Guest Bloggers - BrianMadden.com
Brian Madden Logo
Your independent source for desktop virtualization, consumerization, and enterprise mobility management.
Guest Bloggers's Blog

Past Articles

Written on


 
 




Our Books


Comments

Guest wrote Windows 2003 Downgrade
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by John on March 12, 2004
We have upgraded our Windows 2000 licensing server to Windows 2003 LS and activated Windows 2003 cal's we have then downgraded our ts server to 2000 from 2003 and de-activated 2003 cal's and activated 2000 cal's, but we are now in a situation where windows 2000 cal's expire and will not re-license themselves without hacking the registry. Do you have any suggestions that may help us out. thanks..John
Guest wrote Me
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by Help on March 17, 2004
So there I was, driving down the 425 doing about 110 in my 959, when I get a 911 page from my good friend Terry. Citrix has revamped their CCEA certification and he wanted the 411 on the new tests and requirements. I did a 180 and headed back to the office to check it out.


What are you going on about,,,english please
Guest wrote Must be a foreigner...
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by an anonymous visitor on March 17, 2004
Hmmm...
425 is a US Highway (not sure of the location).
110 is MPH (vehicular speed, otherwise know as miles per hour or kilometers per hour)
959 would be a Porsche automobile.
911 page would indicate an important message.
411 would indicate the desire for "information."
This was all English, what?

Definitely 86 any thought of upgrading the cert now (or pursuing CCEA, as in my case); best to wait until 3.0 and then try to unscramble the re-certification testing nightmare at that point.

Thanks.
Guest wrote Me
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by Help on March 17, 2004
I got the 959, 911. But had a idea on a 425 (it was a Freeway). I was lost at the 411.

Yes, in not from the States. But Australia. Such a nice place.

I may wait till MFPS30 before i update to the new req for my CCEA.

Thanks
Guest wrote May not translate well
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by John Price on March 17, 2004
Sorry to my friends outside of the US borders. A lot of the references here are very US-based.

I also don't live in California, I've never driven the 425, I don't drive a Porsche 595 and I doubt my Oldsmobile will go 110 MPH. I have, however, had to do a 180 and head back to the office many times.

John
Guest wrote Me
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by Help on March 19, 2004
I have, however, had to do a 180 and head back to the office many times. John

Now your speaking my language... :P
Guest wrote Numbers
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by an anonymous visitor on March 20, 2004
Don't understand all these numbers 'cause "I DRIVE A HUPMOBILE" on route 34.
Good article John.....
Guest wrote Worthless anti-Linux rant
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by an anonymous visitor on March 22, 2004
Wow. A long article with all the "boo-words" connected to Linux and all the "yay-words" connected to Microsoft/Citrix. Combine this with a reference to the mythical, but still unnamed, Linux-to-Windows convert. I'm a longtime MS-user and specialist, but this piece leaves a bitter taste in my mouth.

Please, Brian, stick with the brilliant technological assessments and let the religous fanboys rant on other sites. We keep returning to this site for its pure technical value, not for the pro-Linux or pro-Microsoft "assessments". And this particular piece could have been posted on Microsofts own "Get the facts on Linux" site.
Guest wrote Read the by lines....
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by an anonymous visitor on March 23, 2004
Kinda interesting. After reading the articles and the "worthless anti-linux rant" comment below I then went back to the top and noticed the By-Line....

This showed me two things. 1- It seems that Brian is allowing other authoers on his site and 2- The guy who wrote the "Worthless anti-Linux rant" should leard to read the fine print (or at least the by-line).

Did anyone else but me notice that this was written by Steve Kaplan, a Citrix author that competes with Brian?

BTW, to the Worthless Anti-Linux Rant author: While I agree with some of your points, and beleive that TS is NOT some secret ace in the hole for MS (its still the *** step child in Redmond) I really think that Kaplan hits one solid point I have been pushing for a long time. linux is not ready for prime time on the desktop. The support, maintanence and up keep of linux workstations (right now) is cost prohibitive.
Guest wrote Response to 'Worthless Anti-Linux Rant' comment
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by Steve Kaplan on March 25, 2004
Your comment motivated me to call our manufacturing client in order to get permission to use their name, which they gave me. It is Maxspeed Corporation (they make Windows Terminals). I am updating the article using their name.
Guest wrote Good idea...
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by urj on March 26, 2004
... I've done this just when I installed my farm long ago :-)
Guest wrote Works
on Sun, Dec 12 2004 1:21 PM Link To This Comment
This message was originally posted by Mike on March 30, 2004
I've been using this for a long time now and the big advantage (opposite to uncheck “Enable logons to this server”) is you can still make a direct connection and it is not affected by a reboot
Guest wrote Thanks
on Sun, Dec 12 2004 1:22 PM Link To This Comment
This message was originally posted by Matthias Wessner on April 20, 2004
This hint was very usefull for me. Till now I wrote a script for the apputil command ro remove or add the server from all published apps. But this solution is much better, because I dont have to edit my script each time a new application is added.
Guest wrote Windows 2000 TS activation using Windows 2003 TS CAL license keys
on Sun, Dec 12 2004 1:22 PM Link To This Comment
This message was originally posted by Prashanth on April 29, 2004
We have a Windows 2000 Server, on which the Terminal Server has already been activated, 5 TS CALs have been activated. We are now trying to activate additional 10 TS CALs. Since we can now purchase only Windows 2003 TS CALs (Windows 2000 TS CALs are no longer orderable), we obtained the same. We called the Microsoft Activation Center and read out our license server ID, along with the TS CAL license keys (we purchased 2 retail packs of 5 TS CALs each). We also specifically informed them that although we were reading out Windows 2003 TS CAL license keys, we required them to be activated on a Windows 2000 Server. So they went ahead and gave us the activation code, but it refuses to work, and throws an error message. Please see attachment for the detailed step by step screenshots.

We then tried calling them up again and requested for another activation code, but the same problem recurs
Guest wrote Terminal Services Problem....
on Sun, Dec 12 2004 1:22 PM Link To This Comment
This message was originally posted by Will Landymore on May 11, 2004
I have a mixed environment of 2000 and 2003, with a 2000 DC. I can connect throught terminal services to all of the servers running 2000, but when I try to connect to one running 2003 it says that "the terminal server has ended the connection".
I have installed TS on the 2003 box and added my user account to the list in the remote tab, but I still can't connect.
What have I failed to do. All I want to do is remotely administer the 2003 servers like I do on the 2000 ones.
Guest wrote Terminal server, does Microsoft really like it?
on Sun, Dec 12 2004 1:22 PM Link To This Comment
This message was originally posted by Mark Dutton on June 4, 2004
This article is interesting, as are the commments following it. I work for a Microsoft and Linux support company and we primarily install and support terminal server systems as the alternative to desktop PCs. It does work well and it does make products that are not inherently multi-site, or low bandwidth work over the Internet for WAN applications. What strikes me as ludicrous is that Microsoft's own CRM 1.2 package is not supported on Terminal server. This makes me think that Microsoft does not really like terminal server. When nearly every Windows program from every vendor works perfectly on Terminal server and Windows own brand new software does not, one must question Microsoft's view on the future of Terminal server. I for one am worried.
Guest wrote Top DOG
on Sun, Dec 12 2004 1:29 PM Link To This Comment
This message was originally posted by an anonymous visitor on July 6, 2004
Guest wrote Very well said
on Sun, Dec 12 2004 1:29 PM Link To This Comment
This message was originally posted by Rick Bell on July 12, 2004
To expand on something you said about pricing and another article I read, I feel that Citrix does need to look at how to make their technology more accessible to the SMB customers. Pricing is pretty steep. I agree with the article I read somewhere that stated Citrix should have something like a Small Business Edition that provides some of the basic services (mostly app serving) to gain market penetration into the SMB market. If SMBs do opt for Citrix solutions, they generally cheap out on hardware or consulting hours due to the high licensing costs. I believe Citrix is at a crossroads and the decisions they make today, more than ever in their history, will determine their ability to stay.
Guest wrote some misunderstandings but...
on Sun, Dec 12 2004 1:29 PM Link To This Comment
This message was originally posted by Jeff Pitsch on July 12, 2004
There seem to be some misunderstandings. Whenever Citrix comes out with a new exam (220,221,222) they have never taken away the CCA if you don't upgrade. My CCA is still current even though I took the FR2 exam. New features are added and they decide to test. You are NOT required to upgrade your exam whenever a new feature release comes out. Who wasn't expecting a new CCA exam with MPS3? Why is this such a surprise? Sheesh, microsoft brings out new exams every time they upgrade the OS.

Now for the e-learning course, hear hear! Absolutely, they are a huge waste of time and money and add absolutely NO VALUE to their certifications. If they are going to require people to take them, they should give them out for free. There is NOTHING within those e-learning courses worth $100. Absolutely, positively nothing.
Guest wrote word up
on Sun, Dec 12 2004 1:29 PM Link To This Comment
This message was originally posted by an anonymous visitor on July 12, 2004
more examples of how citrix continues to shoot itself in the foot
Guest wrote Citrix will be a goner in the SMB segment any time soon
on Sun, Dec 12 2004 1:29 PM Link To This Comment
This message was originally posted by an anonymous visitor on July 12, 2004
I would expect that when Microsoft finally will release their 'Bear Paw' enhancement to core Terminal Server Citrix will, without ANY doubt, loose a lot of customers. I think this would be a good thing. Citrix needs to have some more motivation (competition) to maybe once again start delivering the goods...
If they don't I wouldn't care the less if Citrix as a company would disappear from the face of the world.
Guest wrote Mostly disagree
on Sun, Dec 12 2004 1:29 PM Link To This Comment
This message was originally posted by Andy Smith on July 12, 2004
I agree on the e-learning comment. I haven't seen much value in the courses I have (been forced to) taken. Seems like Citrix is just being greedy here.

However, I don't agree with the complaint about "changing requirements for certification." First off this isn't true: you don't lose your CCA if you don't have the 222 exam but do have the 220 exam. I don't know where you got this idea.

On one hand, you are asking Citrix to innovate and create new products with new features. To me, this is what the yearly Feature releases do. I think this is good. But you're complaining when it actually happens, in the sense that Citrix (understandably) creates a new exam for that product or feature release.

I thought your comment "Citrix has continuously made it harder for publishers and authors to write and develop products which at the end of the day will ensure Citrix gets the lion’s share of the market in which they are competing" needed more explanation. I didn't see how changing certification requirements was an example of this. Maybe you could write another editorial to explain this comment more fully?
Guest wrote Clarify
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Elias Khnaser on July 12, 2004
Guys, some of you were fast on the draw a bit. i did say in the article "...Now granted Citrix is not expiring the previous certification status but one feels like his skills are already outdated..." i know that Citrix does not retire your CCA when they release a new exam. What i am suggesting though is one exam for one track. So MF XP 1.0 has one exam. There is no need for an exam every time they update SpeedScreen in a FR. The exam should test your core knowledge of the software etc... FR only add SOME new features. Do you mean to tell FR3 warranted a test? many tests frustrate the certification candidate.

Now with MPS3.0 of course they need a new test, the product changed, they need to test your knwoledge of architectural changes etc... But when FR1 for MPS3.0 comes out there is no need for an FR test.

Microsoft does not release a new test eevrytime they release a Service pack.

One test for one the product life cycle.

Now Andy Smith asked about what i meant when i said "Citrix continuously made it harder for ......." well by puttig stumbling blocks such as the eLearning course now the candidate is required to take an e-Learning course, no one can publish anything to help you or others prepare for the eLeaning course etc...

And Andy, please don't misundertsand me i am all for the FRs they are great but i don't see a need for an exam for every FR, i am only concentrating on the exams here not how many FRs are released.
Guest wrote FR Certifications
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Simon Jackson on July 13, 2004
I think the best balance would be that if a Feature Release comes out, the exam content should be updated, but the qualification does not change.
i.e. Someone who takes the MPS 3.0 exam and becomes a CCA for MPS 3.0 has the same qualification as someone who takes the exam for MPS 3.0 FR1 (if it's released) but also becomes a CCA for MPS 3.0

That way people who become certified after the FR is released, do not have to revise content for an outdated product, yet those who took the certification early are not penalised.

