Think IPM

Tuesday, June 30, 2009

Configuring Citrix NetScaler to Load Balance VMware View Connection Brokers

Currently with VMware View 3.1, multiple Connection Brokers are required to provide a robust redundant environment.  Enter Citrix’s NetScalers. Among their numerous features, they provide excellent Global Service Load Balancing and monitoring.  Jeff Miller provided these screenshots giving a great overview of the process where we created a Virtual Server and monitor for our 2 VMware View Connection Brokers.

Step 1 – Create the Server objects : This allows for nice friendly names in NetScaler.

image

Step 2 – Configure your Load Balanced Virtual Server

image

Step 3 – Leverage Least Connection to distribute load and Persistence SOURCEIP to ensure continued connectivity.

image

Step 4 – Configure the Monitor to verify that the Members of the Virtual Server are running for both HTTP and HTTPS Services.

image

Step 5 – Be sure to Check the Secure checkbox for the HTTPS service.

image


image

In the end, the Citrix NetScaler provided a great solution for fault tolerance and load balancing of the VMware View Connection Brokers.

Click Here to Continue Reading >>

Monday, June 29, 2009

XenDesktop VDI Extreme

image

Quick shot showcasing a client of ours running a 6 monitor VDI session. 

 

Fat Client running a remote XenDesktop with HDX on a VMware 3.5 Virtual Infrastructure.

 

High Geek Factor!

 

Photography credit : Aaron Silber on his BlackBerry Bold. :)

Click Here to Continue Reading >>

Thursday, June 25, 2009

Seemingly Exponential Citrix EdgeSight Database Growth

Explosive Growth

If your EdgeSight database is growing out of control, you might want to double-check your GPOs.  Chris Hahn recently encountered an EdgeSight database growing abnormally  quickly. (About 44GBs in about a week).  After a bit of research on Citrix’s support site, working with the client, they came across the following article and it stated :

"In cases where the EdgeSight SQL database grows at a seemingly exponential rate, the alert table in file group 5 should be examined first. This table holds Windows Event Viewer messages from the device and can grow quickly if, for example, security warnings are consistently occurring in the Event Log."

After looking through the GPOs, they discovered that the audit object access policy was set in addition to the default Logon and Logoff auditing policies.  After disabling this policy, the database ceased it’s ridiculous growth pattern.

Click Here to Continue Reading >>

Wednesday, June 24, 2009

Enabling Citrix Provisioning Server Verbose Boot Mode

So you have enabled every log level to trace within Provisioning Services and yet still want MORE! :) Try enabling the Streaming Services Verbose mode!  This valuable diagnostic tool will give you valuable information during the boot process of your clients as they try to connect to the Provisioning Servers.  To enable Verbose mode on the Streaming Service, run Provisioning Services Configuration Wizard and when you reach the Stream Servers Boot List, Click Advanced.  From this Advanced properties screen, you can now enable Verbose Mode.  Be careful in production environments though since clicking through this wizard will restart the provisioning services to enable the new configuration.

imageimage

Once enabled, while clients are PXE booting, you will see the above diagnostic information.  Great for troubleshooting and verifying that your DHCP/PXE environment is working correctly with Citrix Provisioning Server.

Click Here to Continue Reading >>

Tuesday, June 23, 2009

Citrix Provisioning Services 5.1 Released.

Citrix has released a new update to Provisioning Server (now known as Provisioning Services).  The release notes can be found here : http://support.citrix.com/article/CTX121336

Lots of new enhancements and fixes in this release make it worth upgrading to.  Two in particular that Chris Hahn made me aware of were Offline Database support and a new fix in BindCFG.exe.

With Offline Database Support, Citrix has introduced a local database cache for provisioning services, which they call “offline database support”.  Unlike the IMA local host cache though, there is no local file cache, the database is just cached in memory according to this thread –

http://forums.citrix.com/thread.jspa?threadID=248041&tstart=0

This is obviously useful when the Provisioning Database is located on a separate database server outside of the Provisioning Server and connectivity becomes an issue.  Although administrative features will be temporarily disabled when Offline DB Support is engaged, client connections will not be interrupted when rebooting the Database Server for example.

