Think IPM

Wednesday, November 19, 2008

Citrix Print Detective

Printers seem to be the biggest problem with Citrix XenApp servers.  Here is a quick shot from Moshe Silber on Citrix’s Print Detective utility to help troubleshoot those issues.

Print Detective is an information-gathering utility that can be used for troubleshooting problems related to print drivers. It enumerates all drivers from the specified 32-bit Windows computer, including driver-specific information. It can also be used to delete specified print drivers. It also offers logging capabilities and provides a Command Line Interface (CLI).

http://support.citrix.com/article/CTX116474

image

Click Here to Continue Reading >>

Monday, November 17, 2008

Citrix Edgesight 5.0 thoughts and impressions

Just received this great write up from David Paoleschi on his impressions of the new version of Citrix EdgeSight 5.0.

------------------------------------------------------------------------------------------------------------------------

The biggest item is the security model implemented in ES 5.0 vs. prior versions. In previous versions of ES, pass-through credentials were used when connecting to Citrix servers to retrieve real-time data. In other words whatever credentials you used to log into the ES console were passed to the server when you requested a connection to the local DB to retrieve real-time data. As long as you were a member of an AD group that had local admin rights, you could connect to the server and run real-time reports.

In the new version of ES (5.0), the model has been changed to a NTLM challenge (CTX118478). Much like creating drive mappings to file shares on different hosts, you are now prompted to provide credentials to make a connection to each and every XenApp box. So, if you create a real-time dashboard with 60 XenApp servers, you will be prompted 60 times for credentials. Due to the nature of NTLM, and the hash created when you make a connection, you cannot (as far as I can tell) “cache” the credentials and use them for all the resources you need to access during a single ES session. Much like file shares, you can check “save my password” so you aren’t prompted repeatedly to re-authenticate to the same resource; however, I have found that even with checking that box, as you navigate around in ES real-time reports and tabs, you will be prompted repeatedly to connect to the same network resource. Citrix’s response was that this is not a bug, but the nature of NTLM and represents the security model of the product going forward. They suggested I try running the ES console from a XPSP3 or a box with a server OS to see if the NTLM prompts and “save” feature worked better.

Bottom line is that the new security model makes the product unusable (in my opinion) and forces you to set REMOTE_SECURITY=0 to essentially disabled ES security altogether.

Other issues encountered:

If you create multiple companies (not a best practice) and then try to delete one of the companies without removing all the login credentials associated with the company, you will orphan records in the SQL DB and have to manually clean them out (not documented by Citrix) before you can delete the company. Submitted to Citrix and got confirmation that this is a bug in the program.

When adding AD groups to ES to grant individuals the right to login to ES, the order in which you add the AD groups determines what rights they will have in ES. For example, if you are a member of two AD groups, ESAdmins and ESReporters, if you add ESReporters (ES report viewer only) and then add ESAdmins (full rights) you will get report viewer rights only. If you reverse the order of the AD groups, you will get full admin rights. Basically, ES is not “smart” enough to determine that you are in two AD groups and give you the least permissive of the two. Submitted to Citrix and got confirmation that this is a bug in the program.

Sporadic timeouts of the agents when invoking remote access (real-time, etc.) functions.  This includes dashboard, real-time reports, or queries to the local database behind the agents for viewing recent alarms, performance stats, sessions and application information, etc.  What seems apparent at this time is that:

First, the problem may be latency-dependent -- that is, the agent database connection is more prone to timeouts when accessing EdgeSight from a workstation across the WAN vs. from a management consoles or the ES host itself in the data center (that is, when the client browser accessing EdgeSight is running on the same local subnet as the Citrix server agent being hit).

Second, the access problems can be significantly reduced, but not eliminated, by upgrading to the latest version of the Flash control (10.x now I believe) on the client browsers.  The impact of this was most noticeable for the good in browsers launched in the data center, possibly because of the latency reduction I just discussed.

You can restore agent connectivity by disabling and re-enabling the unresponsive agent using the service control button on the agent's control panel applet.

