Saturday, November 19, 2011

How to Launch Citrix .ica files Using Google Chrome

Updated: 10/19/2013

One of the problems you may face when launching a Citrix Application in Google Chrome is that .ica may not launch automatically. This is what you have to do to make it work. (Tested only on Citrix XenApp 6.0/6.5)

Option A:

1. Login to your Citrix XenApp web interface public facing website.
2. Click on a Citrix application to launch.
3. The file will "download". Click on the arrow and select "Always Open Files of this Type"


4. Click on the name of the application and it will launch. [Optionally, after selection. Launch the item again from Citrix. It should launch]

Option B:

* Usually for people that can't seem to launch anything in Citrix XenApp
* Mac User's. Just make sure that you have Citrix Receiver for Mac (11.8) Installed and after completing Option A. *You "shouldn't experience issues", it seems to be a Windows issue.
1. Click on the tool option and select options (Windows/MAC - Settings)


2. Settings => Show Advanced Settings => Content Settings => Plugins Select the option underneath "Disable individual plug-ins... (**Optionally, just type in "Content" in the Search Bar under settings)


3. Disable Citrix Receiver. Close the settings browser and then log back into Citrix. Launch an application. It will now work flawlessly. 


(FYI. Make sure you complete Option A if you have not before launching an application after completing Option B.)

4. Download the latest version of Citrix Receiver from the Google Chrome Web Store:
http://www.citrix.com/downloads/citrix-receiver/other-platforms/receiver-for-chromebook-111.html

***Disclamier: Citrix requires Storefront server to be setup and enabled by your IT Engineer/Citrix Administrator in addition to XenApp or XenDesktop. This "work around" by Citrix is a limitation that the company hasn't addressed on the actual receiver client technology itself. The other alternative is for Citrix to work with Google's Chrome team directly to have them fully integrate the .ica file technology into Chrome like Adobe's technology. Outside of this...you have to setup a Storefront server. Yes, it is a PITA workaround.*** 

Option C:

VMware fully supports Google Chromebooks and Google Chrome with VMware Horizon Suite 5.3 (Horizon Mirage 4.3 has been merged with VMware Horizon View) Formerly, VMware View.

VMware Horizon Suite 4.3 fully supports Google Chromebooks via a real HTML5 Application.

http://www.vmware.com/company/news/releases/vmw-euc-portfolio-10-15-13.html
http://www.vmware.com/products/horizon-suite/



1. Buy a Chromebook: http://www.google.com/intl/en/chrome/devices/chromebooks.html

2. Buy a Chromebox: http://www.google.com/intl/en/chrome/devices/chromebox.html

Share:

Friday, October 21, 2011

How to Launch Java using Google Chrome

Dell and many other vendors take forever to support modern browser technologies. They really need to keep up. Also, browser vendors have to pick up the slack for these slackers sometimes also.

When navigating to Dell DRAC or any other website that runs off of Java. You may run into a .jnlp error where you can't launch the file. This Java drop download and launch option doesn't work for Dell DRAC (But it does work for KVM's).

Here you go.

1. Log into Dell DRAC and click on launch:

2. Go to your downloads folder and change the extension at the end of the file. (Just click on it and at the end of the file type .jnlp and hit enter) This will make the file a JNLP file.

3. Double-click the filename and launch:


Yes. It's a pain in the neck workaround, but until Dell test's it or Google fixes launching Java files. This is what will work.


Share:

Tuesday, July 12, 2011

How to Add a LDAP Server Symantec Endpoint Protection

One of the things that many customer's run into or IT professionals is locating how to actually add an LDAP server to Symantec Endpoint Protection. It is a little bit of a really clunky process which is a testimony to lack of Symantec Research and Development Budgeting. Here you go!