A less flashy yet very useful enhancement is BINDCFG.EXE’s new ability to bind to Non-Present NICs.  This means you can install the Target device software last, after setting up / testing the image on multiple hardware types.  You also no longer need to revisit each hardware type when updating the target device software.

Below is an example screenshot.

clip_image002

Prior to this update, running BindCFG would remove bindings to all but the PRESENT hardware making multi-hardware images more difficult to update and maintain.

Click Here to Continue Reading >>

Saturday, June 20, 2009

Off Topic : RSA token for the iPhone or iTouch

For those of you with an iPod Touch, or an iPhone, you can (finally!) make use of the RSA soft token functionality on your devices. 

If any of you wishes to start using this application, you can download it from the App Store using this link:

In order to have a token provisioned for the iPhone, the procedure is very different from the one used to provision tokens for BlackBerry devices.  

Token interface looks like:

clip_image0014      clip_image0024

Click Here to Continue Reading >>

Off Topic : Provisioning a Multi Purpose RSA Soft Token for the Blackberry and iPhone.

Written by Marcos Velez:

RSA SecurID is a great two-factor authentication solution currently in use by many companies. In fact, most of the companies I work with nowadays have RSA deployed within their infrastructure as an added security feature for their remote access solutions. One particular useful feature of RSA SecurID is their software-based tokens, which allow end-users to make use of the RSA solution without having to carry around a physical token. Traditionally, soft tokens are deployed to BlackBerry devices, but they can also be used in other ways. RSA SecurID soft tokens can be used on Windows devices by installing the RSA SecurID Software Token for Windows Application, or by making use of the RSA Toolbar for Internet Explorer. Recently, RSA has also made it possible to use their soft tokens on iPhone and iPod Touch devices.

This document will help an RSA administrator to deploy soft tokens that can be used in any of the following platforms and/or devices:

  1. BlackBerry
  2. iPhone / iPod Touch (OS 2.2, or later)
  3. RSA Software Token for Windows Application
  4. RSA Toolbar for Internet Explorer (IE6 and IE7)

In order to succeed at using a single soft token across all four platforms listed above, you will need to generate soft tokens in a very specific manner. To issue a soft token, you will need admin-level access to an RSA server. You will also need to download the RSA Software Token Converter tool in order to use the provisioned token on an iPhone.

Keep in mind that this article is in no way a tutorial on how to use any of the RSA applications mentioned, nor will it help you in setting up and deploying an RSA environment or how to carry out the everyday administration of such an environment. This guide is meant to be used by RSA administrators who are already familiar with their environment and only wish to learn how to provision a token in a simple and efficient manner.

For download links to all of the programs and applications mentioned in this article, refer to the last section.

Without further delay, here are the steps to provisioning a multi-purpose RSA soft token.

  1. Log into the RSA Server.
  2. Launch RSA Authentication Manager.
    clip_image002
  3. Click on User > Edit User.
    clip_image004
  4. Enter the search criteria and locate the user you wish to edit.
  5. Double-click on the intended user.
  6. Select a soft token, if one is already assigned, or complete the steps to assign a soft token before continuing.
    clip_image006
  7. Click on Edit Assigned Token…
    clip_image008
  8. Click on Edit Token Extension Data…
    clip_image010
  9. On the Edit Token Extension Data dialog window, you will want to add several entries. Keep in mind that all entries consist of key/value pairs. In this particular example, I created the following entries:
    1. Nickname
    2. TOOLBAR_SITEURL1
    3. TOOLBAR_SITEURL2

The Nickname entry is an optional entry, but it is helpful for users that may need to install, or use, multiple tokens on the same device. The TOOLBAR_SITEURL entries are meant for tokens that will be used with the RSA IE Toolbar product. When a token is to be used with the RSA IE Toolbar, you MUST specify at least one URL for which a token is valid. Otherwise, the token will never be activated for any site. This is a particular nifty feature of the RSA IE Toolbar product that allows administrators to restrict the use of a token to particular URLs.

