Think IPM

Wednesday, July 27, 2011

New Office Patch to Avoid : KB2501584

Chris Hahn over this quick warning to admins with users running Office 2003 and 2007.

 

This patch comes down via automatic updates, and can generate warning messages when opening office files.  See below for sample warning message.

 

Microsoft Office File Validation Add-in (KB2501584)

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=2807

 

clip_image002

 

If your user population is ‘sensitive’ to changes like this, you might want to pass on this particular patch.

Thanks Chris!

Click Here to Continue Reading >>

Monday, July 25, 2011

VMware Enterprise or Enterprise Plus?

imageYou may have heard about the coming licensing changes from VMware.  You may have heard about the new vRAM licensing and some of the impacts it will have on current implementations.  And you may have heard about the release of vSphere 5!  If not, do a little Googling around and you’ll find oodles and oodles of information.

With all the changes coming toward the end of the year, this is probably a good time for customers to start looking at whether Enterprise Plus is a good option for them in the future. 

You can refer to this link from VMware for a full breakdown of the editions:
http://www.vmware.com/vmwarestore/vsphere_purchaseoptions.html (List prices as well)

If you clicked the link, you may also notice that Advanced is now gone.  If you had a vSphere 4 Advanced license, you now have a vSphere 5 Enterprise license. (Congrats!)

The obvious license enhancements are:
vRam Entitlement goes from 32GB per socket in Enterprise to 48GB per socket in Enterprise Plus.  Assignment of 8 vCPUs to a single VM also jumps to a whopping 32 vCPUs per VM.  More than enough to run the most demanding mission critical VM.

In the past, I wasn’t too impressed with the additional technical features of the ‘Plus’ edition but with the release of vSphere 5, they have put some of the more cool features in the Plus version and I expect to see it a lot more in the field now.

Storage DRS:
This is perhaps my favorite feature of vSphere 5.  Much like DRS which could automate the distribution of CPU and RAM resources via system initiated vMotions, Storage DRS will automate the distribution of Storage resources via system initiated Storage vMotions.  It will attempt to baseline IO requirements and move VMs to stay within those baselines.  It will also be on guard to make sure space doesn’t run out on an datastore.  This includes intelligent placement of VMs on datastores during creation.   Storage DRS will require Enterprise Plus.

Auto Deploy:
In my mind, this is similar to Citrix Provisioning Streaming Services.  The ability to PXE boot a machine, have it connect to vCenter and stream down the ESX Operating System to the hardware.  For all this to work, vSphere will leverage Host Profiles to complete the configuration once the base machine boots up.  Should make deployment, Patching and scaling pretty painless.

I/O Control
Both Storage and Network control will be available only in Enterprise Plus.  These features will allow companies to better define and ensure Virtual Machine resources based on business needs and SLAs.

These are some of the new changes in vSphere 5 that might make a company re-evaluate their current licensing edition needs.

Click Here to Continue Reading >>

Thursday, July 21, 2011

Citrix Provisioning Services Error : Unexpected MAPI error Occurred

Citrix Provisioning Server 5.6 SP1.  While changing the Mode on a vDisk, I received the dubious ‘An unexpected MAPI error occurred” error shown below.  The details show information related to an inability to mount the vDisk and a driver related issue.

image

After some Googling around, I found on the Citrix Forums, a thread that stated that while there is no FIX for this issue, a temporary work around is to switch the Licensing Properties on the vDisk to none.  This will allow you to change the rest of the options on the remaining tabs.

image

Hopefully, this will be addressed in a future hotfix but for now, switching the licensing to None is a solid workaround.

Click Here to Continue Reading >>

Tuesday, July 19, 2011

Automate Citrix Receiver Configuration for Mobile Devices

Written by Sam Jacobs:

Like it or not, iPads and other mobile devices are here to stay. Just about all of our clients are reporting that Citrix mobile device support is being demanded by technical and non-technical users alike.

Mobile device support is accomplished via the Citrix Receiver. The correct version of the Receiver must be downloaded, and configuration of the program usually entails one or more calls to the Help Desk.

A simple modification to the Access Gateway or Web Interface login page can eliminate most (if not all) of those calls.

The first step is to go to the Citrix Mobile Receiver Setup URL Generator:

http://community.citrix.com/MobileReceiverSetupUrlGenerator/

After entering the required information and clicking Generate URL, a link will be generated which can be embedded into your Web Interface or Access Gateway logon page. The information above will generate the following link:

citrixreceiver://createprofile/?s=https%3A%2F%2Fportal.ipm.com%2F&pname=IPM%20Portal&d=ipm.com&gw=1&gwt=2&gwa=3

You can then modify the Netscaler logon page so that it looks something like this:

You can see a step-by-step implementation of the above, as well as other Advanced Netscaler Customizations at a breakout session given by Sam at BriForum – July 19th – 21st

Click Here to Continue Reading >>

Thursday, July 14, 2011

How to Split a Netscaler AGEE Pair up Safely.

Post by Sam Jacobs:

Summary

This post explains how to (safely!) split a Netscaler (AGEE) High-Availability (HA) pair.

Background

An AGEE HA pair functions in an active/passive mode, which means that all traffic flows through the Netscaler currently marked as Primary. As long as the primary Netscaler is up and functioning (and the Secondary appliance can confirm connectivity), the secondary Netscaler will sit quietly in the background. Should the secondary appliance lose connectivity to the primary, it will assume that it is down, and will begin handling all traffic. You can also deliberately cause a failover to the secondary appliance via the force failover command.

