-
Posts
776 -
Joined
-
Last visited
-
Days Won
39
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Posts posted by Jeff Riechers
-
-
What version of Workspace App is the client using? if they are on LTSR Workspace App it removes the chomium engine that Teams acceleration can utilize.
When both sessions are on Citrix they can use direct routing to each other, and not have to go through any POPs for connectivity, so you will see better performance.
-
It is better to go single socket, until you are exceeding the number of cores on a die, then go to multiple socket. This keeps memory allocation on a single die, and not use the interconnect to access memory on another controller. VMWare had a doc on this, but it was older. https://blogs.vmware.com/performance/2017/03/virtual-machine-vcpu-and-vnuma-rightsizing-rules-of-thumb.html
The benefits though are really really tiny. So unless your environment is running at 80% or higher utilization there may not be much difference.
-
1
-
-
Yea
3 minutes ago, Johannes Norz said:That's not right. If you use Source-IP mode (SIP mode), the ADC will proxy the connection, but instead of using it's SNIP, it fill "fake" the client IP. So the back-end server will "think", the packet came from the client. See here: https://docs.citrix.com/en-us/citrix-adc/current-release/networking/ip-addressing/enabling-use-source-ip-mode.html
Cheers
Johannes Norz
Yeah, saw that too. But using USIP was breaking their gateway connections so might need to do some more massaging of the config to make it happen.
-
The best I have been able to do is mount an NFS share to my /home/domainname directory to keep user data persistent.
So you could use that same technique for other drives as well I guess. Just modify your etc/fstab to a network location.
I can provide more info on my environment if that helps.
-
32 minutes ago, Johannes Norz said:
ADC, by default, is a L3 router. It will simply rout traffic, if you don't add NAT rules.
You may also use "load-balancing" to rout traffic. In case you do this, you also get some application logic. To preserve the user's IP you would need to use source IP mode.
Unfortunately they don't want the ADC to own any IPs for back end services, so presenting devices as load balancers is a no go, has to all be done with routes, ACLs and NATs.
I have tried PBR, but still can't find a way to present the "back-end" ip to the front-end communication.
-
12 hours ago, Keith Perri said:
It says this is fixed in the newly released CVAD 2012, but I just tested it in our environment and I'm still getting a gray screen on the client side when trying to launch a session. So this is still not fixed for us. Anyone else have a chance to test this in their environment? Running Server 2019 with VDA 2012 and latest Windows Updates. ADC/Netscaler is 13.0 67.39. We use ControlUp to monitor our session hosts and while the client side shows a gray screen in Workspace App, ControlUp shows (via the screenshot function) the desktop correctly loaded on the session host side.
Grey screen usually means an MTU UDP fragmentation issue. Do you see the issue with TCP connections? If not then I would recommend modifying your default.ica and reducing the mtu. See this article for more info on this. https://support.citrix.com/article/CTX231821
-
If your radius server handles ldap auth as well, then you can do 2Fa with just a radius connection. I use this often with Duo AuthProxy.
You can also use SAML to providers with multi factors that is a single connection.
The primary and secondary auth work as the MS radius connects to AD to link your username with the token code.
-
Yup, tested in my environment and it works fine.
-
I have a client that is using their adc as a layer 3 nat and acl router. Works great. They now want the adc to route certain ips to internal addresses without nating. Is this possible? So all layer 3, no virtual servers intercepting on the adc.
-
UPDATE:
Updating the video driver to the latest, then removing and reinstalling the latest workspace app fixed the black workspace app issue.
I have just run into this as well. Same issues. Same video driver.
I believe we were able to get this to work with an updated video driver. I have a client right now in this state and will let you know.
-
When you have to have multiple desktops your best bet is read-write fslogix user profiles per OS type, and then per-session Office 365 containers.
-
1
-
-
So while running the wizard the following message pops up.
Invalid value [Block must always be enabled for Post Body Limit Action]
Anyone seen this on the latest code base?
-
So this problem has reared up again. This happened on earlier builds of 13, but then was fixed. Just like the Basic Authentication policies are duplicating again in the gui. I have a demo site with credit cards and social security numbers, App firewall is logging the violation, saying it is transforming the webcode. But it doesn't. Anyone else seen this? Signatures are working and applying, just security checks are changing the data.
-
Maybe once they fix the Session Reliability on HA Failover issue then I can again test this in my lab.
-
Yeah, I re-opened my case as well. How can something like this slip through the cracks. It has been 9 months and 3 versions. Do people just not use the HDX reliability feature?
-
I finally got to respond, got this fix last week and it fixed. They are still compiling it for different versions. I tested the Windows 10 desktop and it worked.
Hopefully 2009 has the hot fix included for everything.
-
IF you are mapping network printers with WEM you need to have Universal Print Server setup on the print servers for UPD to work.
If you are connecting client mounted printers, then UPD works without inbox drivers.
-
I have been working with clients to move the Windows known folders to onedrive. That way they no longer have to provide on-premise storage for that data, it is backed up and scanned by MS. And it uses storage space that many have been paying for as part of the M365 license.
For large environments I recommend using the migration tools to upload data to onedrive, then when the client connects it will just sync their reason data, not their entire archive.
It also is helpful with the whole pandemic because laptop users like me can work with data offline, then login to Citrix and have the exact same data available. I can also open my phone, or tablet and get the same data.
-
Got an answer back from support. It's a known issue if you use 13.0 with SAML Metadata URLs. Should be fixed in the next build.
But would have been GREAT to have that published somewhere.
-
Yeah, if it crashes again hopefully I can pull those to see what I can see. Just was wondering if anyone else has been having issues.
-
Has anyone else had VPX units running out of disk space on the HA Pair with Build 13? I have had a client having this issue with Hyper-V VPX and we had to downgrade to 12.1. And in my lab where I run all the bleeding edge code for testing I have had to again rebuild my secondary VPX on vmware as it filled up so bad that I couldn't even stay connected to it to see where it was all gone.
Anyone else seen anything like this?
-
I have a case open. They keep trying to bat it back and forth between CVAD and ADC.
-
Just tested on 2006 test lab. No luck, still broken.
-
Upgrading now. Will update. EDIT: No luck, same problem with latest firmware.
2006 CVAD has the same issues as 2003.
CVAD support is kicking it over to ADC support, even though their product is the one that was updated......
C'mon Citrix. We need things like this resolved.
Citrix MCS : Independent Non persistent disk
in XenDesktop 7.x
Posted
Moving MCS non-persistent to new storage is not supported. Best to just create a new machine catalog and swing the Delivery group to that new catalog, then remove the old catalog.