You should also notice that the DeviceSerialNumber entry is purposely left blank. The reason for this is to make it possible for a single token to be used in multiple devices or products. If you specify a device serial number as part of a token's extension data, you will effectively "marry" the token to a particular device and the end-user will not be able to use in other device or product until it is re-issued.

  1. Once you have created the desired entries, click on Exit.
  2. You should now find yourself back at the Edit Token screen. Click on Re-Issue Software Token…
  3. You should now see an information dialog box asking you to commit any token changes. Click Yes.
    clip_image012
  4. At this point, you should find yourself at the Issue RSA SecurID Software Tokens screen. Un-check the Enable Copy Protection checkbox as well as the Password Protect checkbox. Make sure you select the One Token Per File option and then click on Next >.
    clip_image014
  5. If necessary, select the token you modified from the Verify RSA SecurID Software Token Issuing List screen and click on Next >. clip_image016
  6. You will be prompted to confirm the issuance of the token. Click on Yes to issue the soft token.
    clip_image018
  7. If prompted to overwrite a previously issued token file, click on Yes.
    clip_image020
  8. You should now be prompted to save the results of the issuance operation to a file. Click on No, unless you wish to retain the results of this operation for review at a later time.
    clip_image022
  9. At the Edit Token screen, click on OK to close the window.
  10. At the Edit User screen, click OK to close the window.
  11. Close the RSA Authentication Manager window.

Congratulations! You have completed the first steps to generating a token file that can be used in any of the platforms mentioned at the beginning of this article. Now, we must work with this file to make it suitable for use in each of those platforms. Continue reading the remaining sections to learn how to use the token file in the platforms that may be of interest to you.


BlackBerry Devices

  1. Using Notepad, open the file that was generated and inspect its content. You will notice that the token file is nothing more than an XML file. Close the file and make a copy of it.
  2. Rename a copy of the token file by pre-pending x-rimdevice to its current filename. This is necessary because the RSA BlackBerry application "listens" for email attachments that have the extension sdtid and which names start with x-rimdevice.
  3. Using your preferred email client, send the newly renamed token file to the intended end-user as an attachment to an email message.
  4. The recipient need only open your email and should be able to import the token by clicking on the BlackBerry menu button and then selecting the option that reads Import RSA Token.

RSA SecurID Software Token for Microsoft Windows

  1. The intended end-user must download and install this application from the RSA website.
  2. Once the application has been installed, send a copy of the original token file to the end-user in question and instruct that person to copy the file to the Desktop.
  3. Once the file is copied to the Desktop, the user can launch the RSA application and it will automatically import the token. This is a neat functionality that saves the user time by automatically importing any files located on the Desktop which have an SDTID extension.

RSA Toolbar for IE

  1. The intended end-user must download and install this application from the RSA website. Please note that, as of this writing, the RSA Toolbar for IE is only compatible with IE7 and IE6. IE8 is not supported. In my limited testing, I haven't been able to get the toolbar to work with IE8.
  2. Once the application has been installed, send a copy of the original token file to the end-user in question and instruct that person to copy the file to the Desktop.
  3. Once the file is copied to the Desktop, the user can launch IE and the RSA toolbar application should automatically import the token. If the token is not automatically imported, the user can click on the IE RSA toolbar and navigate the menu options to import a token manually.

RSA SecurID Software Token for iPhone and iPod Touch

  1. The intended end-user must download and install the application from the iTunes App Store.
  2. Once the application has been installed, you must convert the software token that was generated during the first part of this article into a format that can be understood by the iPhone application.
  3. To convert the token file, the administrator must download the Software Token Converter tool from the RSA site. Once downloaded, copy the token file to the same location as the converter tool executable.
  4. Open up a command prompt window and navigate to the folder where the files are located.
  5. Type in the following command:

tokenconverter240 %TOKEN_FILE_NAME% -iphone -o url.txt

The command line above instructs the RSA Token Converter tool to convert the specified token file to an iPhone format and to save the results of the conversion to a text file name url.txt.

