// This is the script to give summary on the main page.
Think IPM

Friday, September 30, 2011

Virtual Machine Discrimination; Shame on you Google!

It still burns me up when I see programs discriminating against Virtual Machines.  Today’s offender, which I feel obligated to ‘out’, is Google Music.  After trying to load up the Google Music Manager in a Virtual Machine, in hopes of pouring my music library into their cloud infrastructure, I kept receiving startup failures from the manager complaining that it could not identify my computer.  A quick jump to their knowledge base and that was the end of that.
For some reason, they decided to specifically deny support for Virtual Machines.

Hey Google Music! VM discrimination is so last decade.

Click Here to Continue Reading >>

Thursday, September 29, 2011

ESX Hardware Boot options (via vCenter GUI)

Not sure if this one is new or not but I’ve NEVER seen the Boot Options before in vCenter for a host.  I think it’s pretty cool!  You can change the Boot Device options for the host.  Handy and clever.. These particular hosts were running ESXi 4.1 so I know it’s not a new feature from vSphere 5.  Not sure if this is a feature of the R710 alone or a combination of the hardware and ESXi.  If you know, drop me a note in the comments.  Thanks.


Click Here to Continue Reading >>

Wednesday, September 28, 2011

Surgically eliminating Windows Installer app repairs

My colleague, Jacques Bensimon sent over this fantastic write up on a common error scenario that probably has plagued us all at one time or another.  Thanks for sharing the knowledge JB!

Any of you who’ve dealt at all with application installations on a Windows image are familiar with the occasional repairs of MSI-installed applications triggered by launching an app, opening an associated document type, etc.  Most recently (the example I’ll use in what follows), I noticed that v12.x of the Citrix ICA client would trigger a repair any time I double-clicked a .ica file (this happened both on my laptop and on a XenApp 6 build I was working on).  As is always the case in such cases, figuring out why Windows Installer felt the need to perform a repair is easy -- a 1004 event such as the one below can be found in the Applications event log:


As can be seen from the event log entry, this particular repair is triggered by the fact that the “resource” (in this case a Registry entry) HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ConnectionCenter isn’t found.  Well, of course it isn’t found:  I manually deleted it right after installing the ICA client!  (Who needs Connection Center running in the background at all times, and in every user session in the case of a XenApp server?!).  In this particular case, the workaround is simple enough:  since Windows Installer checks for the existence of the Registry entry but doesn’t care about its actual value, re-creating an empty REG_SZ entry named “ConnectionCenter” at key HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run resolves the issue with no undesired side-effect – notice the switch to the 32-bit Wow6432Node branch (where the original undesired value had been written):  on a 64-bit platform, the event log entry is to be interpreted in the context of the “bitness” of the app in question.  (By the way, if you care, the original value of the Registry entry was “"C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup”).

But what about different Installer app repair issues that aren’t as easily worked around as this example?  What if the missing “resource” is an undesirable public desktop shortcut? or an unwanted .dot/.dotm macro file in MS Word’s common STARTUP folder?  What follows is a systematic description of how to convince Windows Installer to not check for a particular resource once it’s been established that the absence of that resource is responsible for triggering repairs.  I describe this approach as “surgical” to distinguish it from the “thermonuclear solution” you may also be familiar with:  using the (now officially deprecated) Microsoft utility MsiZap.exe (or its GUI front-end MsiCUU.exe, the MSI Cleanup Utility) to completely wipe away all Windows Installer data relating to the problematic application, which of course makes it impossible to uninstall or patch the app (unless it is first re-installed) and is, according to recent Microsoft noises, now considered unsafe for some reason (if this were Wikipedia, I’d have to give you a specific reference to that, but it isn’t, so I won’t).