------------------------------------------------------------------------------------------------------------------------

Thanks for the great write up Dave!

Click Here to Continue Reading >>

Vizioncore’s vFogLight Quick Installation

Ran through a quick installation of Vizioncore’s vFogLight monitoring software for VMware.  For this example, I installed it on a physical VirtualCenter server.

clip_image002

Run vFogLight 3.0.2.

Click Next to continue

clip_image004

Agree to the license Agreement

Click next to continue

clip_image006

Custom installation

Click next to continue

clip_image008

Default installation Folders are fine.

Click next to continue

clip_image010

Review the summary of your installation

Click install to continue

clip_image012

The default user name and password are foglight.

This can be changed to meet your company’s security requirements.

Choose embedded for the included mySQL database. Otherwise an ODBC DB is required.

Click Next to continue

clip_image014

This screen displays a list of default ports.

They can be changed to meet the company requirements.

Click Next to continue

clip_image016

Point the installation program to your license file.

Click Next to continue

clip_image018

Click done to complete the installation

clip_image020

Enter in VMware Administrator Credentials for the vFogLight Agent.

Click Save

clip_image022

Point your web browser to <server>:8080

image

The application is VERY BIG.  From the Website, you can pretty much monitor EVERYTHING.

Click Here to Continue Reading >>

Friday, November 14, 2008

Great Distributed Power Management Video

As blogged by Jason Boche, there has been confirmation that DPM will be fully supported in the next release of VMware VirtualCenter.  I am hoping to see rule bases similar to the DRS rules we have now.  Distributed Power Management with a nice rule set to configure it (rather than just turn it on) will be pretty useful in most environments.  The embedded video really shows the power (no pun intended) of a DPM environment.

Click Here to Continue Reading >>

Thursday, November 13, 2008

Nice to HaveWare : RVTools 2.1

image Just saw a post from Duncan about a new cool tool upgrade!  RVTools from Rob de Veij just got a little better.  This handy little utility gives you a nice clutter free way to view basic information about your Virtual Machines.  The most important for me is the SnapShot tab.  Point RVTools at your VirtualCenter and quickly see a nice little list of all VMs with snapshots.  Basic information such as date, description and power state are also included.  It would be nice to see the actual SIZE of the snapshots in future releases.

Thanks for a Great Utility Rob!

Click Here to Continue Reading >>

Tuesday, November 11, 2008

Who took my Terminal Services? Don't worry it's been renamed Remote Desktop Services

imageRemote Desktop Services (RDS) is the new name for Terminal Services, and reflects the expanded role in Windows Server 2008 R2 so that you can run the desktop or applications in the datacenter while your users can be anywhere. RDS enables a full-fidelity desktop or application experience and efficiently connects remote workers from managed or unmanaged devices.  RDS helps keep critical intellectual property secure and simplify regulatory compliance by moving applications and data from the user’s access device to the data center.

[…]

Finally, Windows Server 2008 R2 also introduces a series of platform enhancements for remote desktop users – such as support for multiple physical monitors, redirection of multimedia and 3D content, including Vista Aero, and enhanced, bi-directional audio support.

Read the whole announcement here.

Click Here to Continue Reading >>

Saturday, November 8, 2008

Easy Ways to create ISOs for use in VMware

I use ISOs all day long and am still surprised when I run into clients that aren’t as familiar.  With VMware, it is so easy and efficient to mount an ISO into a Virtual Machine.  When dealing with ESX and multiple Virtual machines, it becomes necessary to have ISO images of CDs accessible. This allows an administrator to assign the CD image to the Guest Virtual Machine rather than having to place an actual CD in the HOST’s drive.

There are various ways to create ISO images and link them to Virtual Machines.

Administrators can use Windows programs such as WINISO to create ISO files on their Windows workstations and then copy them to Administrative Network Shares.

