Citrix Session Recording is Great!!!

I love that Smart Auditor has come back…..  er… I mean Session Recording.  This is an amazing tool. The only issues I have with this product is if you want to not use SSL and retention and back to multiple consoles.

I could complain about the multiple consoles, but that would be kicking a dead horse again and again.  We will leave that alone and hope that Citrix will consolidate eventually.

Citrix has documented very thoroughly on how to install Session Recording with SSL.  But what if you are with a client that doesn’t have an internal PKI solution and doesn’t want to buy a 3rd party cert for this.

To Configure the Session Recording without SSL, don’t choose a certificate during the installation.  You would believe this to be enough, except when the website is installed, it is setup to require SSL.  To fix this setting, open IIS admin and navigate to the SessionRecordingBroker site.  Choose SSL Settings, and uncheck require SSL.

ScreenRecording

The main problem is there is no interactive way to setup archiving of the Recordings.  If Citrix could develop a utility that would make it easy to configure the managing of the recordings it would be much nicer.  As of now, the only way to manage the recordings is with the icldb utility. https://docs.citrix.com/en-us/xenapp-and-xendesktop/xenapp-6-5/xenapp65-w2k8-wrapper/ps-sa-library-wrapper-v2/ps-sa-reference-wrapper-v2.html

 

Citrix has only listed the main commands in their document.  If you would like to learn more about the commands here is a full list of the options for each command

 

ARCHIVE:

 

ICLDB ARCHIVE /RETENTION:<days> [/LISTFILES] [/MOVETO:<dir>] [/NOTE:<note>]

[/L] [/F] [/S] [/?]

 

Archive session recording files older than the retention period specified.

This will mark files in the database as archived. Physical files will not

be moved unless the /MOVETO option is specified. Archiving a large number

of files may take some time.

 

/RETENTION:<days>  The retention period for session recording files. Files

older than this will be marked as archived in the

database. Retention period must be greater than 2 days.

/LISTFILES         List the path of files as they are being marked as

archived.

/MOVETO:<dir>      Specify a destination directory to which files are to be

physically moved. If this option is omitted, files will

remain in their original location.

/NOTE:<note>       Attach a text note to the database record for each

file that is archived.

 

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

 

DORMANT:

 

ICLDB DORMANT [/DAYS:<days> | /HOURS:<hours> | /MINUTES:<minutes>]

[/LISTFILES] [/L] [/F] [/S] [/?]

 

Display or count the session recording files that are deemed as dormant.

Dormant files are session recordings that never completed due to data loss.

The search for dormant files can be made across the whole database or only

recordings made within the specified last number of days, hours, or minutes.

 

/DAYS:<days>       Limit the range of the dormant file search to the last

number of days specified.

/HOURS:<hours>     Limit the range of the dormant file search to the last

number of hours specified.

/MINUTES:<minutes> Limit the range of the dormant file search to the last

number of minutes specified.

/LISTFILES         List the file identifier for each dormant file found.

If this is omitted, only the count of dormant files will

be displayed.

 

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

 

 

IMPORT:

 

ICLDB IMPORT [/LISTFILES] [/RECURSIVE] [/L] [/F] [/S] [/?]

[<file> …] [<directory> …]

 

Import session recording files into the database. The metadata contained

within each file will be read and database records created. Once a file is

imported, the file must not be moved or deleted.

 

/LISTFILES         List the files before importing.

/RECURSIVE         For directories specified, recursively search for files

in all sub-directories.

<file>             Name of file to import (wildcards permitted).

<directory>        Name of directory to search for files to import. Files

must have an .ICL extension. Sub-directories will be

searched if the /RECURSIVE switch is specified.

 

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

 

 

LOCATE:

 

ICLDB LOCATE /FILEID:<id> [/L] [/F] [/S] [/?]

 

Locate and display the full path to a session recording file given a file

identifier.

 

/FILEID:<id>   Session recording file identifier or file name to search

for. This may be specified in either of the following two

formats:

 

xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

(example: 545e8304-cdf1-404d-8ca9-001797ab8090)

 

-or-

 

i_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.icl

(example: i_545e8304-cdf1-404d-8ca9-001797ab8090.icl)

 

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

 

REMOVE:

 

ICLDB REMOVE /RETENTION:<days> [/LISTFILES] [/DELETEFILES]

[/L] [/F] [/S] [/?]

 

Remove references to session recording files older than the retention

period specified. This will only remove records from the database, unless

the /DELETEFILES option is specified.

 

/RETENTION:<days>  The retention period for session recording files.

Database records older than this will be removed.

Retention period must be greater than 2 days.

/LISTFILES         List the path of files as their database record is

being removed.

/DELETEFILES       Specify that the associated physical file is to be

deleted from disk.