In order to better explain the solution, a very quick overview of some Installer vocabulary is in order:  a given Windows Installer package (an MSI) defines the installation of one or more Products, what we typically call applications – the average MSI usually defines a single product, but more than one is allowed.  A product in an MSI consists of one or more Features:  our most familiar contact with MSI features is the case of an MSI installation wizard presenting a tree of application features and sub-features which can be individually selected or deselected (except for features that are not displayed and are therefore mandatory).  Even when no selectable features are presented during an attended setup, every product in an MSI consists of at least one feature.  Every feature in an MSI is made up of one or more Components – an MSI component is a fixed collection of folders, files, Registry keys and values, shortcuts, ODBC connections, etc. that are all installed together (no such thing as installing just part of a component).  A particular component can belong to more than one feature, so selecting any one of several features can force the installation of a particular component.  Finally, and this is the part that most interests us here, any component in an MSI can optionally be assigned (by whoever creates the installer package) a so-called “KeyPath”, typically a file, folder, Registry key or Registry value that the author considers either “fundamental” to that component or at least “representative” of that component.  When a component of an installed product is “activated” (i.e. executed) on a machine, Windows Installer  (always? often? sometimes?) verifies the existence of the component’s “KeyPath” (if one has been defined) as a quick check that the component is (still) present -- it would presumably be impractical and time-consuming to verify the existence of every single item that  makes up the component -- and initiates a repair if the “key path” is not found.  Using these terms, we now see that the generic form of the above 1004 event log entry is

Detection of product ‘{productGUID}’, featurefeatureName’, component ‘{componentGUID}’ failed.  The resource ‘KeyPath’ does not exist.

If the component in question hadn’t been assigned a KeyPath (which, as I stressed above, was completely optional), it could never trigger a repair.  Well, what if we simply make Windows Installer forget about the component’s keypath?  Turns out after a little digging (one more item off my bucket list) that the GUID of each component of all MSI-installed products is listed in the Registry as a subkey of HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components and that, as can be seen in the following screenshot, each component GUID key has a REG_SZ entry named after the GUID of the product to which the component belongs.  The value of that entry, if not blank, is the KeyPath for that component – make the value blank, and the KeyPath is gone, as are future repairs!


But wait, you don’t recognize the component’s GUID and the product’s GUID when comparing the Registry key to the event log entry?  The display format for GUIDs {involving curly braces} used in the event log entry is different from the laid out 32-digit hex strings used in the Registry.  The conversion is made obvious by the following little graphic (basically the first three digit groups are reversed and the last two are transcribed while flipping digit pairs):


One last thing:  if you need to install an MSI to multiple machines and would rather not wait until after installation to get rid of a troublesome component KeyPath, you can get rid of it at the source by creating a transform (.mst) using Microsoft Orca to remove the KeyPath associated with the component.  I won’t go into the details, but the following screenshot shows the Component table in the MSI with the row corresponding to our component highlighted (see the ComponentId column) – using the transform to blank out the KeyPath entry in that row (the yellow cell) will ensure that all future installations (using the transform) are free of that particular KeyPath.


Happy hunting!

Click Here to Continue Reading >>

Tuesday, September 27, 2011

Patching ESXi with vMA

Today I had to set up some ESXi servers that required additional hardware drivers to recognize the 10GB NICs we purchased for them.  I’ve done this easily before with ESX and the service console but never with ESXi which has no dedicated service console.  Enter the vSphere Management Assistant! vMA for short.  This great little downloadable OVF based appliance allows you to do all sorts of great things within your VMware environment.  In this case, it allowed me to add these drivers to the ESXi servers in no time at all.

After downloading the Appliance into your VMware environment, you can pull up a console to the appliance and log in.  The default username is VI-ADMIN.

I had previously downloaded the additional drivers from VMware’s support site as an ISO file.  From my local VI client, I mounted the ISO to the vMA appliance.

Once logged in, sudo mount /dev/cdrom /mnt will mount the ISO into the /mnt directory on the appliance.

From there, you can change to the /mnt/offline-bundle directory.

Using the vihostupdate command, you can remotely add the drivers to all of your ESXi servers in the environment.  This did assume that the ESXi servers had SOME network connectivity. (In my case, it was over 1GB connections).
vihostupdate –server <ESXi server name/ip> –install –bundle <package name>

A quick reboot and the new NICs were available on all the systems.  Nice!

Click Here to Continue Reading >>

Friday, September 23, 2011

Tweet Humor : Citrix’s new Multi Layered Antivirus Solution.