I first decided to become a CCA when XP 1.0 FR3 was available. I'd been installing it on customer sites and using it regularly, however when it came time for me to take my exam, the content was based arounf XP 1.0 without any FR's! Half the questions then became ambiguous as I had to imagine XP 1.0 without the FR's in it before coming up with my answer.

Guest wrote Upgrade path!
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Antherus on July 13, 2004
I had certified as a CCEA, and then 4 mos later was informed I had to write 5 more exams to keep my certification valid. They come out with a FR, and can't cover the changes in a single upgrade exam? BS. I don't have time to go through the whole process again. Upgrade? Ok. Redo every FR? I don't think so...
Guest wrote I hate to say it, but I agree
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Ron Oglesby on July 13, 2004
I was a CCI for all of the Citrix courses back since the winframe and early MetaFrame 1.0-1.8 days. I taught the 410 advanced, RMS, etc. Even taught Beta Classes for XP and its advanced classes when they came out. Hell I was one of the "Original CCEAs", the first 50 to get the CCEA when it came out. Over the last couple of years they have cleaned out the people all of us CCI's knew at Citrix training. The people that interacted with us and built the whole training and cert program originally that every CCI I knew thought was THE BEST TRAINING AND CERT PROGRAM AROUND. Now it seems that the training department is more like a governement agency creating work for itself to justify its own existance instead of focusing on a great program. The training is updated at a rate that confuses students, requires that people take an online class, etc, etc, etc. Its the whole "Lets not focus on qulaity of our Admins, lets just make more training". Where it used to be about getting the students to really understand the product. But whatever. This is probably the reason that I have decided NOT to keep my CCI current and NOT to deal with their cert process. If they cant make it sensible I will just live on my reputation and experience.
Guest wrote Can I get an "Amen"
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Michael Burke on July 15, 2004
Elias, you are right on here, my friend. I've worked with many individuals that are trying to attain a CCA (or higher). Citrix does maintain their legacy certs/tests for qualification - 220, 221 and 222 all counted, although only one test was ever available at one time. The challenge is the "moving target". If you have a regular full-time job, then studying for a cert is always secondary, falling in behind regular job duties, family responsibilities and other commitments. They can take time to attain, and if Citrix keeps updating the test with new content for each FR that is released, it makes it that much harder to stay focused and up to date. As for the online tests, I've already made several comments on these both here and on the Citrix forums. Don't even gat me started on that one...
Guest wrote e-learning
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Keith Tarantino on July 15, 2004
You stated that Citrix wants its CCAs to be salesmen. The problem is that 95% of people are only familiar with the Presentation Server product and have no idea about Citrix's other products. I believe that including an e-learning course requirement is part of Citrix's strategy to increase awareness of other products. Without this requirement most CCAs would only be aware of the basic Presentation Server product. The required e-learning course was my first exposure to Password Manager, which I am now implementing as a result. Though, I do agree that the e-learning requirement should be removed because there is probably a better way to increase awareness of other Citrix products.
Guest wrote Now I get it- thanks to Michael Burke
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Andy Smith on July 16, 2004
You helped me understand the real issue that Elias was trying to convey - the "moving target." You start studying for the FR3 exam and by the time you're done studying for it, Citrix has taken it away and replaced it with the 3.0 exam which is completely different. Citrix could fix this easily by making all exams that qualify for CCA available through the testing centers.
Guest wrote Several Issues with Citrix right now
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Paul Mansmann on July 17, 2004
I am in the process of gettting recertified and pursuing the CCEA cert. I passed the CCA exam a couple of weeks ago and, as required, just took the e-Learning course this past week. I drove an hour into my office to take the course last Saturday evening only to discover that there was a problem in the ASP code on the Accenture web site that prevented me from creating an account. I tried this from three different computers, using three different browsers on each one. Even tried connecting to different ISPs. I called tech support and left a couple of messages. I sent e-mail requests. It was over 24 hours before I finally got a response. At that point, I was at a 4-year old's birthday party and did not have access to a computer. They informed me that they fixed the problem and told me to try it again when I could get to a PC. The problem was NOT fixed and it was three days later that they ended up creating an account for me (after numerous other e-mails) and then I guess they fixed the code on their web site. Oh, I also had problems logging on to certmanager web site to view my certification progress. I had to verify my profile information - a seemingly innocuous task. Except that it kept reporting that I needed to fill in three different fields on the web form that were already filled in. Tried retyping the info, updating, verifying, various computers and browsers, etc. More e-mails (unfortunately no tech support number for this outsourced portion of their site). When I finally got a response from someone, they said that the problem was with a field in the database and that it had been fixed. I would like to note that both tech support issues were handled by support staff in India. Had the support been timely or helpful, I would say it didn't matter. Well, except for the fact that those are more jobs that have been lost to Amercians. But I'll not rant on that for now. After all these problems, though, I was finally able to take the eLearning course Wednesday night. I understand that they are trying to get exposure for their newer product lines, but requiring $100 people who are already working to get certified and who are going to have to take an exam for Secure Access Manager or Password Manager anyway to pay that money for what essentially boils down to a 2-page marketing brochure is absolutely ludicrous. I have been a proponent of Citrix products for over 5 years since I initally started using and supporting them. I was actually looking forward to getting my CCEA a couple of weeks ago when I started working toward that end again. However, I think if they want to make their marketing course a requirement for certification, they should provide this training FREE to the people they want to go market their products. Oh, and one more note--it is more than 72 hours since I took and passed that ridiculous piece of marketing garbage, and there is still no update in my certification status. I have sent a couple more e-mails to ask how long it should take to pass the information along from Accenture to Integral7, but again have gotten no replies. What is the result of all this? In the last two weeks, I went from being someone who would recommend Citrix as a solution to probably 90% of the customers I might do business with, I have looked for alternatives that I didn't even know existed. I had never heard of New Moon (Tarantella), but am looking into it. Another thing that influenced me here is Citrix's over-reliance on M$ products. Why does IIS have to be a requirement for Secure Access Manager. Is it not possible to use an Apache back-end web server to provide the same service? Why do directory service features have to be tied to M$ AD or Novell directory services. Why can't any LDAP back end suffice? It seems like Citrix has so embedded their solutions with Microsoft technology that the total cost of licensing and use has almost priced them out of the small to medium sized business market, where they could really thrive. Now, I'll admit, maybe I've just had a bad week and am feeling a bit on the bitters about some of this stuff. But I still place the blame on Citrix for letting someone like me--who used to be a staunch advocate for their technology solutions--start looking around for friendlier alternatives. If they don't start shaping up their act, I'm sure I won't be the only free-lance "marketeer" out there recommending other solutions because of our disappointment with the direction Citrix has chosen. If they don't, they could be in serious trouble.
Guest wrote I am really impressed Scott.
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Ruthann Chiara on July 17, 2004
<no comment entered>
Guest wrote The hell with it
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Tharg on July 21, 2004
Great article - it need writing! Some interesting comments above too... Citrix definitely don't have a clue when it comes to certification. I was going to do my CCA earlier this year on FR2 (I'd done the course in November). Then I found out that I had to do the FR3 exam. AND an elearning course.Now things change again.

The hell with it - I've now decided against doing CCA.

Guest wrote Great article --
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Ashe on July 21, 2004
It was high time someone wrote about this to Citrix. Its a great product but these constant changes put a damper on a person trying to promote this product further.
Guest wrote Push Citrix!!!!!
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Cornelio N. Framil, Jr., MCSE, CCEA, A+ on July 22, 2004
Hello,

The document are very well said and I do agree on the author for the certification overhaul. I've been supporting Citrix for the past four years and we are the number one reseller in the Philippines. I am the first and only known to hold CCEA in the Philippines and I am really upset the way Citrix update their Certification. A lot of our customers are confused on what exams to take specifically on the CCA requirement. Thanks. e-mail me at: cframil@yahoo.com
Guest wrote Which Is Why CCA Is Where I Stop . . .
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Jonathan Merrill, CCA, NET+, MCP on July 24, 2004
When I found out about the requirement of the eLearning course, I wrote Citrix to complain as I found it the most ridicious thing I have ever heard. Trying to cost justify the eLearning center using certification candidates smacks of corporate revenue generation on the backs of those who support them the most. At the very least, did they offer a discount to already certified people? Nope. After I took the training, I felt it more marketing driven than technical driven. I didn't learn much - and their feedback form said exactly that. Marketing demos shouldn't cost $125.

Citrix definately needs to do some soul searching here as competion is on the rise. Bear Paw and Tarantella . . . and if you guys haven't played with Tarantella yet, your missing out on a more competetive solution . . .

Lastly, as a 10 year IT professional, reasons cited by others are exactly why I stop at CCA and MCP. There is so little incentive to take the time now to keep the certs that I personally value. What do these companies actual do for CCAs other than send us a certificate? I question the value.

My 2 cents.
Guest wrote Citrix Education is undermining Citrix Education Sales and Certification
on Sun, Dec 12 2004 1:30 PM Link To This Comment
This message was originally posted by Steve Rae on July 28, 2004
Here is a letter I wrote to Citrix Education on 7/26/2004.
I was told that these things are under consideration.

Citrix Education:

Please be encouraged.

Some of these ideas will be contrary to the thoughts and paradigms of Citrix Education strategies. However, they must be considered.

Please consider the CCI’s perspective from the customer’s point of view. We are your ears and eyes in front of the customer.

Citrix Education must continually re-examine her strategies and poll the CCI’s and the CALC's for a reality check.


Please do not simply dictate to us as has been the pattern of the past. This is not the way to treat your partners. Blind spots can be revealed by an open dialogue with CCI’s and CALC’s.


Please do not hold on to paradigms and philosophies at the sacrifice of student instructor lead training enrollment and student certification pursuit.

The goal is more students in more classes and more students pursuing certification. This translates into more revenues for Citrix Education, CALCs and CCIs.

Citrix product sales have been growing steadily and Citrix Education revenues decline or remain flat. This can be tracked back to the certification and test changes this past year which are hurting education growth.


Please do not think because you have made certification requirements of the Citrix resellers that this will increase educational sales. They are your minor secondary market from a pure numbers potential perspective. There are 30 times more companies using Citrix than there are Citrix resellers – my estimate. The end user customers are your primary market target.


I wanted to review some of my suggestions that we discussed this past Thursday.

Given: From a CCI’s perspective: Less students are attending Citrix classes and less students going for Citrix certification: Please correct me if I am wrong.

Citrix product sales have been going up these past 3 years.
Citrix Educational sales and certification pursuit have been flat and declining.

Assuming this is true – it would be desirable to make some changes in the marketing strategy at Citrix Education.


1) If it is important enough to be on the test – it is important enough to be in the course material.

The tests are way to hard and are a great deterrent and discourages students from wanting to be certified.

DO NOT ask questions that are not covered by the course itself. You have lowered the test passing to being in the 60’s in some cases because of the difficulty of the tests. You want to encourage the students and not discourage the students. You are killing the certifications interest because of the complexity of the tests. The word on the street is that Citrix tests are to hard.

2) You never get a second chance at a first impression.

The 1222BB is your cash cow. This should be your best course. It should be updated most frequently! This course content is terribly obsolete. It does not flow well and is plagued with errors and bad questions in the back of each chapter. The terminology is all old Citrix terminology. The NFUSE and client ICA information is all obsolete. Some of the FR3 information in the elearning content contradicts the information in the FR2 instructor lead training. As an instructor – I mask many of the deficiencies as I teach but I should not have to do this. Sadly enough this is the first course all students take. All Citrix technical certifications require this course. Many students dismiss certification pursuits altogether once sitting in this course due to the lack of quality and excellence in the written course. Some students will not return for any other courses after seeing the course material in 1222BB. The students come to class for instructor lead training. They are often very disappointed to know that they have to take elearning to get FR3 material. Blended courses is a giant mistake.

The 1222BB will continue to be your best selling course through 2004 and will be selling well through 2005. This course needs serious updating and this should be your educational priority because it is the first course people take and the most popular course.

3) KISS – Let us simplify the CCA certification to help students get on board. May we remove the obstacles.

The only students I see pursuing certification are the Citrix resellers. This is because they have to. This represents 1/30th of the market potential.

Lets make the CCA 1 course and 1 test to get the certification process in motion. Students are often disappointed to know that they have to take 3 tests for an entry level CCA. (1 Prometric test and 2 elearning assessment tests.) The barrier for entry level certification is now to high and therefore the students are discouraged from going for the certification. It is out of reach because the justification for the work involved is not there. KISS

4) KISS – the Citrix educational tri-fold is unreasonably way to complex.