 

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

 

REMOVEALL:

 

ICLDB REMOVEALL [/L] [/F] [/S] [/?]

 

Removes all records from the Session Recording Database and returns the database

back to its original state. This command however, does not remove physical

session recording files from disk. On large databases this command may

take some time to complete.

 

Use this command with caution as removal of database records can only be

reversed by restoring from backup.

 

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

 

VERSION:

 

ICLDB VERSION [/L] [/F] [/S] [/?]

 

Display the Session Recording Database schema version in the format

<major>.<minor>.<build>.<patch>.

 

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

 

Citrix messes with SQL Always On

XenDesktop 7.9 FMA has issues with SQL Always On….

Databases has been a source of controversy since Citrix released XenDesktop.  With the merger of XenApp and XenDesktop the main solution for database availability is SQL Always On.  With SQL Always On you have the benefit of a cluster for OS and SQL protection while still having the benefits of the standalone SQL Server.  I have deployed XD 7.x countless times using these technologies for many customers and have never had an issue with SQL Always On and Citrix technologies until 7.9

Using SQL Always On, I have been able to fail my SQL server, configure and manage my XD environment without issues.  I have recently discovered with 7.9 you are unable to extend the environment while utilizing SQL Always On.  The symptoms are simple:

  • Add a new Delivery Controller to an existing XD/XA 7.9 deployment utilizing SQL Always on
  • Receive an innocuous error, stating unable to connect to the SQL server
  • Datastore is now corrupt

The error received, with unable to connect to the SQL server, shows an error of unable to connect to a SQL Server…..  when you read the error, it is trying to connect to a SQL server directly in your Always On cluster.   The error details state it is unable to update the security in the database.  This is to be expected since the individual node it is trying to connect to is a secondary node in the Always On cluster.  Weird…..

Run the connect to a site wizard again, and it will give an error stating that the database cannot be updated again, this time showing the correct Always On name.

What has happened is the Datastore is now corrupt.  The tables housing the information regarding your Delivery Controllers is the only part effected.    The following screen shot is shows the Controller node of Citrix Studio:

screensql

Once this has occurred, all aspects of XD/XA continue to work, however you will be unable to get information regarding your delivery controllers.  To resolve this issue, you will need to clear out the database regarding any information of the new controller that was added.

Citrix has this handy article (https://support.citrix.com/article/CTX139505/) to remove Delivery Controllers manually.  The simple explanation is:

  • Open powershell and run Get-BrokerController
  • Make note of the SID of the offending Delivery Controller
  • Run the script provided in the article on a delivery controller.
    • Populate the $DBName with your Site Database name
    • Populate the $EvictedSID with the offending Deliver Controller SID
  • This script will create a SQL script the will need to be run against the Datastore

The way to avoid all this hassle is to simply remove your XD/XA DB’s from the SQL Always On group.  Leave the DB’s on the primary server and extend your delivery controllers.  After you have extended your site, put the DB’s back in the Always On Availability Group

I have submitted detailed information and logs to Citrix Technical Support and am working with them toward a permanent resolution- Stay Tuned!

Keeping it Real in Tech: Marketing vs MarkT-ing

Just got back from Citrix Synergy 2014 happy, inspired and exhausted! It was a great week of learning, collaboration,  conversations, and great times with friends and colleagues from around the world. It was an overload of ideas and input, but one things stands out above all else- The character and heart of Citrix President and CEO Mark Templeton.

After a short leave of absence, this was Mark’s highly anticipated return to deliver the keynote at Synergy 2104 before his announced retirement within this next year. It is hard to describe the effect that MarkT (this is what we all call him) has on people. At first I thought it was just me as my career has directly paralleled Citrix and Mark’s leadership and I am deeply grateful for that. However, I spoke with countless attendees after the keynote about this and absolutely everyone said the same thing- that they are moved and inspired by Mark in a very special way. I heard this same sentiment across the board, everyone from first time attendees to old timers, Geeks, sales people, partners, etc. Feeling  this very strongly myself, and hearing it echoed over and over again throughout the week I set my mind to figure out exactly what was going on here. After much deliberation, here is my conclusion:

Some people are very skilled at speaking, at presenting a message in a clear and impactful way. Some people have great skills at persuasion or inspiration- they can get you excited in what they say and how they say it. Some people understand the technology behind products, or the business value, the use case, etc. When you listen you can be impressed or motivated to act. Mark is not any of those, he is something so much more…

MarkT has a heart the size of an ocean liner. You can’t help but be genuinely brought in, not from the hypnotic sound of a practiced speaker, but from the genuineness of a person who loves that they do and means what they say. He wants to share the exciting developments at Citrix because of what they can bring to YOU, how they can help YOU- he cares about others and is happy and honored to be able to share it.