  1. Once the operation has completed, close the command prompt and, using your preferred text editor, open the newly created file.
  2. The contents of the file should look similar to this.

com.rsa.securid.iphone://ctf?ctfData=200010461486101361407421544275032616407630164625276666404172122526573036671675254

As you may have noticed, this is a specially formatted hyperlink.

  1. Using your preferred email client, create an HTML format email message and insert the contents of the file generated in step #5 above.
  2. Before sending the message, make sure that the inserted link is showing up as a hyperlink. If it isn't, make the necessary corrections to make sure that it does. Otherwise, the end-user will not be able to import the token. If you are using Outlook 2003, highlight the pasted text and click on Insert > Hyperlink. At the resulting window, choose (Other) from the drop-down list, and paste the link text into the URL text field. If using Outlook 2007, highlight the text, click on Insert then click on the Hyperlink icon in the Links section of the ribbon toolbar. At the resulting dialog window, paste the link text into the Address text field. Once the text is showing up as a hyperlink, send your message to the intended end-user.
  3. The end-user in question will need to open your email message from within his/her iPhone and then click on the hyperlink. The RSA application will be invoked by the iPhone OS and the token will be automatically imported.

Download Links

Click Here to Continue Reading >>

Thursday, June 18, 2009

MAC OS on vSphere! Thanks to IDE support!

One nice little feature added to ESX4 is IDE disk support for the VMs.  This of course allows us to now run all of our favorite VMs that previously only worked on VMware Workstation (That has long had IDE support).  For Chris Hahn, this means the MAC OS. Check out his screenshots below :

image

image

Why MAC OS? For starters, this could be an easy way to test how web applications function across platforms.  It would be VERY interesting to see a View Agent released for this too! :)  Whatever the reason, its a nice way to do some MAC testing on more powerful hardware that usually afforded to VMware Workstation VMs.

Click Here to Continue Reading >>

Tuesday, June 16, 2009

Which blogs do *YOU* read?

imageHead on over to Eric’s vLaunchPad for a short little survey to rank your top 5 favorite virtualization blogs. (Survey Here).  I’ve wrote in the past about Eric’s site and if you haven’t had a chance to check it out – you might want to take the opportunity now.  It is a VAST collection of links and sources for information on all things VMware in a nice, neat, compact, well organized JumpPage.

The vLaunchpad not only contains links to the sites, but also links to RSS feeds and author’s twitter accounts.

Click Here to Continue Reading >>

Friday, June 12, 2009

Running Windows 7 desktops on VMware

“Another posting by MTHammer1…”

I thought I’d pass this along.  (Others have already dealt with the issue in the community, but this comparison might provide some additional benefit to someone out there.)

 

As you would expect, with Windows 7 only at a Release Candidate phase, VMware hasn’t provided a Windows 7 template yet for the creation of new virtual machines.  Consequently, you need to choose something “close”, or, use the option, “Other” for the OS, and choose the architecture (32 or 64 bit)

 

Selecting “Windows Server 2008, 32bit” template is a nice choice, as everything appears functional with the resulting VM. 

Selecting “Other, 32bit” produces generally the same .vmx VM config file, but with a notable exception.  No usable virtual NIC.  (A maximum CPU percentage is also lacking, but for just the installation of the machine, the missing NIC is significant.) 

Comparing the .vmx files created by the two options, you discover some pros and cons:

1.      Using the “Windows Server 2008” route:

a.      PRO – The template is easy, convenient, fast, fun, and popular with the Google posters.

b.      CON – vCenter reports the OS as being a Server OS – probably generating confusion for us admins.

2.      The “Other” template route:

a.      PRO – Looks “good” in vCenter, and is the best way to keep to distinguish the actual OS from others.  (You get to name it yourself!)

b.      CON – You need to download the .vmx file, add the line “ethernet0.virtualDev = “e1000”, and upload the changed file to vCenter.