The CCA certification is way to complex. The CCEA certification is way to complex. The New Horizon sales people don’t understand it because of the complexity. Sales people sell what they know. They will not sell what they do not know. You must simplify certification or it will continue to decline.

5) Listen to your CCIs and CALCs.

When was the last time you polled CCI’s? What ever happened to the CCI council? Why are you making marketing decisions without our help?

Your decisions this past year have hurt all of us!! There is less demand for Citrix courses and less people going for Citrix certifications then I have ever witnessed.

Citrix certifications used to be in the “CERTCITIES” most valuable certifications list. The Citrix certifications are now nowhere to be found in the press. This is due to the fact that no one is pursuing them except the resellers. This is sad because Citrix Education has great potential. From my perspective – Citrix Education is self destructing.

If you cannot sell the CALC sales people and CCI’s on an idea – it will not sell...period. PLEASE LISTEN TO US!

The CALCs and CCIs warned Citrix against the program changes. Citrix Education ignored the complaints. I personally have seen the Citrix Educational demand diminishing. When will Citrix Education listen to the CALCs and the CCIs? We are on the front lines and have a good idea on what will sell and what will not. We are your ears and eyes. We are your partners and friends. Please value us and respect us. Do not dictate to us!

7) Elearning and blended courses are hurting certification pursuit demand and CALC class enrollment.

Elearning is very boring. If you do not believe me – you sit for 3 hours in front of a computer screen taking a course. Most people do not desire this. Elearning is good for conceptual information but does not replace hands on instructor lead courses. Offer elearning separate from certification. Sell this on the internet but not as a requirement for certification.

>>>Citrix Education said they would be reviewing this feedback.<<<<<
Guest wrote No Title
on Sun, Dec 12 2004 1:31 PM Link To This Comment
This message was originally posted by an anonymous visitor on August 20, 2004
very well written and gets to the seat of the matter
Guest wrote Windows 2003 TS CALs and Windows 2000 Terminal Services
on Sun, Dec 12 2004 1:31 PM Link To This Comment
This message was originally posted by Citrix Dealer on August 25, 2004
We are doing a project now, with Windows 2000 Terminal Services Licensing. We ordered Windows 2003 TS CALs, per user type. We have been told by Microsoft that the Clearing House will issue us 100 Windows 2000 TS CALs (per device only, of course) to use for the project, because we are licensed for W2K3 TS CALs with downgrade rights. So, hope this works for us.
Guest wrote Performance Exams Just As Nebulous
on Sun, Dec 12 2004 1:31 PM Link To This Comment
This message was originally posted by Jonathan Merrill on August 31, 2004
Not sure why everyone loves the idea of performance exams versus the standard academic-style of exam, especially since Citrix is trying to increase their certification numbers. I for one feel that performance exams may help those who are right-brained (visual learning & rememberance), but for those who are left-brained (reading & comprehension), the test will be cumbersome and more failures are likely.

And what exactly is the CCA certification trying to achieve anyways?

"CCAs are skilled industry professionals that have demonstrated basic administrator-level expertise on Citrix MetaFrame Presentation Server, with a general understanding of the other products in the Citrix MetaFrame Access Suite"

My issue with the current state of exams is Citrix really is pushing the definition of "basic administrator-level expertise". Intentionally throwing in registry edits, resource allocation (XPe), and more advanced topics like Citrix Secure Gateway configurations doesn't lend to the idea that CCA is indeed a basic-level certification.

I personally feel making the test harder and harder somehow benefits the overall CCA community, with the spectre of performance-based exams one day, doesn't achieve the goals which are outlined and will inevitably turn new IT people away from Citrix.

Citrix should step very carefully in how it presents itself in lieu of competition and Bear Paw. Now is not the time to rock the boat!

Jonathan Merrill
MCP, CCA, NET+
www.gomerrill.com
Guest wrote Who in the hell does Microsoft think they are?
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by Angry, Disgusted, Furious on September 16, 2004
The arrogance of those ^*&)(s to have us do all this extra crap and research JUST TO BE THEIR DAMNED POLICE!

I have spent more time researching all of this crap than working on the server.

So angry, I am going to refrain from saying anything else. I am sure everyone feels the same way. Who do these jerks think they are and where do they get off taking up admins times for all of this crap.

Oh, the best part is that none of this hurts the hackers. Oh no, actually, their life is easier because they bypass all the crap.

I hope MS crashes and burns and crashes and burns and they all go straight to the bottom of a deep well where it's cold and damp and they have to listen to the stupid startup sound OVER AND OVER AND OVER AGAIN all next to each other cramped up.

Then when they have had enough and donate their filthy money to the poor, we can sell them licenses to get out of the well. But after they pay us, we will say that they bought a license to get out of the well on Wednesday, which was yesterday and then when they want to get out today, we tell them to please hold.

We will then ask them for their registration key, but they will say they can't read it because it's too dark in the well. So we will sell them a flashlight. When they go to turn it on, they will see it has no batteries, we will then sell them batteries. The batteries will expire unless they read us their registration code.

Screw this, Linux, here I come baby. I am so ready and we will make the whole damn office use Firefox and Star/Open Office. Microsoft can go to the well.
Guest wrote No Title
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by an anonymous visitor on September 20, 2004
I think than the solution with the best TCO is Terminal Services with or without Citrix and PXES -http://pxes.sf.net-, an open source solution with network boot and support of ICA and RDP client.
Guest wrote Don&#39;t forget LogonTime
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by agressiv on September 17, 2004
Don't forget to create the LogonTime Column. I'm assuming its another smalldatetime. I might come up with another version of this where you can get some more data out of it - but this gets me going :)

Thanks -

agressiv
Guest wrote Nice Job
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by an anonymous visitor on September 20, 2004
Thank you!
Guest wrote Corrections
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by Ravi Pannem on September 20, 2004
SQL Server Version is 2000 not SQL2003
Like agressiv suggested, LogonTime Column (smalldatetime-data type)should be created when creating the database table.
Guest wrote MFCOM for MPS3.0
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by an anonymous visitor on September 28, 2004
are citrix going to release an SDK for MPS3.0, or will the existing versions work.
Guest wrote Nice job
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by Ctna on September 30, 2004
Despite I had to see that logontime wasn't in your first text this script / solution is quite nice. Thanks
Guest wrote Great Job!
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by French Reader on October 4, 2004
Guest wrote Sweet!
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by Gabe Knuth on October 4, 2004
Thanks Jeroen!
Guest wrote Learn something new everyday
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by an anonymous visitor on October 5, 2004
Brian. If this is the type of stuff you teach in your training class I can't wait to attend! I'm sure Citrix will add this feature but never admit you gave them the idea. That's OK, we all know where to check for some answers.
Guest wrote Have you tried this?
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by Jeppe on October 6, 2004
CTX104926 - Data Collector resolves Load Balance requests to a Single Server
Resolution
Citrix has added a time-out that can be set through the registry to stop this issue from occurring. If the server is not responding to a ticket request, the data collector is notified and updates the server load to maximum. The fix prevents any new ticket requests to that server. The unresponsive server is notified to stop its own IMA service. This prevents an unresponsive least loaded server from causing a farm to become unresponsive.
The fix is contained in the following hotfixes:
• For servers running MetaFrame Presentation Server 3.0 and Windows Server 2000, install Hotfix MPSE300W2K013 on all servers in the farm
• For servers running MetaFrame XP 1.0 Feature Release 3 and Windows Server 2000, install Hotfix XE103W2K125 on all servers in the farm
• For servers running MetaFrame XP 1.0 Feature Release 3 and Windows Server 2003, install Hotfix XE103W2K3029 on all servers in the farm
Guest wrote I forgot...
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by Jeppe on October 6, 2004
If the Citrix solution works, it's still a great job, Jeroen... ;-)
Guest wrote Thanks..
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by Jeroen on October 6, 2004
Thanx all, but Daniel Nikolic & Dennis Damen deserve most of the credits here, they invested alot of time in developing and testing the DADE Power Tools.

Guest wrote About CTX104926
on Sun, Dec 12 2004 1:50 PM Link To This Comment
This message was originally posted by Jeroen on October 6, 2004
About CTX 104926, it looks really promising but does not prevent a server from being overloaded or the Black Hole Effect from happening. The fix does not throttle the logons.

The fix prevents IMA sending new sessions to an already overloaded and unresponsive server, which makes this a really essential fix, whatever circumstances. Just like a CPU "Circuit Breaker" load evaluator it does help prevent a server sucking in new sessions until an administrator manually intervenes.

The problem with the black hole effect is that is can easily happen with a overloaded but still responsive server, since load management works only with active sessions and does not account for disconnected sessions.
Guest wrote 2003 Server
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Jeff on October 21, 2004
Does this solution work on 2003 servers?
Guest wrote yes
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous visitor on October 21, 2004
Guest wrote Secure Gateway does not control traffic encryption after it strips SSL...
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by ALEX on October 31, 2004
"Secure Gateway server is responsible for encrypting the traffic between the Citrix server farm and the client" statement is inaccurate. Being reverse proxy, Secure Gateway does not control traffic encryption after it strips SSL encapsulation and passes ICA traffic to the farm. After CSG (between CSG and MetaFrame farm) ICA encryption will depend on ICA-native settings (128-bit encryption is usually recommended).
Guest wrote I think the article is right
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Brian Madden on October 31, 2004
I think when Mike says Secure Gateway encrypts the traffic between the Citrix farm and the client, he is correct, because he's talking about when Secure Gateway is doing in general. This is why he said "Citrix farm" instead of "Citrix server," so I don't read it like you do. Of course you are correct in that the traffic is only encrypted between the client and the gateway, but I think that's what he was saying.
Guest wrote I think the article is 99.5% right while .5% requires refinement
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by ALEX on October 31, 2004
Brian, I do not doubt that Mike knows the subject matter. My comment was emphasizing the fact that secure Gateway is responsible for SSL “envelope” of ICA traffic between the client and CSG, however ICA traffic itself is established between the client and Citrix farm. Thus only Citrix farm (which CSG is not a part of) and the ICA client are maintaining ICA encryption (passing through CSG) at the time when SSL encryption is controlled between the two parties -- the client (the same ICA-client exe) and CSG.
Guest wrote Stop Crying
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 1, 2004
OK..We get your point Alex. Nuff Said
Guest wrote No Title
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 1, 2004
I like this article, it is focused, well-written, and techinically accurate. Mike great job! Thank you.
Guest wrote Thanks, anonymous visitor.
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Alex on November 1, 2004
;)
Guest wrote Question
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 1, 2004
I've tried to push virtualization in my environment, but every time I do, someone says "But how do you know that if you test Application X on a Virtual PC that it will run the same on a REAL PC?" I've had a hard enough time convincing them to let me test workstation applications on a virtual PC. Any suggestions on how to help convince them to let me set up a whole virtual Citrix farm?
Guest wrote Answer
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 1, 2004
Attend a free VM seminar. They have the answer down to a science. Use the info in Doc#:267 my advantages listed. BTW, looking forward to more posts on designing Citrix farms on VM ESX.
Guest wrote Running on virtual PC
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Joe Deller on November 2, 2004
Introducing virtualistation is often an uphill struggle. Try explaining to people that the VM platform is just a hardware platform like a Dell, IBM or HP box. You could argue that just because an app runs on a Dell, you've got no guarantee it runs on an IBM - occasionally this might even be true for one reason or another (not to single out IBM). The arguments the doubters will put up against you can are the same ones you can apply to running a VM vs a "real" PC. Lots of people are running Citrix farms under VMware, including Citrix :-) However as mentioned, VMware themselves are well versed in helping out with this problem.

I've just come back from the VMWorld conference, which was pretty amazing, but one clear message was that vendors /developers should expect their applications to be running under VMs as the norm, not the exception.
Guest wrote BT
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 4, 2004
Lots of good information here and features that we could put to good use in our company.