In the end, it is about integrity, honesty and heart-felt sincerity that excites people. It cuts away the hype, pretense, agendas and spin and replaces it with genuine beliefs. When you experience the real thing, you just know it, everyone feels it and this year’s Synergy Keynote was the prime example. Next to this, the standard marketing/spin/positioning looks like a thin veil of charlantism. The “secret” is a sincere desire to make the world a better place, and, to lift up those around us in the process.

The Tech World, the Business World, and, the Whole World for that matter, will be a much better place if we can learn from his example and actively reach out to replace all this superficial (i.e. self-serving) Marketing, to make it Real, to question our own values and re-align them so that they truly can help others.

I hereby pronounce the End of Marketing and usher in a new era of Sincerity and ‘Keeping it Real” called the Age of MarkT-ing

 

Thanks for everything Mark, now it is our turn to carry this forward….

steveg-markt

The Impending IT Crisis (and what do about it!)

In our consulting group we spend a lot of time discussing, dissecting and analyzing each project we do. This leads to long debates around what ultimately are the best practices in everything from app virtualization, to VDI vs SBC, to storage, networking, hypervisor and ‘physical versus virtual’. While this is personally and professionally very satisfying it pretty much means that we don’t do any “cookie cutter” solutions. Each new project gets the benefit of lessons learned and is uniquely tailored and shaped to be ideal for that particular client environment.

Over time, however, this process has been rapidly increasing in turn over time. It used to be measured in a few years and there was a relatively small set of technologies to master and keep up on. Then it accelerated to about a year or so, but with an order of magnitude more details to learn and integrate. Now, it seems to be happening in months and weeks and there is more and more complexity at each turn. There are even times when it seems that important elements of solutions are evolving and changing within a just matter of days! Oh, and once you figure it out, new version of the products get released and all new Best Practices are needed!

When you do this full time for a living, try really hard and have an “A” Team like we do at Thin Client Computing, we can just about keep up. However, most of our clients are not in the I.T. Business, their missions are in other important areas such as HealthCare, Education, Finance and Manufacturing. They do I.T. because it is necessary to run, support, enhance and grow their Core Mission.

In a recent group retreat, Brenda Tinius shared a concern and phrase that pretty much stopped us all in our tracks. She described with great concern was she sees as “The Impending IT Crisis”. The crisis is an inflection point in which the technology advances beyond what people can readily absorb and assimilate into their daily processes. IT Professionals are kept very busy with the day to day tasks of maintenance, repair, updates, and, responding to the daily needs of the Business and it’s Users- how can they possibly stay ahead of trends and innovate in a climate of change that is happening faster than human speeds!

One example is the fact that the technology industry has been pushing organizations to virtualize servers and desktops for years now. It is becoming generally accepted, and the stated policy of many organizations today, to virtualize every workload in their organization. Enter rapid change- that was a great idea when most of the workloads were running on legacy 32bit Operating Systems- servers had somehow sprawled out all over the data center in a mess of inefficient configurations and underutilized hardware. Hardware Virtualization, i.e. the hypervisor, emerged as a useful and effective tool. Over time it has become the central focus of so many IT initiatives, but, in the time it took to become mainstream, a lot has already changed!

Now there are well proven ways to virtualize at all layers of the stack- hardware, disk, operating system, application, user and presentation layers. Hardware virtualization is only one solution in a range of options and often strikes me at the technology equivalent of Monty Python’s classic skit “Mosquito Hunting with a Cannon

Some would say that this is whole point of Cloud Computing, you no longer have to buy, build, and maintain Information Technology yourself, you simply consume the resources you need and let the provider worry about all the details. Thats a great thing and I agree that in time this is exactly how the world will work, but, this is clearly in the future. For now, I just don’t see comprehensive offerings in which organizations can completely outsource all their needs to a Cloud Provider and have them truly met.

Just like in the days of when the mainframes and minis ruled IT, I see users wanting, needing and expecting more than IT can often deliver. Today is it common for users to have better capabilites on their personal SmartPhone/Tablet and their home computer than they have at the office! Everyday now we are hearing about departments within our client companies skirting around the internal IT department to deploy technologies they need and want themselves. Meanwhile, IT is working harder than ever to provide what they can, and, with smaller and smaller budgets. There is a real Crisis brewing here, but what can we do about it?

In short, it is time for a new Era of Innovation and I see this as fueled by a taking a fresh look at the technology landscape and being willing to let go of old assumptions  and ideas. We have to start over again in 2013, wipe the slate clean and take a fresh approach. While most people regard Cloud as hype and self serving marketing on the part of many industry players, it has taught the key to avoiding the Crisis:

Build Once and Leverage Infinitely

 

The hardware today is astoundingly powerful and software capabilities are at an all time high. Tools are readily available to create advanced systems, whether internally or externally hosted, that can deliver virtually any application to any user, device or location. There is no longer any need to hard-code the hardware to the OS, the OS the Apps, the Apps to the User or the User to a device.