In the never ending viral battle, Citrix has really extended it’s efforts way past Desktops and Servers.  Experts do say that a multi-layered approach is the best defense! :)

Spotted by Chris Wolf (@CSWOLF) at a recent Citrix conference.

Click Here to Continue Reading >>

Thursday, September 22, 2011

Pimping out the Citrix Netscaler – 2.0

As originally published on vCloudInfo.com, the TechDev team at IPM has beefed up the NavUI of the Netscaler to provide additional useful information for users. Up until now, however, you were still stuck with the same 3-panel frame as provided out of the box:

Well, Marcos Velez of the IPM TechDev team has done it again, with a totally revamped UI, based on the Web Interface 5.4 Symphony Theme:
Once you log on, however, you soon come to realize that the similarity ends there!

Check out the sleek new look for XenApp applications …clip_image006

… as well as the preference menu …

… and detail screens:

“But how do I access corporate as well as personal web sites and other links,” you ask?

Why through fly-away menus, of course!clip_image012
The TechDev group also specializes in integrating Web Interface with other standard (e.g. OWA), custom, and corporate web apps:
Even the logoff screen has been given a nice facelift, automatically redirecting users back to the login page:clip_image016
Sure this post might be a little SALESey, but these are some pretty kick ass enhancements. Smile

Click Here to Continue Reading >>

Tuesday, September 20, 2011

Aaron's Application Tip : IPv4 pings in a IPv6 World.

Here is a quick tip from Aaron Silber which you may or may not know, now that all of the new Microsoft operating system have IPv6 enabled by default, you may notice that when you go to find an IP address of a machine and ping it, the machine in many cases will give you back the IPv6 hex address. I don’t know about you, but I need to see an old fashion x.x.x.x style address for it to be of any value.

So what are your options?

a) learn IPv6
b) use the ping -4 option.
Personally I like “option b” Smile

See ya,

Click Here to Continue Reading >>

Friday, September 16, 2011

Why I am returning my AppleTV.

imageI love my Apple products. I absolutely fell in love with the iPhone and think the iPad is a game changer. From a customer service perspective, there are few companies that are even in their league. My experiences with Apple have been so filled with 'great' that my recent purchase of AppleTV was a real shock.

After doing my research on which streaming box to put in the living room, it came down to AppleTV and Boxee Box (sorry GoogleTV). I primarily had just wanted a new box to leverage Netflix movie streaming and the occasional locally stored movie. The Wii was just not cutting it anymore. Pandora through the surround sound system was also something everyone was looking forward to.

We already had a handful of iOS devices in the house so I thought the AppleTV would be a great addition. From the commercials, thumbing through things on the iPad and then flicking them up to the big screen was going to be awesome.

Fast forward a week and the ATV is back in the box and heading back to the store.
Here are my reasons in no particular order:

1) No true HD support. 720p is all it pumps out.

2) No HDMI cable. Really? Bring the thing home only to realize that they don't include an HDMI cable. It ONLY supports HDMI out so why not toss a cable in. Very surprising.

3) No way to really customize the interface screen. I'm not talking about skins, themes or crazy hacks. Just give me a way to remove all the iTunes Store content(read: advertisements) so my kids aren't asking every five minutes if they can download Rio the Movie for $4.99 a pop. Sure, parental controls can prevent them from actually buying it, but I want to remove the temptation altogether and the associated continual repetitive pleas.

4) No Pandora - WTF?!?!

5) Pretty limited codec support for playing non iTunes content.


So I went with the Boxee Box [weird shape and all]. Although they were smart enough to bundle an HDMI cable, it was not as plug and play as the AppleTV. Boxee includes a lot of customization options and it took a while to go through them all. Once done though, I was really able to control the type of content that appeared on the home screen. This was a huge plus for me. Of course Pandora, Netflix and a ton of other apps were available as well.

What about the other iOS devices in the house you ask? This one surprised me. Boxee supports AirPlay without any issue! From the iPad, Boxee shows up as a display device that I can then send content to. Very slick and it actually felt faster than Apple's implementation.