Where can I get more details about smart or trusted clients... At the moment we have some comercially sensitvive applications that we would tie down so that users can logon only from certain PC's/Laptops designated by our CITRIX Administrators. Am I correct in saying that "smart or trusted clients" is what will help us achieve something like this?
Guest wrote RE: BT
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Jeff Pitsch on November 4, 2004
You are correct. They did a 'demo' of what this will be like at iForum with trusted clients. Based on certain factors, you will be able to display or hide icons based on your factors. I did not get the feeling that this would be part of MPS4 though, it felt more like a 'this is the future' type of thing.
Guest wrote No Subject
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 4, 2004
wow this new version looks and sounds very promising. Looking forward to it.
Guest wrote Speaking of hiding
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by JSekel on November 4, 2004
Will the ability to hide certain icons be built in? This is a great feature that really should be part of the WI anyways.
Guest wrote Load Balancing
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by JSekel on November 4, 2004
Am I correct in assuming that the load balancing portion is only covering the configuration portion of the process. I would think that NLB or another technique will still be needed to get the users to differnet pages.
Guest wrote Hidden Apps, LB and RADIUS
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Thomas Kötzing on November 5, 2004
“Will the ability to hide certain icons be built in? This is a great feature
that really should be part of the WI anyways.”
No the ability will NOT be integrated with Web Interface 4.0 and it will never
be done by the WI.
All the custom scripts like “Hidden Application” or “bypass SecureID” that you
can find on my website will NOT be “built in” with Web Interface.

Why not? If you hide a file on your Server doesn’t mean a User can’t access the
file anymore. The same applies to hiding a Publish Application or Folder.
IP Addresses can be faked and hackers can suddenly bypass the 2-factor authentication.
This is the last thing Citrix wants. In the future they will integrate such
options with their vision of “smart clients”. The Application will than be
disabled and hidden for the specific User on demand and on a Farm level and
there is no way to access the Application for that User to that time. It’s all
about security.


“Am I correct in assuming that the load balancing portion is only covering the
configuration portion of the process”
Yes, you are right. This has nothing to do with NLB, it’s just a LB of the
configuration.


Additional Note:
When working with a technical preview you never know what will be changed to
the final version. I also know, that the Citrix developer are still working
hard on the WI code, especially to get the “Session Reliability” in place
and fixing all the bugs I found in the TP ;-)
Also at some point you can only guess, since there is no information about a
new feature but later on you get the information. Same applies to the RADIUS
part.

RADIUS Support
With RADIUS Citrix is extending the 2-factor authentication (RSA, SafeWord) to
the UNIX version of Web Interface 4.0. To achieve this, the JSP version of WI
will use RADIUS to communicate with the RSA or SafeWord servers and both can be
configured to present themselves as RADIUS servers. Only for the JSP sites, the
administrator will be able to list RADIUS servers and ports, load balance them,
etc.
Guest wrote Answer: When will Smart Clients be Available
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Brian Madden on November 5, 2004
Based on the information Citrix provided at iForum, this functionality will be available in the Access Suite v4 release of the products. However, it will require MSAM in addition to Presentation Server.
Guest wrote RE: But will this crap work???
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by xs4citrix on November 5, 2004
In the official citrix forum we see a lot of people struggeling with the new software and features.
When starting with AND mps3 AND msam AND csg AND wi at the same time, then yes things get very complex. The time of Metaframe 1.8 and a simple PN client are long gone. Without training and/or extensive testing you are in for a treat.
(though i must say that the citrix technical documentation has always been very good to me. Big, but good.)

And i can tell you, that things will not get better with newer versions and more products.
I grew up with the simple MF stuff, but also have a hard time keeping up with all the new stuff. Time for me to accept that i can no longer be good at "citrix" but only specific sections of the citrix software.
Guest wrote Re: But will this crap work ??
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by CMan on November 8, 2004
I can only assume you have an IQ less than 10. As XS says, the documentation is actually pretty good if you have even the slightest clue about what you are trying to achieve. It's probably best all round if your customer gave up, cos if he's got you to rely on then he probably had little chance of success. Go back to stacking shelves at your local Superstore, there is less pressure and you'll probably have a better chace of career development, who knows....in 10 years time you might even make 'checkout attendant'.
Guest wrote Re: Re: But will this crap work ?? by CMan
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Leo van der Mee on November 8, 2004
Based on what do you say that the documentation is actually pretty good? If you ever did something advanced like multiple web interfaces, connecting with more than 10 Farms, smartcard and otp security or even things like application hiding and so on that you know the the documentation is insufficient. It only describes the standard stuff. The under the hood details are not provided. There is no deep down security information. There is no overal design information. How are user credentials stored on the Web Server? How to deal with connecting to non-standard listener ports. How to do an unattended installation of WI/CSG or STA? You have to gather bits and peaces from her and there and lots of things you have to figure out and solve yourself. After the past months I collected 30+ different PDF's and even more CTX articles, with often outdated information. Often you have to go through the code and even the SDK to solve the problem.

Websites like those of Thomas are getting great attention for providing us with the information in a comprehensive way thats lacking. Something Citrix should have done itself.

So keep it shut until you are properly informed before you insult someone. You probably never did anything but standard install. One box WI/CSG solution with 15 users.
Guest wrote Great work!
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Leo van der Mee on November 8, 2004
Sorry I forgot Thomas. Great job! Keep up the good work! Guys like you save us all a great deal of time/work. -> http://www.citrix4ge.de/
Guest wrote Re: Re: But will this crap work ?? by CMan
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Goldrush on November 8, 2004
@Leo, why should they provide you with information like that? It's their intelectual property.
Guest wrote intelectual property
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Leo van der Mee on November 8, 2004
@Goldrush
Is has nothing to do with intelectual properties. The information is there but its scathered over 100+ sources. I can email you my collection of pdf's and knowledgebase articles that I assembled to answer all the technical questions I had. There is very little 'under the hood' information in the Administrator guides.

This is not solely a Citrix problem. Microsoft has the same problem with Terminal Server documentation. Part of our job seems to be being able to to scavenge through the knowledge bases efficiently. And we all know how great the seach engine from the Citrix knowledge base is...

From a product I want complete and explicit documentation. What it can do and what it can't do.

Just to give you one example: WI2.x supports 16 farms, WI3 supports 512 farms (you can only find this information by studying the webinterface.conf table in the admin guide of WI3). However, the WI customization guide states that Citrix does not recommend connecting with more that 10 farms! duh...

This is just one example of many that I can give you.

The Citrix documentation looks fancy, nice layout, but its incomplete for large and complex implementations.
Guest wrote RE: intelectual property
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by xs4citrix on November 8, 2004
I have no vision of what the average login customer set's up as an environment.
I dare to say that with the citrix documentation, you can cover 90% of the setups, which are faily default. The other 10% will require additional tuning which is not covered by the manuals, and are indeed scavanged over the knowledgebase in a non easy retreivable form. Keep in mind that when you are always in that 10%, as the juniors do the default installations, then of course it will never be to your standards. During iforum we talked a lot to the citrix guys, and came to the conclusion that after the programmers are done, only 1 guy has all the WI/CSG hardcore knowledge in mind, that you are looking for. Untill they get a few more cracks like this guy, the situation is not likely to change.
Guest wrote xs, are you referencing...
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Brad Guss on November 8, 2004
Jay Tomlin? IMO, he is the brightest engineer Citrix has..

Guest wrote Re: Re: But will this crap work ?? by CMan
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by CMan on November 9, 2004
Leo, I take your point, but I have done plenty of customisation projects dating back to Nfuse 1.0 and Columbia with projects in excess of 10000 users. I just get really fed up when people start mouthing off about this stuff, as Citrix is no different to any other vendor out there. If you know what you are doing, as you obviously do, you will find the information you need and implement a good solution. If you have no clue, your customer will get frustrated at your inability to deliver, and ditch a technology which in all probability would have saved them time and money. These Forums sould be used for constructive criticism, not the kind of rubbish spouted by this obvious idiot.
Guest wrote Re: Re: But will this crap work ?? by CMan
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by CMan on November 9, 2004
Looking at the feedback here, we should campaign for an 'Advanced Concepts Guide' which encapsulated all of the key integration areas for SG, WI, MSAM and related technologies. There is bound to be enough knowledge collateral withing Citrix to provide this. Lets be more positive instea of rippign eachother apart :-)
Guest wrote Leo&#39;s new book.... :-)
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by CMan on November 9, 2004
And finally, this sounds like an ideal opportunity for a new book "Advanced Web Interface Customization and Troubleshooting"....co authors Brian Madden, Thomas Kotzing an Leo van den Meer. :-)
Guest wrote STA
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Leo van der Mee on November 8, 2004
Apart from the CSG mistake grinnn the primary purpose of the STA is not storing username/password but to store the IP-address of your Presentation Servers. There are many scenarios (e.g. smartcard) where the STA does not store any user credentials at all.
Guest wrote Responses...
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Michael Burke on November 8, 2004
Thank you, everyone, for you comments and feedback. I was on vacation last week and somewhat disconnected from the technical world, so I wanted to get back to those who had qhestions/comments.

ALEX - you are correct in you posting - CSG does not encrypt traffic to the Citrix farm itself. My intention was simply to state generally that CSG is a mechanism for encrypting traffic between the end user and the farm, as opposed to sending that traffic in an insecure form. To clarify (as you stated) it only encrypts that reaffic between the client device and the CSG server. Traffic that is sent between the CSG server and the Citrix farm is not encrypted by default, although it can be by using SSL Relay. I probably should have chosen to word that differently. Thank you for the comment.
Guest wrote Porting to ESX (or other)
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Michael Burke on November 8, 2004
This article was geared towards VMWare Workstation simply because of its low cost. Many IT organizations are faced with reduced budgets, so I wanted to present this as cost-effective for any organization. Aside from any specific information pertaining to the VMWare Workstation product itself, you could easily use this information in this article to port this to GSX or ESX Server, or even Microsoft VirtualPC or VS2005.
Guest wrote Gaining "Buy-in" to virtualization
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Michael Burke on November 8, 2004
Some comments expressed troubles with getting management to "buy-in" to virtualization technology. I have to admit - this can be difficult. The biggest obsticle here is that management needs to have a certain comfort level with virtualization before the green light goes up. Typically, they fear what they don't understand. Once they gain confidence in the technology, they will be more open to it. As Joe said, it is an uphill battle. The old way of thinking is "more is better" (as in more servers). My suggestion would be to simply keep "plugging" away at them - as they read more about it and talk to their other golfing buddies that are alreay using it, they will be more open to it.

Also, if you have a disaster recovery project in the works, bring that up as a virtualization possibility. We have a cold DR site (not connected live to our production network). We included virtualization in our solution for Active Directory integrity - we virtualized one of our DCs. Each night, we perform an encapsulated backup of the virtual DC (encapsulated backups are when you back up the VM files themselves, instead of performing a backup from within the Virtual Machine). We then simply restore the VM from tape onto our GSX Server in the colocation facility and we instantly have a working AD.
Guest wrote Re: Responses...
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Leo van der Mee on November 9, 2004
Yeah another nitpicker: you cannot encrypt the traffic between the CSG and the Citrix Farm with the SSLRelay. CSG and SSLRelay cannot co-exist. So you use either the SSLRelay (which gives you end-to-end encryption) or you use CSG which means you will have to rely on RC5-128 ICA encryption for security or setup IPSEC between the CSG and your CTX servers.
Guest wrote Re: Responses...
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Michael Burke on November 9, 2004
@Leo - I agree. It would be nice if you could use SSLRelay with CSG (although it could get quite expensive to maintain in large environments). Generally, I explain to my clients that using CSG alone is "secure enough" without adding more encryption overhead of RC5 (ICA). If they insist on another layer of security, I tend to suggest adding a secure gateway proxy in a second DMZ, or just simply use MSAM (don't get me started on that product, though)...
Guest wrote a reply
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous citrite on November 9, 2004
If people have a specific request in terms of deploying WI and SG then please make them as part of this site, as proper support escalations, or even here on this thread. I can assure you that there are plenty of people who have hardcore WI and SG knowledge within Citrix - not just one! Getting the right sort of information to customers is tough - one must remember that 80% of customers will be satisfied and understand 80% of the features. Getting documentation and proper "hardcore" technical support to those who need it most is an important but tricky thing for any large software vendor.

Guest wrote be quiet Cman..
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 11, 2004
Citrix documentation is pap... these guys are making wedges of cash, manage to keep there certification programme up-to-date, but fail to provide any kind of helpful documentation.
Guest wrote Re: Leo&#39;s new book.... :-)
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Leo van der Mee on November 12, 2004
If I only had the time...

