Blog posts tagged with 'sepago'


16 Jul 2008 09:45 AM EDT
posted in XenApp by Gus Pinto

Not too long ago, I posted an article introducing the availability of ClearType on Citrix XenApp.

Helge Klein - one of my favorite bloggers, has taken it to the next level, he wrote a technical article explaining in great details how to configure ClearType on both XenApp 4.5 and XenApp 5.0, along with their respective requirements. Here's a snippet of his post.

With the release of the hotfixes KB946633 and PSE450R02W2K3037 ClearType font smoothing is finally available on both the current and the upcoming Citrix flagship products Presentation Server 4.5 and XenApp 5.0. Remains the question of how to configure it.

Windows has a GUI for configuring font smoothing (well hidden in the display properties). XenApp does not.

Each user of a published desktop can use the Windows GUI for configuring font smoothing. But what about the majority of XenApp users who only use published applications and do not have access to a published desktop? I do not know. Of course, the admin could set the font smoothing type in the registry for them. But even then users have no means of changing their setting.

Enter XenApp 5.0 and ICA client 11. If and when those two are at the server respectively client end of an ICA connection, the whole thing works the other way round: The ICA client reads the font smoothing type of the Windows client and transmits it to the server who then activates the client's setting for the current session. This even works across reconnects: During a reconnect from a different machine the new client's setting is read and transmitted. If it is different from the previous client's setting the font smoothing type of the session is changed on the fly.

This approach clearly has its advantages: No problems with published applications. Additionally, remote applications always have the same look as local programs.

But wait: What if the client is not a Windows client? Then we are back to the pre-XenApp days: Configuration on the server.

Configuration Overview

Just in case you got confused: The following table lists all requirements and configuration options:

Continue reading Helge's blog post here.

22 May 2008 04:51 PM EDT
posted by Gus Pinto

During Citrix Synergy, Sepago announced that the sepagoPROFILE software was sold to Citrix.

The agreement includes the complete takeover of the product, which will form the future core technology for profile management within the Citrix Delivery Center (Citrix XenDesktop, Citrix XenApp and Citrix Provisioning Server). In addition, the development division of sepago will continue development of the product for the virtualization of application provisioning in cooperation with Citrix over the next 18 months.

For more info:

Visit: Citrix.com/UPM

Download: UPM Whitepaper

Download: UPM Technology Preview

21 May 2008 11:13 AM EDT

Why coffee break?  During logon time?  Our logon time is good, no issues there, and so on.  How many of you faced this situation at customers?  We assume quite a bit.  During all the years working at XenApp projects and recently started with XenDesktop projects at several customers, everyone probably faced that logon times are not usually the best.  Users get used to it and do not complain anymore, so there is no issue, because everyone has a coffee break!
Taking the latest announcement of Citrix about the acquisition of sepago's user profile solution shows again that there are still challenges out there requiring a solution for a stable user profile environment.

Asking administrators about their biggest challenges in a centrally delivered desktop environment, they will usually respond with either "printing" or "user profiles" related to logon and logoff process.  Exactly at this point, many administrators are not familiar with the executed background processes during logon and logoff, which makes troubleshooting difficult for further optimization.

Taking this into consideration, the logon process is usually the first impression an end-user will experience logging on to a centrally delivered desktop, which can be either a XenApp server or a virtualized desktop through XenDesktop.  If this process takes too long, the user acceptance will drastically suffer and leading to the fact that people start questioning a centrally hosted desktop or application infrastructure.

How is the logon process of a user? Roughly the following happens during logon:

  1. The user launches a published application (XenApp) or published desktop (XenApp or XenDesktop)
  2. Citrix component related processes such as load balancing or assigning a virtual desktop or verification of Microsoft TSCAL (XenApp)
  3. Authentication of user at domain
  4. Copy of user profile
  5. Application of group policies
  6. Execution of other processes such as logon scripts
  7. Citrix specific processes such as mapping of client devices or printers
  8. User access published application or published desktop

You may ask now, why is the logon process not detailed more granular? The answer is pretty simple: The logon details are too complex for XenApp or XenDesktop to be listed in this blog.  A good source to get an overview of what is happening during logon and logoff is at Brian Madden's website, which provides a flow diagram that can easily fill out a A3 format printout.

Now, knowing what is happening roughly, how can I diagnose my logon process?

A good starting point is to leverage Microsoft's built-in tool for logging all Windows processes during logon - the "User Environment Debugging".  This is by default disabled and can be enabled by adding a registry key, which is described Microsoft's Knowledge Base article 221833.

Another good tool is the usage of Citrix EdgeSight, where administrators have the option to isolate performance related issues since EdgeSight provides a user-centric view of delivered applications and desktops.  Furthermore, administrators can also leverage tools such as Windows Performance Monitor, Windows Systinternal Regmon and Filemon or other command line tools.

However, let's have a look at typical suspects for issues and the according screws to be used.

  • Domain Controller.  This is the core of any Active Directory and the main component during the user logon process.  We could discuss this component in details filling an entire book; however want to highlight only a few relevant screws.
    • Ensure sufficient system resources
    • Properly running DNS (primary name resolution of Windows Server 2003)
    • Monitor your domain controller - especially during peak logon times

      All of the above components have an impact on the logon process, therefore, know what is happening there.

