administrator above particular application folders?
• How would you enable multiple applications to a single server?
• How do I disable logons to a specific server?
• Is there a way to query which is the highest currently utilized application and how much CPU per user it's taking up?
• Is there a way to check for disconnected or down sessions?
• Can you monitor/interact with XenApp sessions?
• Can you export all farm settings for backup?
• Is the information on the SDK from the LHC (Local Host Cache) or the Data Store?
• Are scripts to PowerShell encrypted when sent?
• Are there plans for making SOAP/REST API available, or iPhone/Android?

XenApp FAQ

Q: Can you use the PowerShell SDK for XenApp 5 (2003 or 2008)?

A: Yes, you can (with caveats!). By installing the XenApp Commands Tech Preview v2 (login required), you'll have access to almost identical commands as available in XenApp 6. That being said, not all commandlets will work exactly the same, though they will be close. All scripts so far written on this blog work the same on XenApp 5 for 2003 as they do on XenApp 6 for 2008 R2.

That being said, the XenApp 5 commandlets are supposed to be more of a stepping stone for XenApp 6. Support is provided for XenApp 5 scripts via the Developer Forums. So go at it and have fun!

Q: How do you set up Remote Administration for a XenApp server?

A: Remote administration is possible and can be set up in several ways, depending on whether Citrix administrators are also local administrators or not. There are also considerations around limitations. Please see an upcoming blog post for additional information about Remoting, or see the SDK help file under "Remoting," available after the XenApp 6 SDK is installed.

Q: Can PowerShell manage other products, such as Provisioning Services, XenServer, ESX, SQL?

A: Yes, as long as these products have PowerShell interfaces, you can manage them via PowerShell.

Q: Can the PowerShell SDKs be used to check Citrix Policies?

A: Yes, the PowerShell SDK can be used to check and configure Citrix policies. A future blog will look at how to do it.

Q: Do the SDKs get installed separately from the main product?

A: Yes, the commandlets need to be installed separately. You can download the SDKs fromdownload.citrix.com.  Go to the XenApp product category, and scroll down until you see "XenApp SDKs" - the XenApp 5 & 6 PowerShell SDKs will be at the bottom of that list.

Q: Is there a book available for training on Citrix Powershell SDKs?

A: There aren't any books out (yet), though there is a lot of information out there. There are a lot of resources out there already for XenApp:

• Jason Congers blog

• The XenApp code share

• The XenApp SDK forums

• My Blog
  
  

Q: Is there an MFCOM to PowerShell converter?

A: As the underlying code base is completely different, there is no direct converter. However, there is a tool that can assist with mapping MFCOM to PowerShell functions (CTX12508)

Q: How would I remove multiple XenApp servers from a specific published app?

A: There are a few ways to do this:
#This will remove specific servers from the application Remove-XAApplicationServer -BrowserName Calculator -ServerNames "CCSXA601", "CCSXA602" #This will remove all servers from the application Remove-XAApplicationServer -BrowserName Calculator -ServerNames * #This will set only the servers listed as providing the applications? Set-XAApplication -BrowserName Calculator -ServerNames "CCSXA601", "CCSXA602"
Q: How would I disable a specific app in a XenApp farm?

A: The following code will answer that question - please note that you also want to hide the application when you disable it, so that users don't continue to see the icon.
Set-XAApplication -BrowserName Calculator -Enabled $false -HideWhenDisabled $true
Q: Is it possible to set Custom administrator above particular application folders?

A: Yes, with the following code. Note that it is recommended to add the domain in the @DOMAIN format to the username, the same as in the XenApp console.

Add-XAAdministratorPrivilege -AdministratorName "edy@CITRITE" -FolderPath "Applications/New Admin Folder/AnotherTest" -FolderPrivileges LogOffSessions, ViewSessions, ResetSessions, SendMessages

The code above assumes that the administrator already exists in the database, and you're just adding permissions. We can make the code more intelligent to see if the administrator exists and create him if he doesn't exist:

if((Get-XAAdministrator -AdministratorName "edyf@CITRITE") -eq $null) {     New-XAAdministrator \-AdministratorName "edy@CITRITE" \-AdministratorType Custom } Add-XAAdministratorPrivilege -AdministratorName "edy@CITRITE" -FolderPath "Applications/New Admin Folder/AnotherTest" -FolderPrivileges LogOffSessions, ViewSessions, ResetSessions, SendMessages

Q: How would you enable multiple applications to a single server?