But seriously: I found your idea of an Advanced Web Interface Customization and Troubleshooting very interesting. I guess this is really what is lacking for this product. In my company demand for secure access implementation is picking up substantially and with it more demand for the more "obscure solutions" grinnn...

Well the fish slapping turned actually into something fruitful! :-)
Guest wrote Re: Responses...
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Leo van der Mee on November 12, 2004
@Michael - You have no idea... SSLRelay can't be installed unattended... and we need to do it perhaps 300 times... dont ask me the details... Citrix confirmed it cant be done without them revealing security sensitive information. They did promiss a tool for unattended installs for MPS4.0 though.
They even said that with an upgrade of SSLRelay to a newer version you will have to do the whole manual install all over again...

And then to think that is the one of the suggested solutions by Citrix themselves... scenario B in the "Citrix MetaFrame XP Security Standards and Deployment" guide.

About RC5-128 bits. You can safely add that. With modern day processor both on client and server it adds little overhead. It provides you with a secure connection from the DMZ to your secure network. Same what SSLRelay does for your XML traffic from WI to your Data Collector.
Guest wrote Re: Responses...
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Michael Burke on November 12, 2004
@Leo - "About RC5-128 bits. You can safely add that. With modern day processor both on client and server it adds little overhead."... I stand corrected - I guess these days the overhead is probably of little consequence. I have to admit that I have never had the need to do unattended installs of SSLRelay, but it does seem somewhat short-sighted to not have a way to set this up unattended. And the idea that you need to manually reinstall for an upgrade... Ugh!
Guest wrote Web Interface Book?
on Sun, Dec 12 2004 1:52 PM Link To This Comment
This message was originally posted by Brian Madden on November 13, 2004
We've talked a lot about making a WI book. The reason we haven't so far is that the products change too fast. Right now Citrix is on a 12-month rewrite cycle for WI, and that's too fast for a book. (I'm talking MAJOR Wi rewrites after 12 months.) So, instead, it's off to Thomas's website...
Guest wrote
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Berdt on November 17, 2004
Great review Thomas! This stuff is really cool.
Guest wrote Great summary.
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 17, 2004
The details mixed with screen shots, Explainig what goes on "under the hood" is what I like to read about. Thomas & Brian, appreciate you taking the time to explain & post. Look forward to more!
Guest wrote Support for other environments outside of Citrix?
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 17, 2004
Great review and article! One question, CSG 1 & 2 have been geared solely at connecting to MF farms. Does CSG 3.0 and the new version of MSAM begin to creep out of this and enable customers to connect to other non-Citrix web services securely (Lotus, IBM Websphere, Oracle, etc...) or will you still have to have Metaframe Pres Server to use this product?
Guest wrote Re: Support for other environments outside of Citrix?
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Brian Madden on November 17, 2004
I think what you're asking is "Is CSG 3.0 a real SSL VPN?" :) (See Doc# 214 for me info.) So far the answer is "no," but I'll bet we'll see this at some point (either through Citrix expanding the functionality or via an acquisition).
Guest wrote Fantastic tool
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by MAUREL Stephane on November 18, 2004
I've try it and I've like it. it is mandatory for everyone have a network. THANKS
Guest wrote Re: Support for other environments outside of Citrix?
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Help4Ctx on November 18, 2004
The Alternate UI features of MSAM 2.2 (the STA and LA) allow you to secure access to an alternate interface such as WebSphere or Sharepoint, instead of the default Access Centre. As far as 'Is CSG 3.0 a real SSL VPN', well again with the STA and LA components of SAM 2.2 you can extend the functionality of CSG to secure other SOCKS compliant traffic. For example, you can deliver RDP via SG via SSL with a few config changes.
Guest wrote Nice
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Help4ctx on November 18, 2004
By the way, nice article Thomas :-)
Guest wrote Great article
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Andy Smith on November 18, 2004
Very useful article.

When I explain CSG to network security types, I always call it an SSL VPN to simplify the conversation. It's basically what CSG does, just for a lot fewer protocols. It's not as full-featured as a Neoteris or Aventail, but then again CSG is not sold as a standalone product either. It wasn't until recently that Neoteris and Aventail supported ICA!!
Guest wrote Re: Support for other environments outside of Citrix?
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by an anonymous visitor on November 19, 2004
Can be achieved by modifying one config file on the STA
Guest wrote Re: Support for other environments outside of Citrix?
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Help4ctx on November 19, 2004
<i>Can be achieved by modifying one config file on the STA</i> - If you want to do it properly, two actually...you need to also modify the Logon Agent.
Guest wrote TODAY I AM SWITCHING TO MACINTOSH
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Fed Up!! on November 19, 2004
"Angry" pretty much laid out what should happen to Microsoft. I have simply had it with having to reading 50 snippets of MS "support" files that are only found in bunches IF you search with exactly correct keywords, and when it is all over, it boils down to having to call "them" on the frigging telephone and, of course, pay them MORE money so that my users can run an application on my Server!!! That is what a server IS -- a place where users get SERVED files and apps. When I buy a server OS with X number of client licenses, why should I have to jump through hoops to allow my users to access the server and run a program? So, today, I am surfing over to Apple's website and begin the learning process needed to join my much happier acquaintences who run Apple server. They apparently have no problems with this kind of obtuse crap and when viruses and worms bring my domain to it's knees, they come over and help me out, because they aren't affected. Microsoft's nickle-and-diming, money-grubbing, lousy code and screw-you customer mismanagement has lost it a long-time customer. The days of "you can't get fired for picking Microsoft" are over -- my users want reliable computing and don't want to hear a bunch of excuses. Adios, Microsoft -- it has NOT been a nice journey.
Guest wrote CSG 3.0 &amp; Net6
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Kevin Ray on November 24, 2004
Where does CSG fit in now that Citrix are in the process of Acquiring Net6

http://www.citrix.com/site/NE/news/news.asp?newsID=14851
Guest wrote Ì´m impress and very proudly on you
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Bärbel Fischer on November 26, 2004
The comments are the reason, why you should make further.
Whenever you need my assistance, I participate.


Guest wrote Great Summary !
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Sam Jacobs on November 29, 2004
Very focused and informative...thanks, Thomas !
Guest wrote Thomas.....another great summary !
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Sam Jacobs on November 29, 2004
...and I'm just finishing the code updates for WI 3.0 ! :)
(see: RestrictedApplications - http://support.citrix.com/forums/thread.jspa?forumID=69&threadID=57938)
Guest wrote ConnectString
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by DHarding on December 2, 2004
This is a full 'long winded' version for SQL 2000 which might help some problematic scripts.

Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security Info=True;Data Source=SQLSERVERNAME;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Workstation ID=WOEKSTATIONID;Use Encryption for Data=False;Tag with column collation when possible=False;Initial Catalog=farmUsage"

But V.Nice Job
Guest wrote Thomas! Good one.
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Ron Oglesby on December 9, 2004
Nice little work around (works on a pair of my servers but not on a third so I am looking at that) You sure can break down that code fast. Now you get a quick article out of it huh? Thanks! Ron
Guest wrote Code credits goes to Citrix.
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Thomas Kötzing on December 9, 2004
I'm no programmer but you got my attention with your request and I dug into it... the article is the result.
Guest wrote Great Info!
on Sun, Dec 12 2004 1:57 PM Link To This Comment
This message was originally posted by Frank Anderson on December 9, 2004
I have implemented the above mentioned workaround to resolve a clientname, or local hostname, issue where the application “Cerner” uses the workstation’s ID for backend printing. One problem worth noting is that this does NOT work with NLB configured WI solutions. I have been working with Citrix’s development support on this for the past month, received these two files yesterday, and have reported the NLB discovery today. When a solution has been found, and if it’s not already posted, I will offer my findings.

Thanks for writing a great article! I have based my current implementation around Smooth Roaming and believe in its advantages. It fits healthcare’s environment quite well. Along with SSO and biometric/smartcard readers – it’s a relatively seamless end-to-end solution for us.

Thanks again.

-Frank Anderson
Guest wrote Question?
on Mon, Dec 13 2004 6:42 AM Link To This Comment
Does your workaround still append the WI_ prefix to the client name? If not it may be worth noting that some of the new MPS4 policies look like they may use this to distinguish between WI sessions and those initiated directly from a client device.
Thomas Koetzing wrote Re: Question?
on Mon, Dec 13 2004 10:42 AM Link To This Comment
"Does your workaround still append the WI_ prefix to the client name?"
No, since this would break a companies naming convention again.

"If not it may be worth noting that some of the new MPS4 policies look like they
may use this to distinguish between WI sessions and those initiated directly from a client device."
Citrix policies including those of MPS4 can be configured freely. I doubt that Citrix has hard-coded the WI ClientName prefix within MPS4 Citrix policies and they have not done this in MPS3.
Thomas Koetzing wrote Re: Question?
on Mon, Dec 13 2004 11:10 AM Link To This Comment
Just forgot, you can simply change the WI modification so you would have a ClientName with "WI_" prefix and the real workstation name.
Guest wrote Re: Terminal server, does Microsoft really like it?
on Thu, Dec 16 2004 7:16 PM Link To This Comment
Does this mean CRM does not function through terminal server, or is just not supported?
Guest wrote Tnx For the Info
on Mon, Dec 20 2004 4:13 AM Link To This Comment
Great article Brian.
tnx
Guest wrote Re: Tnx For the Info
on Wed, Dec 22 2004 10:55 AM Link To This Comment
especially it was from Thomas :-)
Dennis Damen wrote Like it, Like it
on Mon, Jan 3 2005 2:10 AM Link To This Comment
60 second reviews.... great idea.
Berdt van der Lingen wrote sceptical?
on Mon, Jan 3 2005 12:43 PM Link To This Comment
@Dennis: Sounds like you are sceptical, but I think it's a good way to get an quick overview about new solutions like Marcorp's "Managed Profile" product (as long as you're not pretending to give a full in depth review).
I never heard of it before, but that could be me of course.
Brian Madden wrote Re: sceptical?
on Mon, Jan 3 2005 4:00 PM Link To This Comment
I think he was being genuine. After all, most people who don't like what I do very clearly articulate it.

Either way, 60-second reviews are here to stay for a while...
Dennis Damen wrote Re: sceptical?
on Tue, Jan 4 2005 7:48 AM Link To This Comment
uuuh no! I think its a great idea for all the same reasons you think its a great idea!
Guest wrote Using IIS for this....YIKES!!!
on Wed, Jan 5 2005 7:39 AM Link To This Comment
What a security nightmare waiting to happen. IMHO, bad design all around.
Guest wrote Re: Using IIS for this....YIKES!!!
on Wed, Jan 19 2005 3:32 AM Link To This Comment
Interesting - from a general overview of the product you are able to deduce that it is a security nightmare. Remember this is about user profiles and user profile settings - not sensitive corporate information.
Greg Wood wrote Hyperthreading
on Fri, Jan 21 2005 3:17 PM Link To This Comment
One thing to keep aware of - anything with Hyperthreading on confuses Tarantella, and it will think you have 4 processors even though it is a 2 processor box, and will heavily weigh the connections to that. So my advice, if you load balance an app between hypertheading and non-hyperthreading - don't. Turn hyperthreading off if you want it to load balance properly, or have every server on.

agressiv
Guest wrote Question : What do YOU think of SGD's security ?
on Sun, Jan 23 2005 11:08 AM Link To This Comment
I am concerned about the fact that Tarantella uses the IIS as the front-end user login facility. This is currently the only thing which keeps me from buying Tarantella - what do you thin about it ?
Brian Madden wrote Re: Question : What do YOU think of SGD's security ?
on Mon, Jan 24 2005 11:45 AM Link To This Comment
What's the big deal with IIS's security? Especially IIS6? Can you point me to some reason why you think IIS should not be used as the front end? I personally have no problem with it. I use it for my production WI servers and web servers, and almost every client I know uses it for WI.
Guest wrote Re: Terminal Services Problem....
on Thu, Feb 3 2005 1:36 PM Link To This Comment
point the 2003 Terminalserver to the 2003 Licensing server by editing the registry. The knowledgebase article is mentioned above
Guest wrote Re: Re: Question : What do YOU think of SGD's security ?
on Thu, Feb 10 2005 8:32 AM Link To This Comment
We are running Tarantella, IIS concerns us a bit. They have what's called an SPR (Single Port Relay) server, which allows you to put on box on the DMZ and funnel all connections through that box. You do not install IIS on that machine, just the Tarrantella peice that handls all connections to the back end servers, (load balancer, web server, app server, etc). You can then configure multiple SPR servers for redundancy.
Shawn Bass wrote RE: Re: Re: Question : What do YOU think of SGD's security ?
on Thu, Feb 10 2005 10:45 AM Link To This Comment
IIS doesn't have a bad security model. It just so happens to have a lot of bad admins running it.
Guest wrote But no Bandwidth control?
on Fri, Feb 11 2005 3:02 PM Link To This Comment
So maybe I've missed something, but there's no bandwidth conrol/throttling or compression? That's the sort of thing I'd be looking for to make things easier when printing to the remote locations.
Shawn Bass wrote RE: But no Bandwidth control?
on Fri, Feb 11 2005 5:08 PM Link To This Comment
What version of Citrix are you referring to?
Guest wrote Lack of needed functionality in favor of easy install?
on Fri, Feb 11 2005 6:38 PM Link To This Comment
List of whats missing for my client's environment too long to mention, but hey its fast and easy (and doesnt require me to do any extra reading). Would have been good to see actual testing of documents and how performance is. Yeah, I know its only a 60 sec. review. Thanks, anyway for the info!
Wilco van Bragt wrote Which functionality are you missing?
on Sat, Feb 12 2005 12:28 PM Link To This Comment
You are right it is impossible to mention all options and functionalities in a review (unless you are writing a complete book).