  • User Profiles & GPOs.  User profiles provide a user their "personalized" environment depending on the user profile strategy, which again has a huge impact on logon times.
    • Roaming Profiles provide maximum personalization such as nice wallpapers, saving files on the desktop (especially large files), etc., however can also get quickly out of control if not restricted by certain policies.  Therefore, it is crucial to define a user profile strategy first before starting with any optimization.
    • An ideal profile solution is a Mandatory Profile customized by an administrator that does not allow any personalization by users since it discards any changes applied during runtime.  This is a stable solution however this will probably not meet all users' expectations.
    • A hybrid solution provided by Citrix User Profile Manager, which is based on the recently acquired technology from sepago called sepagoPROFILE.  The biggest advantage of this solution is that users gain a certain degree of personalization (pre-defined by an administrator) while keeping the stability and slimness of a mandatory profile that ensures a fast logon process.  Other similar solutions are provided by partners such as AppSense, RES, and tricerat.
    • Placement of user profiles may also affect the logon process since any additional network hop, procedures to locate the file server (e.g. DNS) as well the file servers' utilization can delay logon times.  A possible improvement with mandatory profiles is storing them locally on a XenApp to avoid network copy jobs.
  • Group Policies.  Provide administrators a way to control an Active Directory-based environment.  However, they should be used carefully by reducing it to a minimum set of required group policies, because each policy needs to be processed during logon extending again the logon time.  Thereby, the amount of configured settings is more relevant than the amount of group policy objects.  In order to ensure fast logon times, consider the following:
    • Do not configure unnecessary settings
    • Disable not required settings (e.g. applying solely user specific settings does not require the processing of computer specific settings)
    • Import only required ADM files

Once group policies have been created, you should analyze these with the tool GPResult or RSoP to check for duplicate or conflicting settings.

  • Anti-Virus software.  Today, there is almost no XenApp or XenDesktop environment without Anti-Virus software.  Taking this into account, usually the default configuration is applied, which may be not appropriate and can lead to a delayed logon process.  Therefore, the following configuration settings are recommended:
    • Scan on Write only
    • Scan only local drives
    • Exclusion of .DAT files

Another performance enhancement can be achieved if an organization's security guidelines permit to scan only files with executable code.  Further details can be found in article CTX114522.

  •  Other possible areas.  Besides the above listed areas and others not covered in this blog, the following are relevant as well:
    • Mapping of client resources such as printers, local drives, audio, COM or LPT-Port - usually the user has access to its desktop once these have been mapped
    • Number of concurrent logons - the amount of executed processes create load on the Write process to the hard disk such as copying user profiles, mapping client resources etc and can be addressed with faster hard disks or a RAID-Controller with a battery backed-up Read/Write Cache.

Even if user profiles provide the impression of a less complex component of the logon process, they should be considered as part of the architectural planning of a XenApp or a XenDesktop environment since every "cool" function may also lead to a delay in logon times.  Doing so, this will ensure acceptable logon times (with no coffee breaks improving efficiency), happy users, less help desk calls because of corrupted user profiles, and cost savings.

We hope that the discussed tools and techniques give you more insights into the logon process.  Luckily, we have now a tool that we can leverage to use in order to ensure happy users.  Therefore, we can only encourage to test out the Citrix User Profile Manager!

Note:  This content was created by Thomas Berger and Tarkan Koçoglu (both from Citrix Consulting) and has been already published in the German Magazine LANline, Edition April 2008 and the Citrix Newsletter "iPunkt Edition 38, April 2008"

13 May 2008 09:50 PM EDT
posted by Gus Pinto

Helge pointed me out to his blog just recently, and you know what - he has really userful content there. He just recently blogged about a neat little app that allows you to manipulate REG_LINKs. Very useful for your XenApp environments when configuring your remote apps and streaming profiles.

Here's a snippet of hos post:

---

Recently I got into a very interesting discussion with my colleague Nicholas Dille on various aspects of Windows x64. One question he brought up was especially intriguing: Knowing about registry redirection, it is not astonishing to find that the 32-bit version of the registry key HKLM\Software\Classes (aka HKCR) gets to be HKLM\Software\Classes\Wow6432Node. But there is also HKLM\Software\Wow6432Node\Classes!? How can there be two different Wow6432Node 32-bit keys for one 64-bit key?

It soon dawned on us that one of those two Wow6432Node keys must be a registry link to the other, meaning that the 32-bit data is actually stored in only one place as common sense dictates. But which is the original and which is the link? And what is a registry link anyway?

What Are REG_LINKs?

Registry links (internal type name: REG_LINK) seem to be one of the last great mysteries of Windows NT-based operating systems although they have been around since NT4 at least. Microsoft uses them to point the CurrentControlSet registry key to one of the actual ControlSets (typically 001 or 002). A registry link essentially is a symbolic link in the registry - one registry key pointing to another. The nice thing is that this whole pointing stuff happens completely opaquely to applications: if key A points to key B, and an application tries to access key A, it will actually see the contents of key B. The concept is simple, easy and powerful.

How to Manipulate REG_LINKs

There is only one problem: There is no officially documented way to list, create or delete REG_LINKs. The registry API simply does not have any functions for manipulating them. This makes things more difficult, but not impossible. Searching the net, I quickly found the excellent tool regln which comes with full source code and compiled both as 32-bit and 64-bit binaries. The source code of regln gave me the hints I needed: the internal NT API (not too well documented and hidden in ntdll.dll) contains the functions required for REG_LINK manipulation. With that information and some further research I put together a small command line program that scans the registry for REG_LINKs and lists those found along with their target: ListRegistryLinks.exe. The tool is available both in 32-bit and 64-bit versions.

Continue at source: Helge's Blog

Download: ListRegistryLinks.exe 1.0 for Windows x86 (32-bit)
Download: ListRegistryLinks.exe 1.0 for Windows x64 (64-bit)