There are of course issues common with both devices (Hulu support anyone?) but overall, I felt the the D-link Boxee Box was a stronger device for my household.

Click Here to Continue Reading >>

Thursday, September 15, 2011

Some Windows 8 Screenshots

Moshe Silber took some time to download, install and send us some screenshots of the new Windows 8 developer preview.  Looks like they decided to move the Control Panel AGAIN! ;)  Not sure what I think about this thing yet. Oh yeah, and Hyper-V is now built into the desktop OS.

image image

You can grab your own copy here.

Thanks Moe!

Click Here to Continue Reading >>

Friday, September 9, 2011

Aaron’s Application Tip : Repairing the unrepairable.

Here’s a quick tip which I find I need to use from time to time. I don’t know if you have ever run into this or not, but sometimes you wind up with weirdness in a particular application and you figure, what the heck, let me try to do a repair and see if it fixes it, but when you click on the application, it doesn’t give you that choice. Other applications seem to have the choice, what gives?!

Anyway, as it turns out there may be a good reason why the vendor doesn’t want you to attempt a repair, but other times a repair is just what the doctor ordered. So what can you do if you’d like to give it a shot? Simple, crack open your registry and navigate to the following location:
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\<App Guid>


You’ll see entries for NoModify and NoRepair. Change either of these to a 0 and refresh the Programs window and….


You can now change an installation or repair it. Keep in mind that the application still has to support these features, which you would think they don’t if the option is not there, but my experience has been that it always works. It may be because most applications these days are Windows Installer based and I believe that the Installer technology natively supports these options.

If anyone comes across an application that barks at an attempt to be repaired, I’d be interested to know about it.


Click Here to Continue Reading >>

Monday, September 5, 2011

No more Windows Patching via VMware Update Manager 5.

Messing around the new VMware Update Manager and I noticed this little piece of information.  Update Manager 5.0 does not support VM patching.  Prior versions of Update Manager used to allow you to update Virtual Machines with Microsoft or Linux patching.  I don’t think many people used this feature so I doubt it will be missed much (or at all).  I used to use it in the home lab to patch my ‘golden images’ and keep them up to date.  Since Update Manager was fully virtualization aware, it had a unique feature that would allow it to power up VMs and patch them off the network.  This worked out great for keeping those VM templates up to date since they were mostly powered off and inaccessible by traditional tools like Microsoft WSUS or System Center Configuration Manager.  Saved some time when deploying an older image.

Of course, Host patching is still in full gear and Update Manager is by far the easiest way to keep your ESX hosts up to date.  It is really a well made piece of software that works practically flawlessly for me.  If you are not running it, you are definitely missing out.  I’m actually very pleased to see them remove some of the lesser known/used features and focus in on the core needs of Virtualization Administrators.

They haven’t gotten rid of the VM baseline tab though.  It’s now used to create Tools, Hardware and Virtual Appliance upgrade baselines.  I’m looking forward to diving into this at a later date.

Click Here to Continue Reading >>

Friday, September 2, 2011

Windows Refresher; Renaming Multiple files.

imageHere’s a quick note Aaron Silber sent over to me reminding me of the super useful F2 key when dealing with Citrix Provisioning Server image files.

Hello All,

Just in case you weren’t aware of this little feature in Windows 7/2008, new in these versions is something interesting.  If you go to rename a file, (F2 for those looking for a quicker way than having to right-click and select Rename) you will notice that be default only the name and not the extension will highlight. At first I found this odd, then I thought it must be to protect people from accidentally changing the extension and messing up the associations. Safety aside, here is another benefit that it provides; if you ever need to rename multiple files that have the same name, but different file extensions, you can do it all in one shot now! 

When would you need to do this? One example is in Citrix Provisioning Server. When you need to make a copy of a disk, you usually have three files of the same name (.lok [Locking file;not necessary], .pvp [vDisk Properties file], .vhd [The actual vDisk]) that you copy to a new name, rename them all and then import the disk. Have a look:
Highlight all files, press F2, change the first file to XAProd-v3
All renamed.
Anyway, I thought it was neat,

Thanks Aaron!  I think it is neat too! Smile
Click Here to Continue Reading >>