WinMerge (or similar) yields the differences in the files for easy viewing.  You can see the (NIC) problematic part of the network section in the two snippets below.

image

While modifying the .vmx file is a ~10min hassle, I would recommend doing that until VMware turns out a new template. 

(Wisdom says:  “You pay now or you pay later, but you always pay more later.”  The implication and application:  “Confusion-driven mistakes in the server room rarely cost less than 10 minutes.”)

 image

 

-MTHammer1 

Click Here to Continue Reading >>

Saturday, June 6, 2009

Off-Topic : Deploying signatures and disclaimers with Exclaimer Mail Utilities 2007 and Exchange 2007

Written by Marcos Velez 

If you have done any sort of Exchange administration, you have surely come across a request to deploy standardized signatures and/or disclaimers. More companies are becoming aware of the importance to standardize the signatures used by employees, not to mention the need to include certain disclaimers that are sometimes mandated by their line of business and industry.

In olden days, if you were using Exchange 2003, you had no easy way to do so from within the Exchange System Manager Utility. As such, many (most?) admins would advocate deploying signatures and disclaimers via group policy to the user's Outlook profile. While this solution has some merits, it is kludgy and, in my opinion, far from elegant. Other people would resort to using third party tools. There is yet another camp: those who choose to deploy scripts (usually VBScripts) via the event sink functionality at the SMTP Transport level. Being a programmer, the latter solution appeals to my sensibilities. As such, I have found the event sink functionality to be powerful and easy to leverage when deploying scripts that insert signatures and disclaimers. Alas, event sinks got a major make-over in Exchange 2007 and SMTP transport event sinks can no longer be deployed using non-compiled scripts.

Hence this article, in which I will walk you through installing and deploying Exclaimer Mail Utilities 2007. In fact, this article is meant to help you address a quirk I discovered while recently deploying Exclaimer. The quirk arose when trying to use different signatures for internal and external recipients.

Out of the box, Exclaimer is a great solution that is simple to install and deploy. Among its many features, it allows you to use different signatures for internal and external recipients. The feature of stamping a given message with a different signature depending on whether the intended recipients are internal or external should work even when the message is addressed to both types of recipients. The problem is that Exclaimer relies on Exchange 2007 to create two "copies" of messages that are addressed to both internal and external recipients: one copy is for the internal recipients, the other for the external recipients. This process is normally referred to as bifurcation. For whatever reason, message bifurcation is just not happening in Exchange 2007. I still haven't gotten to the bottom of this problem, but I know I am not alone in this boat and that is a problem for many other people.

So, how can you make use of this Exclaimer feature if Exchange won't bifurcate messages properly? Easy! Just force Exchange Server to bifurcate all email messages that contain a mix of internal and external recipients. Here is how:

  1. Launch Exchange Management Console
  2. In the left pane, expand the Organization Configuration section.
  3. Click on Hub Transport.
  4. In the middle pane, click on the Transport Rules tab.
  5. In the right pane, click on New Transport Rule…
  6. Enter a name and description for the new rule and then click Next.
  7. When prompted for a Condition, select the option sent to users inside or outside the organization. Before clicking on Next, look in the text area at the bottom of the dialog window and make sure that Outside is specified. Click Next.
  8. When prompted for an Action, select the option append disclaimer text using font, size, color, with separator and fallback to action if unable to apply.
  9. Using the text area at the bottom of the dialog window, click on disclaimer text and specify a single blank space and click OK.
  10. Click on with separator and select the without separator option and click OK.
  11. When done modifying the Action properties, click on Next.
  12. When prompted for an Exception, simply click on Next.
  13. At the next screen, you can review your settings. Just click on New to immediately create the rule. Once the rule is created, click on Finish.

This new Hub Transport rule will effectively force Exchange to bifurcate messages that contain a mix of external and internal recipients. That means that whenever any such message is relayed through the Exchange Servers, two copies are created and relayed. In case you are wondering, all recipients will still see the entire list of original addressees. Nothing about the original message is actually changed, except for the addition of a single blank space at the very end of the message. Once bifurcation has been achieved, the Exclaimer functionality of different external and internal signatures will work perfectly.