It is sometimes necessary to temporarily split an AGEE HA pair. This would be done, for example, if you wished to upgrade the appliance firmware. Simply turning off HA, while seemingly intuitive, would be disastrous. With the exception of the individual Netscaler IP (NSIP) address, all other load-balancing and Access Gateway IP addresses are shared between the appliances. If HA is simply turned off, BOTH appliances will assume that they are primary, and will attempt to handle traffic. Duplicate IP addresses will begin appearing on the network, and ARP tables will become corrupt. The result will be that some users might be able to connect, but most will not.

Procedure

Citrix TV has an excellent video by Ronan O’Brien on splitting an HA pair: http://www.citrix.com/tv/#videos/1414.

As I found out the hard way, however, one simple, yet quite important step was left out (see below) – hence the impetus for this blog post. To safely split the pair, back up the ns.conf file on both appliances, and open a PuTTY session to each. Then, perform the steps below in the order specified:

On Primary On Secondary
  1. set node -hastatus DISABLED
  2. set node -hasync DISABLED
3. set node -haprop DISABLED  
  4. clear config full
  5. save config
6. rm node 1  
7. save config  

Step 1 tells the secondary appliance to stop participating in HA.
Step 2 tells the secondary appliance to stop receiving configuration updates from the primary.
Step 3 tells the primary to stop propagating configuration updates to the secondary.
Step 4 clears the entire configuration (make sure you have a backup!) of the secondary, with the exception of the NSIP.
Step 5 saves the secondary configuration, so that you don’t reconnect to the primary when you reboot the appliance (this is the step missing in the video above!).
Step 6 removes the secondary node from the primary’s HA configuration
Step 7 saves the primary configuration.

You can now update the secondary appliance without worrying that it will affect production users.

Click Here to Continue Reading >>

Tuesday, July 12, 2011

Don’t put those DCs on your Shared Storage! (If you are running Hyper-V)

imageI had a client call me in a complete panic recently with their entire environment completely down.  It was a real world example of a lesson learned the hard way.

Background:

This particular client was fully on the virtualization path and had began to virtualize pretty much everything in sight.  The hypervisor this particular client had chosen for the task was Microsoft’s Hyper-V.  Multiple Hyper-V hosts with shared storage and redundant network connections to VLANs and the such.  The environment was built out with enough resources and was happily chugging along for an extended period of time providing resources to infrastructure, application and business critical virtual machines.

Critical Event:

During a routine building power event, they were forced to shut down all systems.  After the power event, the powered up Hyper-V hosts were unable to access the shared storage necessary to power up any Virtual Machines.

imageWhat Happened?!?

  1. All Domain Controllers in the environment were virtualized and moved up to the Highly Available Cluster Shared Volumes. (Shared Storage)
  2. Hyper-V leverages Cluster File Services to mount and access Cluster Shared Volumes.
  3. Cluster File Services uses an Active Directory Service Account for permissions and access.
  4. The Domain Controllers (on the CSVs) were in a powered down state and unable to authenticate the Cluster File Services’ Service account to mount the CSVs to power the Domain Controllers back on.  And around and around we go. Sad smile

Prevention:

Obviously, the easiest solution to this situation is to always have a physical domain controller up and running in the environment (also useful for a reliable time source).  If you are resource constrained or just super Pro Virtualization, you can also just make sure to NOT put your only Domain Controllers on the Shared Storage volumes.  You can easily leave one on each of the Hyper-V host’s local storage.  Even with the entire Domain down, you can always log in locally to the Hyper-V host and power up your locally stored Domain Controller Virtual Machine.

A side note:

For those more familiar with VMware, this could be easily overlooked since this is not an issue with VMware.  Although vCenter authentication is handled by Active Directory, the local hosts running ESX do not depend on AD service accounts for any Host operations including accessing the shared storage and power operations on the VMs.

Fortunately for this client, they were able to do a restore of a DC to local storage and get the environment back up.

Click Here to Continue Reading >>

Saturday, July 9, 2011

Off Topic : Time Warner does not like “jailbroken” devices.

image

In unrelated news, JailBreakMe.com is once again up and running for all your iOS Jailbreaking needs.

Thanks for the screenshot Chris!

Click Here to Continue Reading >>

Friday, July 8, 2011

Expanding a Citrix Provisioning Service vDisk with Hyper-V

imageOne of the advantages of virtualization is the ease of resource allocation.  Whether it’s adding additional memory or increasing available hard drive space in a Virtual Machine, it’s usually just a few clicks away and does not require any screwdrivers.

 

My colleague Jacques Bensimon sent over some handy directions (plus bonus tip!) for expanding a VHD using Hyper-V.  In his case, the VHD was a Citrix Provisioning vDisk.

1.      Copy the PVS vDisk (let’s call it CitrixPVS.vhd) to the Hyper-V machine.

2.      Without having to assign CitrixPVS.vhd to any Hyper-V VM, just right-click any existing VM and select Edit Disk…  This takes you to the “Edit Virtual Hard Disk Wizard” which lets you select any VHD (not just VHDs belonging to the VM you right-clicked).  Select CitrixPVS.vhd from wherever you saved it, select the Expand option, and make it any new size you want.  The VHD file has now been expanded to the desired size, but of course the internal volume is still the original size.

3.      Now go to the Windows 2008 R2 server’s “Server Manager”, go to Storage | Disk Management, right-click, select “Attach VHD” and attach CitrixPVS.vhd.  Once it’s attached, use the “Extend volume…” option to make the partition within the VHD use all the new space.

4.      BONUS:  At this point you’re done, but as long as you have the VHD attached in Disk Management, don’t detach it right away and use (for example) the free Piriform 64-bit Defraggler to defrag the volume (when was the last time you defragged a PVS vDisk?!). Then detach it and you’re really done!

Note that this procedure never actually boots the vDisk and operates on it by strictly external means.

If you don’t have a Hyper-V server handy, you can check out the non-Hyper-V way.

Click Here to Continue Reading >>