Uniprint is using compression to send the printjobs. It offers no option to control the bandwith used by the printjobs like for example Metaframe XP can do.
If bandwith is a very big issue take a look at thinprint (review available on my website sbc.vanbragt.net) because that has more option for that than Uniprint.

Guest wrote One suggestion
on Sun, Feb 13 2005 12:23 PM Link To This Comment
For one, were looking for a decent way of compressing the print job. Sorry, but Acrobat/.pdf makes the print job much larger more often than not in our tests....and its reducing the quality of these printouts were seeing.
Guest wrote Re: One suggestion
on Mon, Feb 14 2005 10:38 AM Link To This Comment
In my testing depending on what options you select in the PDF, the quailty will be excellent. Since I always use 600-1200 DPI creating the PDF I really haven't noticed any picture quality loss.

For the person above asking about compression. Something I noticed when using uniprint was the option to compress the file to a JPEG. So not only is a PDF compressed but so are the images that where embedded in them.

On a personal note the one thing I like most about PDF is the ability to embedd the fonts if the remote client doesn't have the same font set.
Guest wrote Special priting options
on Mon, Feb 14 2005 10:55 AM Link To This Comment
Did you guys get to test if special printing options work? I have a printer that staples and duplexes and sends the jobs to a special tray. Do you know if this will still work with regular uniprint.

I called Uniprint an they told me it would work, but I wanted a second opinion?
Guest wrote Re: Re: One suggestion
on Mon, Feb 14 2005 5:20 PM Link To This Comment
Correct me if im wrong, but my tests found that by increasing dpi to 600 or 1200, you explode the print job size (higher resolution=more print data). Doesnt this defeat the purpose of compression?
Wilco van Bragt wrote Re: Special priting options
on Tue, Feb 15 2005 2:13 AM Link To This Comment
I did not have that options on the printer in the test. In the options you can configure duplexing and tray selection.

In the trial version you can test it if it works for you, the installation and configuration is pretty easy.
Guest wrote What about AIEs?
on Wed, Feb 16 2005 8:40 AM Link To This Comment
Has anyone actually been able to get the "Application Isolation Environments" to work in the preview yet?

Opinions vs. Softgrid?
Jay Tomlin wrote Nice review
on Wed, Feb 16 2005 3:30 PM Link To This Comment
Hi Thomas, nice review. Here are a few comments on your comments:

> Web Interface has been broken into several small
> packages (wi.zip; pna.zip; mcm.zip; common.zip).

These zip files are part of the implementation of multi-site support. The Access Suite Console allows you to create as many WI sites as you like. Each time you create a new MetaFrame Presentation Server site, the wi.zip file containing all the web scripts and images for that type of site is exploded into the target directory for your new WI instance. The pna.zip file is used for PNAgent sites and mcm.zip is used for MetaFrame Conferencing Manager sites.

> Citrix added NIS (UNIX) authentication and is working
> on NDS (Novell) support with full context searching.

WI has always supported NIS authentication, it's just more clear now in the admin console. Plus, the Novell integration feature has always supported full context searching too... when you supply particular contexts in the configuration it is to limit the context search to a subset of the NDS tree. New in version 4.0 is support for Novell authentication under Web Interface for UNIX.

> ability to set the default ICA client or to only allow
> unicode clients (version 8+).

This feature was introduced in Web Interface 3.0, where it is enabled by clearing the WIAdmin checkbox labeled "Enable support for legacy ICA clients".

> hope that we might see an "Advanced Web Interface 4.0
> Guide" and/or WING Guide for customizations.

Yes, the WI 4.0 documentation will include an advanced customization guide with tutorials on how to use the new WING API's.

> If the client doesn’t support CGP (which is what Session
> Reliability uses) then it falls back to SOCKS and connects
> through the CSG in the traditional way without Session
> Reliability enabled.

Also, if the SR checkbox is enabled in WI but the STA is not version 4, WI will gracefully fall back to the older STA protocol and render ICA files that do not attempt to use session reliability.

> solving the WI ClientName issue

Yes, that's a tricky one. Unfortunately WI 4.0 will not offer a solution for this. A real solution is likely to require big changes to MPS, the XML service and IMA, not just WI.

> the WI/CSG “real” client IP dilemma

When Web Interface is placed behind Secure Gateway 3.0, SG3 will pass the "real" client IP to Web Interface in an HTTP header. It will be possible to pick up this value in the WI scripts and use it instead of REMOTE_ADDR. The real client IP will show up in an HTTP server variable called HTTP_X_FORWARDED_FOR.

Best regards,
JayT
Shawn Bass wrote RE: Nice review
on Wed, Feb 16 2005 3:34 PM Link To This Comment
Hi Jay, nice to see you here! Thanks for the additional info. Really glad to see that CSG3 is now passing through the true client IP. This has been a big issue when trying to find ways to map printers geographically.

Shawn
Thomas Koetzing wrote Re: Nice review
on Wed, Feb 16 2005 4:17 PM Link To This Comment
Hey Jay, thanks for all your comments!

Thomas
Guest wrote Application Isolation Environments
on Wed, Feb 16 2005 10:45 PM Link To This Comment
I got it to work with Office 2000 and Office XP. Still not 100% perfect, im getting weird messages when the apps fire up. But in thorey it worked fine....
It was a bit of a pain to config...you need to read the help section to get it to work.
Guest wrote TESTING TESTING TESTING
on Tue, Feb 22 2005 4:50 PM Link To This Comment
New features and design concepts are great but REAL LIFE TESTING of at least the previous versions of Citrix would have saved me thousands of dollars in time and money.

Windows is the most unreliable platform for all of this so I would HOPE that Citrix would create workarounds and no put the blame back on Windows for reliablility.

I am so frustrated that I am to the point of finding a new career. I have to hire computer babysitters to manage software that is supposed to work when you buy it.

CAREFUL AND COMPLETE TESTING TAKES TIME
This is the problem. To make money and keep up with competition, products are release and fixed later. NOT FAIR to consumers.

I ONLY NEED CITRIX TO DO THE BASICS ( RUN A PROGRAM REMOTELY AND PRINT ). I can't even get that to be dependable. HOPEFULLY the BASICS ARE FIXED!!!

Shawn Bass wrote RE: TESTING TESTING TESTING
on Tue, Feb 22 2005 6:59 PM Link To This Comment
Don't blame Citrix for inherit weaknesses in the Spooler service. Microsoft wrote it.

Besides, I've set this stuff up for thousands of users and it's not nearly as unmanagable as you make it out to be.
Michael Keen wrote AWESOME FIND!!!!!!!!!
on Wed, Feb 23 2005 12:52 AM Link To This Comment
Shawn

man you hit it on the head. I have been having a very very similar issue with some servers that I was recently migrating to XP. I will be calling MS to get this hotfix immediately. I too searched long and hard, but gave up after what felt like 500 documents. Dude, you may have saved me some serious troubleshooting time. You rock....thanks for the info!!!!!

Michael Keen
Hewlett Packard
Stefan Vermeulen wrote hotfix download
on Wed, Feb 23 2005 5:42 AM Link To This Comment
For those who do not like calling MS:
The win2k3 version can be downloaded from http://www.pubforum.net :
http://www.station01.com/~pubforum/w2k3/hf/WindowsServer2003-KB840371-x86-ENU.EXE

The win2k version will be uploaded shortly.
Guest wrote Come On Guys...Wake Up
on Wed, Feb 23 2005 6:48 AM Link To This Comment
All you guys should be receiving emails from Citrix that contain the latest MS Patches that affect TS. Slow logoff's, high CPU..etc...most are bugs. Search web, read the forums. People find patches all the time.

I keep a list of bookmarks to KB articles that deal with TS issues. Its my first point of contact. If I see the same issue in a KB Article, I download and test it. 9 time out of 10 it works.

I am actually surprised to see this article....What??? This has never happened to you before. It just a part of supporting TS.
You need to get used to: Checking MS and Citrix for Patches. Talking to other admins, know what issues are out there.

For all the surprised people out there that are amazed about this patch, better check out the following pages:

http://www.citrix4ge.de
http://www.pubforum.net

Have Fun :)

Luke S
Guest wrote Different levels of Citrix Admins
on Wed, Feb 23 2005 8:20 AM Link To This Comment
Thanks Shawn. You will save many not-so-experienced Citrix admin (like me) valuable time. Brian thanks for posting.
Shawn Bass wrote RE: AWESOME FIND!!!!!!!!!
on Wed, Feb 23 2005 9:47 AM Link To This Comment
No problem. Hopefully it solves your issue.

Shawn
Shawn Bass wrote RE: Come On Guys...Wake Up
on Wed, Feb 23 2005 9:53 AM Link To This Comment
Luke -

There's two schools of thought out there.

1) Those sys admins that apply every single patch that comes their way because they assume that it'll make their environment more stable.

2) Those sys admins who don't apply patches unless they apply to their particular situation.

I'm part of camp #2. I was bitten by the old IIS SRP1 patch that Microsoft delivered as part of the Code Red / Nimda remediation and watched as servers blue screened themselves upon restart. Granted, it was done in a development environment, but not all admins have a dev environment, etc. I've also seen a situation at a client site where they got all nervous about the US going to Orange Alert and due to the Department of Homeland Security notification that went out to the CEOs of major Fortune 500 companies in the US, the IT staff went on a patching frenzy. The resultant situation in my Citrix environment was HALF of the Citrix servers blue screening (but it didn't occur in the dev environment, it was something that only happened when the servers were under a stress (i.e. normal production load). So no, I'm not a big fan of "Oh hey there's a new hotfix, I'd better apply it". Besides, particularly when it comes to non-public hotfixes, there's a reason why it's not in the service pack. It hasn't been full regression tested, etc. I'm sure that some day that patch will make it into a Windows 2003 Service Pack or Win2k SP5 if they ever are going to release it. But for now, I'll apply things that apply to my environment.

But to each their own. Whatever works for you.

Shawn
Guest wrote RE: Come On Guys...Wake Up
on Wed, Feb 23 2005 8:43 PM Link To This Comment
1) Those sys admins that apply every single patch that comes their way because they assume that it'll make their environment more stable.

Hehe...thats just crazy...

What i was saying was you only install patches if you think it will solve your issues.
But to make you life easier, keep a record of what patches are out there.

If possible, wait till other admins install beta patches before you install them.

Anywho, good find..I know how you feel when you nail a long running issue.

8er
Shawn Bass wrote RE: Come On Guys...Wake Up
on Wed, Feb 23 2005 11:46 PM Link To This Comment
Ok, apparently I misread your original comment. Makes sense now.
Mike Davin wrote W2K Download link anyone?
on Thu, Feb 24 2005 11:30 AM Link To This Comment
Anybody have a link to the W2K Server version of this hotfix?
Shawn Bass wrote Re: W2K Download link anyone?
on Thu, Feb 24 2005 11:57 AM Link To This Comment
I've emailed the win2k version off to Dr. Conti (I believe he's in process of getting the actual hotfix from Microsoft - he doesn't trust me :( anyway, it should be posted up at pubforum.net shortly. Otherwise, you can open a support incident with Microsoft to get it for free, or I could email it to you (pm me your email address if you want me to do that).