Enjoy!

This is what the rule will look like if you go back into it to edit it:

clip_image002

Click Here to Continue Reading >>

Friday, June 5, 2009

VMware View Quirk w/Agent 3.1 – UserInit & WSSM Process popping up My Documents.

 A client of mine (MTHammer1) sent me a quick email detailing an interesting issue he is experiencing in his VMware View 3.1 deployment.  
I don’t have an answer for the issue but maybe someone reading this might. :)

Carlo,

I’ve found a “quirk” with the 3.1 View agent and the cloning process. 
Maybe you have heard of the solution…

imageThe scenario runs like this:

     1. Create a master VM

     2. Install the VMware View Agent

     3. Shut down the VM and clone to a new VM using customizations as follows:

                a. “Use the virtual machine name”

                b. Product key entered in field

                c. No admin password

                d. MST

                e. No “first time” commands

                f. Typical network settings

                g. VM participates in WORKGROUP

                h. Generate new SID

      4. VMware follows the usual process and syspreps the machine.

      5. Afterwards, when I log in, the “My Documents” folder pops up – every time.


After some digging, I found that the HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit REG_SZ value appears to be the problem.

      1. Pre View install, the value is:  C:\WINDOWS\system32\userinit.exe,

      2. Post View install:

                 a. Userinit key value is:  C:\WINDOWS\system32\userinit.exe, “C:\Program Files\VMware\VMware View\bin\wssm.exe”

                 b. A new string “WssmUserInit” is present (in the same key), and it’s value is:  C:\WINDOWS\system32\userinit.exe

When I remove the:  C:\WINDOWS\system32\userinit.exe,  portion of the Userinit string, everything goes back to normal – “My Documents” doesn’t volunteer itself anymore.  However, if I sysprep the machine again, Userinit returns to the two values, and the “My Docs” folder comes up.

This issue didn’t seem to be an issue with View 3.0.  (Not hard to fix with a script, but it’s another thing to remember.)

Any Ideas?

Click Here to Continue Reading >>

vSphere vMotion error : Mismatched Host CPU features

It seems that after upgrading a Virtual Machine’s hardware from Version 4 to Version 7 on vSphere, the VM may no longer be able to vMotion between hosts (Even identical ones).

Refer to KB article 1993 for possible solutions

As detailed in the following KB article, after upgrading the VM’s hardware version, there may be artificial CPU MASKS applied to the VM.

KB Article : 1011294

VMware Advanced CPU Masks

Clicking ‘Reset to Default’ cleared the unnecessary masks and vMotion capabilities were restored.

During the upgrade process of Virtual Hardware while the machine is powered down, be sure to clear the CPU Masks.

Click Here to Continue Reading >>

Thursday, June 4, 2009

Scheduling VB Scripts via Scheduled Tasks

Written by : Marcos Velez 

imageEver find yourself having problems when trying to schedule a VBScript (that requires some command-line parameters) using Windows Scheduled Tasks? If so, read on.

Normally, when scheduling a task, you simply specify the path of the application being launched, followed by the intended schedule and the account under which the execution is taking place. If you need to specify any command-line parameters, you can do so by modifying the properties of the scheduled task and adding them to the Run field at the end of the specified application's path. Alas, when it comes to VB scripts, it is not so simple. While you can certainly schedule a script to execute at any given interval by specifying its path in the Run field, you can not pass to it any parameters by simply specifying them after the script's path.

For example, suppose you have a script, called recordEvents.vbs, that crawls through the Event Logs and records the information contained in there. Assuming the script is located in the root of the C: drive, you can specify its path (c:\recordEvents.vbs) in the Run field and all will be well. But, if you need to specify the type of event to record, by passing a command-line parameter such as "/ERRORONLY", you can not use "c:\recordEvents.vbs /ERRORONLY" as your Run path. It simply will not work. Mind you, you will not see any errors, but recordEvents.vbs will be executed without the specified parameters. Even if you encapsulate the entire path in quotation marks, it will not work. Encapsulating the whole thing in quotation marks tells the OS to execute a file called "recordEvents.vbs /ERRORONLY". Obviously, that doesn't work.