A: If you're adding new applications that does exist in the farm:

New-XAApplication -BrowserName "Temporary Application 2" -DisplayName "Temporary Application 2" -Accounts "Domain Users@CITRITE" -CommandLineExecutable "C:\Windows\system32\gpedit.msc" -ApplicationType "ServerInstalled" -ServerNames "CCSXA601"

If you're adding existing applications to a server:
Add-XAApplicationServer -BrowserName "Temporary Application" -ServerNames "CCSXA602"
Q: How do I disable logons to a specific server?

A: See the following code:

Disable-XAServerLogOn -ServerName "CCSXA601"

And to renable:
Enable-XAServerLogOn -ServerName "CCSXA601"
Q: Is there a way to query which is the highest currently utilized application and how much CPU per user it's taking up?

A: Sure, there are lots of ways to do it - for the example below, we're going to assume our goal is to find out which application is using the most total CPU (sum of the user CPUs), and then output a list of the users with their CPU usage on one server.
$apps=Get-XASessionProcess CCSXA601 $cpus = @{} foreach($app in $apps){ if($app.AccountDisplayName -ne $null -and $app.AccountDisplayName -ne ""){ Write-Host $app.AccountDisplayName $app.ProcessName $app.PercentCpuLoad $app.CurrentWorkingSetSize if($cpus.get_Item($app.ProcessName)-eq $null){ $cpus.Add($app.ProcessName, $app.PercentCpuLoad) echo "Adding $app to our hash table." } else { echo "$app already exists. Adding CPU percentages." $cpus.set_Item($app.ProcessName, $cpus.get_Item($app.ProcessName)+$app.PercentCpuLoad); } } } $cpus_rank=$cpus.GetEnumerator() | Sort-Object Value -Descending #This creates an ordered list $cpu_high=$cpus_rank[0] #this creates an object with the highest cpu value echo "**********" echo "The most active process is: " $cpu_high.get_Key() echo "**********" echo "Used by: " foreach($app in $apps){ if($app.AccountDisplayName -ne $null -and $app.AccountDisplayName -ne "" -and $app.ProcessName -eq $cpu_high.get_Key()){ Write-Host $app.AccountDisplayName $app.ProcessName $app.PercentCpuLoad $app.CurrentWorkingSetSize } }
Q: Is there a way to check for disconnected or down sessions?

A: Absolutely - see the following code. It can be modified to wait and check in 10 seconds to see if a session has been cleared, and if not, clear it.
$sessions = Get-XASession foreach($session in $sessions){     if($session.Protocol -eq "Ica" -and $session.State -ne "Listening" -and $session.State -ne "Active")     {         Write-Host $session.SessionName $session.ServerName $session.AccountName $session.BrowserName $session.State $session.Protocol     } }
Q: Can you monitor/interact with XenApp sessions?

A: Yes - several scripts here and in my blog have shown how you can monitor. Interaction is possible, though it depends largely on non-Citrix PowerShell commands, and may require some customization depending on what's needed.

Q: Can you export all farm settings for backup?

A: Yes.

Q: Is the information on the SDK from the LHC (Local Host Cache) or the Data Store?

A: Both MFCOM and PowerShell interact only with the Data Store. If you're constantly checking the local MMC console to confirm changes have been made, you may see inconsistencies as a result, because that information may be coming from the LHC.

Q: Are scripts to PowerShell encrypted when sent?

A: If we're referring to the remote module, then you'll be happy to know that encryption is an option. The PowerShell channel is an implement of the WS-Man (uses WinRM), in which you can specify different authentication options. See the help for Invoke-Command for more details.

Q: Are there plans for making SOAP/REST API available, or iPhone/Android?

A: Additional API plans are in the works.

View Online | Add Comment