Also, when commenting on an article, please include the title or URL of the article you are commenting on since the forum doesn't link back to the original article and it's very tough to know what article people are commenting on.

Thanks.

Shawn
Brian Madden wrote RE: Re: W2K Download link anyone?
on Thu, Feb 24 2005 6:17 PM Link To This Comment
No, don't add the title.. I'll add this to the forum asap.. I promise!

Brian
Shawn Bass wrote RE: Re: W2K Download link anyone?
on Thu, Feb 24 2005 6:41 PM Link To This Comment
ORIGINAL: Brian Madden
No, don't add the title.. I'll add this to the forum asap.. I promise!


OK, sorry. I know you said you were going to do this, didn't mean to be pushy...

Shawn
Stefan Vermeulen wrote Re: Re: W2K Download link anyone?
on Thu, Feb 24 2005 6:59 PM Link To This Comment
Just mail the win2k version of the hotfix to me, and i will host it untill Dr Conti get's his act together. Stefan@printingsupport.com
Shawn Bass wrote RE: Re: Re: W2K Download link anyone?
on Thu, Feb 24 2005 7:41 PM Link To This Comment
Done. YHM.
Stefan Vermeulen wrote win2k hotfix available
on Fri, Feb 25 2005 2:44 AM Link To This Comment
Thanks Shawn.
http://www.printingsupport.com/tools/Windows2000-KB840371-x86-ENU.ZIP
Shawn Bass wrote Hey looks like we made Bink.nu's front page on this spooler article :)
on Fri, Feb 25 2005 11:58 AM Link To This Comment
http:
I really like Steven's site. If you don't read it on a regular basis, you should.

Shawn
Brian Madden wrote RE: Hey looks like we made Bink.nu's front page on this spooler article :)
on Fri, Feb 25 2005 12:28 PM Link To This Comment
Yeah, he links to us a lot (which is great). And I agree, it's a great site.

Brian
Guest wrote Do you need to run this service all of the time?
on Fri, Feb 25 2005 3:41 PM Link To This Comment
I am not an expert, but does the spooler service(amongst others) need to be run 24/7?
Shawn Bass wrote RE: Do you need to run this service all of the time?
on Fri, Feb 25 2005 4:01 PM Link To This Comment
It needs to be running whenever someone needs to be able to print. If you don't need printing, you can stop it.
jdoedel@xsmail.com wrote take care off downloading MS PSS hotfixes from the internet
on Fri, Feb 25 2005 4:32 PM Link To This Comment
I used to download MS patches for my Citrix environment from the net. Than I got a problem and I called MS PSS. We found out the problem was fixed in a hotfix... I already had!!! It seems to be the MS regulary changes PSS hotfixes. Officially anybody who have called MS should get a email telling them to download the new version, in practice this does not always work. (I received 1 mail for 23 hotfixes ordered via PSS). I know of 2 which were updated.
Moral, please be aware MS does only do version control internally on PSS hotfixes (even regulary fixes too but that I saw only once). So I always call them for the latest version, which is free but bothersome.
Mike
Guest wrote Spooler service stopping
on Sat, Feb 26 2005 11:21 AM Link To This Comment
We have been noticing the spooler service keeps stopping daily when using Citrix sessions we have to keep starting the spooler service a few times daily when people try to print within citrix, would this possibly fix that problem ?
Shawn Bass wrote RE: Spooler service stopping
on Sat, Feb 26 2005 4:05 PM Link To This Comment
I doubt that it would fix that issue, but you could certainly try it. If the spooler service is stopping throughout the day you probably have a bad driver running (actually you're lucky the service is just stopping and not blue screening the server). As a short term fix I'd suggest that you set the Print Spooler server to automatically restart in the event of it stopping. You can set that in the Recovery Tab of the Service properties. For a more permanent solution I'd examine which third party drivers you have installed and remove them and replace them with printer mappings or UPD (which should happen automatically once you remove the driver).

Shawn
Aaron Simms wrote RE: Spooler service stopping
on Mon, Feb 28 2005 9:06 AM Link To This Comment
I agree with Shawn. You should also try stopping the print spooler and then deleting all pending print jobs and then restarting the print spooler. I have seen corrupt jobs cause this problem and after deleting them no more problems.
Guest wrote Re: Re: Re: One suggestion
on Tue, Mar 1 2005 11:38 AM Link To This Comment
Yeah your right if you increase DPI you do get a larger file but isn't that true with any solution?

I noticed that the setting in JPEG compression affect the compression more then fiddling with the DPI. When I did a test print from 300 to 600 DPI I was supprised that it only increased the file size form 59KB to 66KB on our print job.

How was it during your test?
Guest wrote Some Dude
on Wed, Mar 2 2005 5:09 PM Link To This Comment
How about the anctient tips to put cmstart.exe to userlogon.cmd to speed up the login process? Is that still valid today?
Brian Madden wrote I think that's okay now
on Wed, Mar 2 2005 8:07 PM Link To This Comment
It seems to me that FR-3 for MetaFrame XP took care of this.. What do others think?
Thomas Koetzing wrote Re: I think that's okay now
on Thu, Mar 3 2005 5:29 AM Link To This Comment
It was a great idea by Brian to move the CmStart.exe to the UsrLogon.cmd
This way the logon moves on but the client printer autocreations are still done by wfshell.exe
Again the troublemaker here are the 3rd. party printer drivers that can slow down the logon process.

I was thinking on adding this to the article but you have to be carefull how and where to add it to
the UsrLogon.cmd to make sure CmStart really starts.

Also, Citrix added to the CMC the option of starting publish applications without waiting for printer
creation (SMB => ICA) but is limited to network printer.

Personally I don't know whether this problem was fixed with FR3/MPS.
gka@fms.de wrote Woundn't this hotfix fit better? Microsoft KB324446
on Fri, Mar 4 2005 9:20 AM Link To This Comment
http:
It's a little bit newer and also has all the files in a newer version except gdi32.dll then KB840371.

Gary
Shawn Bass wrote RE: Woundn't this hotfix fit better? Microsoft KB324446
on Fri, Mar 4 2005 10:31 AM Link To This Comment
Possibly, but then again it doesn't mention that it supercedes KB840371 so I don't know for sure. It does look like the files included in KB840371 are in it, but I've got a general policy about hotfixes that I only apply ones that are pertinent to specific problems that I'm having. I haven't experienced this "session freezing" that this hotfix mentions so I'll probably wait for SP5 (if they ever release it) before going that route.

Thanks for the info though.

Shawn
Guest wrote Production and QA
on Fri, Mar 4 2005 4:50 PM Link To This Comment
Why separate Production from QA servers?

Can't we use the same servers for both Production and QA?
Mark Colburn wrote RE: Production and QA
on Sat, Mar 5 2005 1:09 PM Link To This Comment
is this part of another post? can you please clarify your question.
Guest wrote Great info Stefan!
on Mon, Mar 7 2005 4:14 AM Link To This Comment
But I think MS will take it off in release :-( Dr.Conti
Birkoff wrote W2K3 Std and no "Terminal Server Fallback Printer Driver Behavior."
on Tue, Mar 8 2005 4:18 AM Link To This Comment
after reading, I immediately checked my Windows 2003 Standard server with SP1, but i didn't see the "Terminal Server Fallback Printer Driver Behavior." policy. I also reloaded the administrative template, but it did nog appear. is it possible that it's nog included in the Standard edition?
Martin Persson wrote RE: W2K3 Std and no "Terminal Server Fallback Printer Driver Behavior."
on Tue, Mar 8 2005 5:28 AM Link To This Comment
Maybe there are new adm-templates that haven't been released yet. Final SP1 isn't out yet.
Stefan Vermeulen wrote Re: W2K3 Std and no
on Tue, Mar 8 2005 11:53 AM Link To This Comment
I used the latest SP1 RC2 realease for this, so it could be that it was not present during the previous SP1 version yet.
The fact that no driver nor any iformation is available, is worrying though, that this one might not make the final release. (would be a bummer)

Stefan
Guest wrote Re: W2K3 Std and no
on Wed, Mar 9 2005 5:23 AM Link To This Comment
I got it running without problems.

The details are:

PCL driver is: HP Deskjet 500
-language: probably PCL3
-paper format: A4, Envelope #10, Legal Letter
-Resolution: 300x300, 150x150, 75x75
-Tray Selection: Automatically Select, Auto, Envelope, Manual Feed
-Orientation: Landscape, Portrait

PS driver is: HP Laserjet 4/4M PS
-Language: Postscript 2
-paper format: A4, B5, C5, Com-10 Env, DL Env, Executive, Legal, Letter, Monarch Env
-Tray Selection: Automatically Select, Multipurpose Tray, Paper Cassette, Lower Cassette, Envelope Feeder, Manual Feed

A print job generated on the server side is not reprocessed by the client side driver.
Guest wrote Duplexing and tray selection
on Thu, Mar 10 2005 7:04 AM Link To This Comment
The duplex and tray selection was realy bad on the 4.0 version of Uniprint, if you are using the gateway functionality you can only turn duplex support on for all or none printers, so duplex option will show on printers that doesn't have dublex !
Stefan Vermeulen wrote Running here now too.
on Fri, Mar 11 2005 9:49 AM Link To This Comment
It turned out to be a missing driver.cab file on the server.
It is working flawless now, so i will dig into it a little deeper to find out it's potential.
Guest wrote Re: Special priting options
on Fri, Mar 11 2005 4:17 PM Link To This Comment
Yes this will work.
Guest wrote Session Sharing
on Thu, Mar 17 2005 10:39 AM Link To This Comment
It's a great script.
But we are running all applications in one session. In the output of this script i see only the application name that was started first. Is there a solution for this?

Guest wrote SP1 TS Licensing question...
on Mon, Mar 21 2005 8:54 AM Link To This Comment
Does anyone know if MS have actually enforced the 'Per User' TS client licensing model in SP1 or is it still unfinished (at the moment you can choose to use it but you do not actually need TSCALs)?

Not that anyone would do such a thing... :)

~A.
Brian Madden wrote RE: SP1 TS Licensing question...
on Mon, Mar 21 2005 12:27 PM Link To This Comment
No, this is not yet enforced.

Brian
David Sanchez wrote Speaking of NAT
on Tue, Mar 22 2005 4:46 AM Link To This Comment
13. Speaking of NAT, EVERY server requires it’s own public IP address if using NAT.

A workaround is changing ICA port from every server, for using just a public IP.

I mean

change server1 ica port to 1494 -> public_ip:1494 -> server1_privateIP:1494

change server2 ica port to 1495 -> public_ip:1495 -> server2_privateIP:1495

and so on...
Thomas Koetzing wrote Re: Speaking of NAT
on Tue, Mar 22 2005 5:12 AM Link To This Comment
That is called port address translation PAT (WI admin guide page 65) and you have to open every port on the FW.
David Sanchez wrote Re: Re: Speaking of NAT
on Tue, Mar 22 2005 5:36 AM Link To This Comment
TCP/IP Network endpoints are IP and port, not only IP, so PAT is (at least) an artificious word. But this is just terminology.

The 'so called' PAT (for me, plain NAT ;-) ) _IS_ a solution, anyway.


>> and you have to open every port on the FW

???

What the hell??? why? just open the ones you wanna use!


So, this solution is not the best, but is a workaround to have just a public IP.



David Sanchez wrote 17. An application MUST reside on the same server as the application that calls it unless you are using PNA and content redirection.
on Tue, Mar 22 2005 5:57 AM Link To This Comment
17. An application MUST reside on the same server as the application that calls it unless you are using PNA and content redirection.

Or (obviously) a File Server (IE, an external SMB Server with the exes).

The aplication, must _run_ on the same server.
David Sanchez wrote Re: Re: Re: Speaking of NAT
on Tue, Mar 22 2005 6:20 AM Link To This Comment
Sorry.. you meant -> every == each one you wanna use. Sorry again

About <a href="http://winplanet.webopedia.com/TERM/P/PAT.html">PAT </a>:

<code>

Short for port address translation, a type of network address translation. During PAT, each computer on LAN is translated to the same IP address, but with a different port number assignment.