The key is to rethink how to accomplish this in your own organization. Take a step back, learn what is possible, leverage what is available and flip this whole Crisis on it’s head.  I.T. can become a valuable service to the organization once again by adopting these new ideas, rising to the challenge of the Cloud by rethinking and redesigning internal systems to provide seamless and ubiquitous services to all who need them. It is time to stop doing things the old way just because they are familiar and take a bold step forward into technologies and designs that let you get ahead of the curve by creating versatile platforms and not just point solutions.

Announcing our Annual Event for 2012!

Join us for “Soar Beyond The Cloud”, Friday, February 24th 2012

For 15 years now it has been a tradition at Thin Client Computing to give back to our customers and the community through special events. Our concept is to eliminate the talking heads, sales pitches and self serving agendas and simply share real experience about what works best in practise (and what does not work so well!).

We are truly grateful that each year more people attend and tell us how valuable our events are to them. We have continued to seek out unusual and interesting venues and important/relevant topics to explore. We share real world feedback about technology implementation and best practises, and, introduce new and forward looking concepts/approaches. We also arrange the event so that the majority of time is spent in peer interactions, hands on demos and deep dive small group discussions.

This year we are pleased to take this to the next level based on an idea by our superb Technical/Business Analyst Brenda Tinius to occupy the Commemorative Air Force Museum in Mesa, Arizona.

 

Standing among these great machines, created in the Golden Age of American Innovation and Technology, we are honored to share our vision for the future. This is a future in which we are able to bring jobs back to the USA through well proven uses of Virtualization/Cloud Technologies. In 2012 we are at the point in which the technology, when properly implemented, simply works.

As a result Businesses, and organizations of all kinds, can cut costs dramatically while improving productivity, retention, lifestyle and job satisfaction and truly compete on a Global level in a whole new way.

Please come out and join us for “Soar Beyond The Cloud”, Friday, February 24th 2012 we believe you will find this an Inspiring and Educational day!

 

 

VDI- One Man’s Trash is another Man’s Treasure, or, Why Crap is King….

[Please note, thinclient.net is under renovation- some content and links are in still in progress]

I.T. Professionals and Consultants who have worked for any period of time on hosting (or virtualizing) applications and desktops are acutely aware of the unstructured data that becomes part of a user’s environment. On a standalone PC it goes pretty much unnoticed as it “blends into the woodwork” of the overall system, spreading itself across the registry, file system and user profile. However, when you virtualize applications and desktops you become faced with trying to capture and re-apply this data as users move across diverse systems. Tim Mangan identified this issue in his 2008 Briforum Session “The Data Problem” which was an early recognition of the problem and a great explanation of the sources and impacts (PS-that’s the back of my bald head in the audience). He also has a more recent article on the subject  “How to Describe Layering: the blob, cake, or 3D Tetris”.

Over many years of working with Roy Tokeshi, a leading Citrix SE,  he would refer to this set of data in his technical/business presentations as “Crap”. In an effort to validate this concept, and to be able to actually use the word “Crap” in presentations, I came up with the following acronyon:

Computer Residue of Applications and Personalization (C.R.A.P)

I was pretty proud of this one and then Ron Oglesby pointed out on Twitter that “I love your acronym. But Users are like Hoarders. Some guy’s CRAP is their meaningful “stuff’ ”  

As a result I am releasing an alternate version:

Carefully Retained Applications and Personalization (C.R.A.P)

So now we can use “Crap” in any context , positive or negative, to refer to this same set of undefined data that attaches itself to users and applications.

This a strange problem because on the one hand our inclination is to simply retain all this data and carry it across whatever environment the user wants to run in. Whenever possible we like to have the settings that a user expects automagically appear (because then people are happy and we are heroes). Yet, large portions of this data may be  irrelevant (at best) or even incompatible (at worst). This problems shows itself most acutely in mixed environments where applications are delivered across multiple operating systems, and, when using other tools such as App-V. For example, a user may have a local desktop OS (i.e. XP), a hosted VDI desktop OS (Win7) and apps or desktops hosted in Windows 2003 and 2008 R2. In these cases there will be corruptions of settings, locked sessions, broken profiles, etc. when indiscriminately mixing this data across platforms.

What is the solution? Well there is no simple answer that can be applied in all cases, but it comes down to knowing your applications and including/excluding the correct portions of the data for the target platform. The details will follow in a future entry, but for now we have identified and understand the challenge this presents….