So, what is the solution? When using Scheduled Tasks to schedule a VB script that requires command line parameters, you must launch your script using wscript.exe (windows-based script host) or cscript.exe (command-line-based script host). For example,

wscript.exe c:\recordEvents.vbs /ERRORONLY
Or,
cscript.exe c:\recordEvents.vbs /ERRORONLY

For more information on using cscript.exe, refer to http://technet.microsoft.com/en-us/library/bb490816.aspx.
For more information on the differences between wscipt.exe and cscript.exe, refer to http://www.microsoft.com/technet/scriptcenter/guide/sas_wsh_divn.mspx?mfr=true. Lastly, for more information on options that apply to both wscript.exe and cscript.exe, refer to http://msdn.microsoft.com/en-us/library/xazzc41b(VS.85).aspx.

Click Here to Continue Reading >>

Wednesday, June 3, 2009

Training Lab simulator for vSphere Fault Tolerance (FT)

Nice little flash simulator for setting up a FT pair of VMs from the VMware Training Class.  Enjoy…

Click Here to Continue Reading >>

All Sorts of issues with VMware and Window 7 RC

Of course I run Windows 7 on my laptop and of course I want to run my vSphere Client.  Of course, it is  not supported yet. :(  Where’s the love for Windows 7?

image

image

Luckily I have VMware’s ThinApp.  I’ll just package up the vSphere Client and *Poof*, I’ll be running in minutes..

image

DAMN!  ThinApp’d applications apparently do not run very smoothly on WIN7 either.  I know that Win7 is not officially released yet but “Where’s the Love?”

I suppose I could just run these applications in an XP VM but I REALLY DO NOT WANT TO!  Ugh..

I did manage to find a short statement on ThinApp’s Community Site stating support would be here sometime second half of 2009.

image

Anyone else care to commiserate with me and my VMware/Win7 troubles? :)

Click Here to Continue Reading >>

Tuesday, June 2, 2009

What’s the deal with the new PVSCSI drivers?

image New in vSphere are ParaVirtualized SCSI drivers.  From what I have read at various places, 12% performance throughput increase with 18% decrease on guest CPU loads!  Sounds great – What’s the catch?

Seems the new PVSCSI drivers are not supported for boot drives on the VMs (Chalk up one more reason to NOT have just a C drive).  The situations I am running into are that many clients HAVE already moved to a single drive server model.  Many of the environments I am running into have settled on a server standard consisting of a 25 – 40 GB C drive for both OS and data.  For most of the infrastructure servers, this model seems to have worked out nicely.  Run out of room?; just grow those puppies without breaking a sweat!  Performance on these grossly underutilized servers does not seem to be a factor.  A nice balance of performance vs. manageability.

 

At first glance, I figured I would be rolling out just about every VM with these new PVSCSI drivers, now, I think it will probably be the exception.  PVSCSI will be a potential tool in my belt to help solve VM performance issues when the LSI is not up to the job.  I think some of the selection criteria for when I will use PVSCSI will be server’s with applications that naturally lends itself to a multiple drive partition layout (think Mail and Database applications) in which adding PVSCSI drivers to the second, third and remaining drives will be a no brainer.  For the vast majority of my VMs though, chugging happily along at 10% utilization, the LSI Logic Parallel driver will probably fit the bill.
image

How bout You?  :)

Click Here to Continue Reading >>

Monday, June 1, 2009

WANTED: Full Time Citrix Administrator : 110k Base + Bonus + Benefits

If you are based in the New York Metro area and are in need of a change in positions, a colleague of mine is looking to fill a Full Time Citrix Administrator spot at a downtown financial firm.  Here are the particulars :

image

Please forward all resumes or inquiries to Jeff DOT Nussbaum AT IPM DOT Com

Click Here to Continue Reading >>