PAT is also referred to as overloading, port mapping, port-level multiplexed NAT or single address NAT.

</code>
Jeff Pitsch wrote Re: 17. An application MUST reside on the same server as the application that calls it unless you are using PNA and content redirection.
on Tue, Mar 22 2005 7:01 AM Link To This Comment
That one was included because so many people think that publishing an application automatically makes it available to the entire farm as if it was installed locally. It's amazing how some people get upset when they learn differently.
David Sanchez wrote yep
on Tue, Mar 22 2005 7:13 AM Link To This Comment
For app deploying on the farm, i suggest to relay on MSI + Active Directory Technologies, (or the solution for the poor, a File server :-D ).

Cheers.
David Sanchez wrote Re: yep
on Tue, Mar 22 2005 7:15 AM Link To This Comment
Sorry this goes on the up-thread :-S (i've got the twistedfinger syndrome :-DDD )

Sorry again.
Stefan Vermeulen wrote article depth level
on Tue, Mar 22 2005 9:35 AM Link To This Comment
The list is to show what absolute newbies, who get stuck with maintaining a farm for the first time encounter. (mostly happens on new jobs etc).
For advanced citrix admins, the list is a joke, and will probably just create a smile on their face, or trigger the reaction to post other ways to get the same accompliched.

For hardcore discussions, visit briforum.
Stefan Vermeulen wrote Re: Re: article depth level
on Tue, Mar 22 2005 10:00 AM Link To This Comment
Let me put it differently. With advanced admin, i mean sbc consultants who do installations and troubleshooting for a living. For those people the list should look familiar for situations where they were send in to fix things.
About 70 to 80% of the forum visitors ask the above from the list. A small portion does some advanced stuff, and those posts are very educating. (at least for me)
Greg Wood wrote #8 and #3
on Tue, Mar 22 2005 11:38 AM Link To This Comment
With Windows 2003 acting as a Terminal Server, you need a Terminal Server licensing server running on a Windows 2003 server.

Don't jump down my throat, but how is this a myth? You can somehow have a 2003 Terminal Server use a Terminal Server license server running on Windows 2000?

From Brian's article:

"In Windows 2003 Terminal Server environments, the TS licensing service must be installed on a Windows 2003 server. That server can be any server in your environment, and it doesn’t have to be a server that’s running Terminal Server. Most companies install the TS licensing service on a standard Windows 2003 file and print server."

Also with #3, unless you mean the 120 grace period, this statement isn't particularly effective. You WILL need a license server if you want to use it long term.

agressiv
Stefan Vermeulen wrote Re: #8 and #3
on Tue, Mar 22 2005 11:50 AM Link To This Comment
"Don't jump down my throat, but how is this a myth? You can somehow have a 2003 Terminal Server use a Terminal Server license server running on Windows 2000?"

There is quite a number of people upgrading their TS/Citrix server to 2003, asuming the Lisensing stay's the same as it was. (read free, because they use win2k/XP pro clients) On day 121 they come to the forum.

There is also a number of people convinced that they don't need a TS license server, because they use citrix, which has it's own licensing, and what on earth does TS licensing has to do with an ica connection.
Greg Wood wrote Re: Re: #8 and #3
on Tue, Mar 22 2005 12:08 PM Link To This Comment
it only emphasizes my point. #8 made it seem like you didn't need a 2003 license server with 2003 term serv. Maybe its just poorly worded, IMO.

Its certainly not a myth:

You DO need a server running 2003 for licensing in the long run if you wish to stay with 2003 term serv. So I'm actually agreeing with the "myth", as it is stated.

agressiv
Greg Wood wrote Re: Re: Re: #8 and #3
on Tue, Mar 22 2005 12:10 PM Link To This Comment
guess i was reading them as "myths" rather than misunderstandings.

Ignore my previous posts :)

agressiv
Brian Madden wrote Re: Re: article depth level
on Tue, Mar 22 2005 1:03 PM Link To This Comment
I should point out that the author of the above post (xs4citrix) is Stefan, one of the authors of this article. So what he was saying was coming from the point of why they made this list. He was not bashing it.
Guest wrote Re: Speaking of NAT
on Tue, Mar 22 2005 3:26 PM Link To This Comment
If your going to go through the trouble of setting up PAT, then use the Fricken CSG product that Citrix basically gives away for FREE.

Joe
Guest wrote 2. A Citrix MetaFrame connection license does NOT include a Microsoft Terminal Services client access license (TSCAL).
on Tue, Mar 22 2005 10:18 PM Link To This Comment
Does this mean that I don't need a TSCAL to access my MPS box? Could someone expand on what #2 actual means.

Cheers
Nathan Young wrote more on the format
on Tue, Mar 22 2005 10:37 PM Link To This Comment
sorry if this is harping on, but i'm with tlyczko on this one.

as a newbie myself, i like the idea, but some of these 20 things appear to be myths, and some appear to be the truth that would maybe be in response to the myth.

eg, 1. seems like the myth, but as far as i'm aware 20 is a true statement. (even if the hotfix hasn't been released on the msft site, if it exists and you have the issue they will supply it with a phone call, for free).

so i'm not sure i can work out wether some of these are the TURE things, or the MYTHS. kinda makes it more confusing... anybody want a quick shot from one to 20 which what's a myth and what's a truth? or are they all myth and i'm just not up on some of them...???
Brian Madden wrote Re: more on the format
on Wed, Mar 23 2005 12:15 AM Link To This Comment
These are all true as written. Every single one. So if you think that one is false, then you are a victim of misunderstanding.
Guest wrote Re: Re: more on the format
on Wed, Mar 23 2005 1:03 AM Link To This Comment
Could I suggest that you change the title to:

"Top 20 Answers to Citrix and Terminal Services Misunderstandings"

It may help to clear any confusion.

Cheers

The Anony Mouse
Thomas Koetzing wrote Re: 2. A Citrix MetaFrame connection license does NOT include a Microsoft Terminal Services client access license (TSCAL).
on Wed, Mar 23 2005 2:06 AM Link To This Comment
Since ALL 20 statements are TRUE, it means you NEED also Microsoft TSCAL's and you MUST deploy a Microsoft Terminal Server licensing server (TLS).

Thomas
Brian Madden wrote Re: Re: Re: more on the format
on Wed, Mar 23 2005 9:54 AM Link To This Comment
I just changed the text right before the list stating that these twenty items were true. Thanks for the idea.
Guest wrote mm
on Wed, Mar 23 2005 10:49 AM Link To This Comment
mmmm
Guest wrote 20. Microsoft hotfixes are FREE of charge. (You just have to call the technical support number to get them.)
on Wed, Mar 23 2005 10:51 AM Link To This Comment
Even if you do not get charged for the request, you will need to have support contract
Thomas Koetzing wrote Re: 20. Microsoft hotfixes are FREE of charge. (You just have to call the technical support number to get them.)
on Wed, Mar 23 2005 11:03 AM Link To This Comment
>you will need to have support contract
No, you do not need a support contract to get a public HotFix.
jkenzig wrote Don't forget about MetaProfiles-it
on Thu, Mar 24 2005 10:38 AM Link To This Comment
Not trying to be an advertisement here but there is also another one out there in the market...Formerly by Emergent Online and purchased by Provision Networks just one more product out there of the many is MetaProfiles-IT at
http://www.provision-it.com/
JK
Jeff Pitsch wrote Re: Re: 20. Microsoft hotfixes are FREE of charge. (You just have to call the technical support number to get them.)
on Thu, Mar 24 2005 2:15 PM Link To This Comment
Citrix, on the other hand, charges for their limited release hotfixes.
Guest wrote Good, but missing some steps
on Thu, Mar 24 2005 2:22 PM Link To This Comment
I didn't see anything relating to the PsSson and SSONSVR.exe.
Guest wrote Re: 20. Microsoft hotfixes are FREE of charge. (You just have to call the technical support number to get them.)
on Thu, Mar 24 2005 2:25 PM Link To This Comment
Not true, I called and got a hotfix from Microsoft today... All I had to give was a name and a number.. No support contract needed.
Guest wrote Re: yep
on Thu, Mar 24 2005 2:26 PM Link To This Comment
Not all apps are .msi... You're better off with something like altiris.
Thomas Koetzing wrote Re: Good, but missing some steps
on Thu, Mar 24 2005 5:44 PM Link To This Comment
As said, this article can’t cover all aspects and every detail of the logon and logoff processes.
Not everyone is using the Citrix single sign-on service (SSONSVR.exe) etc.
Guest wrote Hey this article made Bink.Nu
on Thu, Mar 24 2005 10:37 PM Link To This Comment
Congrats guys...
http://bink.nu/Article3695.bink
Michael Rueefli wrote Re: Re: I think that's okay now
on Fri, Mar 25 2005 6:35 AM Link To This Comment
At least with MPS3.0 and MPS4.0 the option to start apps without waiting for client printers to be created works fine. Sometimes you have to disable this option eg. in case a published application does not autoregfresh windows printers and has the need to see one at startup to run correctly.
David Harris wrote Re: Re: 20. Microsoft hotfixes are FREE of charge. (You just have to call the technical support number to get them.)
on Fri, Mar 25 2005 7:42 PM Link To This Comment
I actually just spoke to an MS tech today about this. The non-public hotfixes (i.e. contact MS tech support to get it) are just as free as the public ones. They just want to make sure you realize they are not fully regressed and/or may not fix the very specific problem you want them for.

More to the point, you think it's risky installing a public hotfix? At least public hotfixes have some level of knowledgebase behind them (even if it's not in the public KB). The non-public hotfixes are risky enough that MS doesn't want someone to just download them and install without reading the fine print (that never happens, right? :). One a scale of 1-10 I consider a public fix to already be a 9+ risk factor (i.e. don't install if I have plans for the weekend). Non-publics must fix a problem for me that is much worse than spending an entire weekend on the phone with tech support.
Guest wrote RE RE RE kick him in the knee
on Sat, Mar 26 2005 10:03 AM Link To This Comment
Ummm...for a newbie with Citrix, I was glad for an article like the three amigo's posted, but after reading the comments I am now more the confused.

Can you like an earlier poster put it in a simpleton layout? Myth first, then truth.
#1 Myth blah blah blah
#1 Fact blah blah blah
and so on.

cheers
tom
Guest wrote Re: RE RE RE kick him in the knee
on Sat, Mar 26 2005 10:16 AM Link To This Comment
Oh one more silly question, but is point #1 a myth or fact? If one reads your intoductory paragraph -

"Therefore, we’ve written this “Top 20“ list of misunderstandings. Contrary to what you may believe, all of these 20 statements are TRUE."

How can a misunderstanding be TRUE? Sounds like MS doublespeak to me.

If point one's misconeption is TRUE - then Citrix IS an add on to Terminal Services and not a stand alone product? What about Novell, Linux, or Apple users, they would need Terminal Services to run then...not.

cheers
tom

Guest wrote Most comments already fixed on 2.0.3
on Sat, Mar 26 2005 11:47 AM Link To This Comment
Just want to let everyone know that most of the things mentioned (example, adding IP addresses with wildcards, saving complete registry keys, logging everything to a file/event log, etc) were already fixed on version 2.0.3. The user guide should be up soon and will be part of the application download in PDF format. We added a bunch of things as well. Check it out at http://www.terminal-services.net/wtsprofiles.asp. Thanks!

Cláudio Rodrigues
http://www.terminal-services.net
Guest wrote Re: Re: Re: Re: #8 and #3
on Sat, Mar 26 2005 12:41 PM Link To This Comment
actually there is a registry hack for TS2003 to use a W2k-Server as licensing server - just ask M$ for the hack they give it away
Thomas Koetzing wrote Re: Re: RE RE RE kick him in the knee
on Sat, Mar 26 2005 1:01 PM Link To This Comment
>Citrix IS an add on to Terminal Services and not a stand alone product?
Yes Citrix MetaFrame, that is the software part that you install on the server side, is only an add-on for Microsoft terminal services in application mode.

>What about Novell, Linux, or Apple users
They use the Citrix ICA client NOT MetaFrame!

Thomas
Steve Hilsman wrote Maybe Unix also
on Sun, Mar 27 2005 11:29 AM