From the ESX server console, you can insert the CDROM into the HOSTS CD drive and use the following command to create the ISO directly on the server.

cat /dev/cdrom > /tmp/NameofFile.iso

OR

dd if=/dev/cdrom of=/tmp/NameofFile.iso

DD is a Linux copy command. if [input file] represents the device and of [Output file] represents the Output file.

Here are some links to Windows programs that can get you started with your ISO creation process.

WinISO - http://www.winiso.com/

Free ISO Creator - http://www.minidvdsoft.com/isocreator/index.html

You can also use my batch file method to create ISOs.

I also make it a practice to configure all Virtual Machines with CDrom and Floppies as Client Devices for ease of use and maximum machine portability.

image

What tools do you use to create ISOs and Floppy Images for VMware?

Click Here to Continue Reading >>

Friday, November 7, 2008

Wanted: A few good Blogs!

If you are looking to expand your Virtualization Knowledge with expert opinions and insight – Check out Eric Siebert’s top 10 Blog list!

I am an avid read of almost all of them – Once your done with them – check out VMware-Land’s Launch Pad for one of the most complete collections (1,059 Links!) of Virtualization resources out there in the big shiny InterWeb.image

Click Here to Continue Reading >>

Tuesday, November 4, 2008

New Hypervisor Feature Comparison Chart by Citrix

image 

Not sure what to make of it (Except that an ESX4 vs.. XenServer 5 chart will look DRAMATICALLY different).  I do also disagree with the ‘Shared image streaming to VM’s’ comparison.  Citrix’s Provision Server (great product) can stream to both XenServer, Hyper-V and VMware Virtual Machines.

In the spirit of democracy, how do you interpret this chart?
Let me know in the comments..

Click Here to Continue Reading >>

Post P2V Batch file information to Automate Cleanups 2

image_thumb6Found another great little VBS script @ VMTN

  1. This little script by John Cerroni uses VBS and Application Names to find the uninstall string in the registry and uninstall the application.  This is EXTREMEMLY helpful for applications that have multiple versions with different GUIDs.  This is a great addition to my already productive Post P2V batch file.  I encourage everyone to make cobble their own together.

Thanks to Chris Hahn for sending this to me.

Click Here to Continue Reading >>

Monday, November 3, 2008

Suppressing the Citrix XenApp Tray Icon

Great tip from Sam Jacobs on hiding the XenApp tray icon. No Citrix!

By default, when seamless applications are launched, an icon is place in the system tray which can be opened to show sessions and servers.  [More things to confuse the Users! :)]

To suppress the icon from appearing, the following RegKey can be placed into each XenApp server’s registry:

 

HKEY_LOCAL_MACHINE/System/CurrentControlSet/Control/Citrix/wfshell/TWI
Value Name: SeamlessFlags
Value Type: REG_DWORD
Value: 0x20

Click Here to Continue Reading >>

HOWTO: Create a LUN on NetApp Filer for VMware

To leverage enterprise features of VMware such as DRS, vMotion and HA, shared storage must be allocated to all ESX server on the network. The process of creating and allocating a LUN on NETAPP is documented below.

Create Flexible Volume :

clip_image002

Match up name with VMware : I normally try to name the volume the same as my proposed VMFS name.  In almost all situations, the VMFS will be the only thing on the particular volume.

clip_image004

clip_image006

clip_image008

For VMFS Volumes, I don’t normally recommend array based snapshots.   It doesn’t seem practical to think that you would roll back an entire volume consisting of multiple Virtual Machines.

 Configure QTree :

clip_image010

Add New LUN :

clip_image012

Create Initiator Group : Initiator group will be used to permission hosts to LUNs on the Filer.

 clip_image014

Map LUN to Initiator Group :

clip_image016

Select VMware initiator Group :

clip_image018

 clip_image020

Be sure to create unique LUN numbers when assigning multiple LUNs to the VMware hosts.

Once you have created the LUNs and set permissions to the ESX hosts, go back and RESCAN the HBAs.  You should see your new LUN ready to be formatted.

Click Here to Continue Reading >>