1. Install your Windows 2008 Server for SEP and make sure server is joined to your domain.
2. Install Symantec EndPoint Protection (Latest Release) v.11 is used for this tutorial.
3. Admin > Servers > Local Site > {Your Server for SEP} > Edit Properties > Directory Servers




















4. Add your Active Directory LDAP Server. (Replication Tab is for other DC's, etc).

Share:

Monday, June 20, 2011

How to Create GPO Mapped Drives in Windows 2008 R2

Do you need to create a GPO Mapped Drive for Windows 2008 R2?


NOTE: If you are still using Windows XP (SP3 is the Only Supported version from Microsoft) Desktops. You must install this patch via WSUS (Windows Update) in order for GPO Drive Mapping on a Windows 2008 R2 Domain to work: KB943729


http://support.microsoft.com/kb/943729


Quick a dirty:

1. Create your AD
2. Create your GPO Groups in AD and make them simple and human readable please people...
3. Now the fun stuff...






5. Tweak to your needs!

Have fun...
~MigrationKing


Share:

Saturday, June 18, 2011

Active Directory Bulk User Import - Using DSAdd User

Need to get a lab live? If you are tired of waisting money and hours on Google searching for Active Directory User Import Tools and commands, just use this Excel File to run a bulk of users in a batch file from PowerShell or Command Prompt.

Here is the dsadd user command that will be created by the excel file by just adding your users and department OU sections:

dsadd user "cn=Migration King,ou=Users,ou=IT,ou=Departments,dc=us,dc=migrationking,dc=com" -fn Migration -ln Migration -samid MKing -upn MKing@migrationking.com -display "Migration King" -pwd P@ssw0rd -mustchpwd yes -disabled no

(For people that submit tweaks and fixes, please email support @ migrationking.com and we will add your edits and your name showing who submitted the correction/edits).
1. Option A: Sign into Google Docs and Copy the template. http://goo.gl/Lpsl7
1a. Option B. Download a local copy if you are still absolutely addicted to Microsoft Excel.
1b. Option C. Fill out the data, check it and then just export the Text File to Create the Batch file for AD.

2. Add Your Users and OU Information for your Department and Users (KISS as a rule for AD Departments)

3. Modify =CONCATENATE if you are overly complex and super corporate, if not drop in your data under "AddActiveDirectoryBulkUsers" sheet.

4. Check the "BulkUsersSourceFile" to see that data is populated correctly.

5. Review the "ExportTextFile" script lines for accuracy (saves a headache later). Then export.

6. Option A: Create a .bat file from Notepad File you exported and then run this from Command Prompt.

7. Option B: Spartan Style! Copy and Paste right into PowerShell Window

8. Verify accounts on your Domain Controller (onsite or via RackspaceCloud Servers if your in the cloud)

Booyaaahhhh!!! Your done. Wasn't that fast and easy? And you didn't have to crack out your credit card or beg your manager to buy you some complicated program for Active Directory Imports.

Now, start setting up Google Apps Directory Sync for Google Apps for Work Implementation.

* There are multiple options to use for Production environments at scale. Group policy has a lot of flexibility also. Here are some good programs for AD Import and Export:

Level I (I can rock this out during lunch!)
Levels II (I can get through this in a day or two...or three)
Levels III (OMG It's Complicated! WHAT were they thinking when they released this??!)

Level I. ActiveDirectory Import - http://www.activedirectoryexport.com/ScreenShots.aspx
Level II. ManageEngine - AD Bulk Users (Their URL is too long, here's a link)
Level III. ScriptLogic - http://www.scriptlogic.com/products/activeadmin/

PluralSight Training: http://goo.gl/roo8Y

* Everything here is best advice and at your own risk so if you break something, please don't blame us. Have fun! ~MigrationKing
Share:

Wednesday, May 4, 2011

How to Install VMware Tools in Ubuntu 12.04LTS

This is a quick down and dirty on installing VMware tools in Ubuntu 12.04LTS on VMware ESX 5.1 Installation was conducted on a Virtual Machine to create a Ubuntu 12.04LTS Server template.

1. Download Ubuntu 12.04 LTS - http://www.ubuntu.com/download/server/download - 64-bit
2. Knowledge of mounting .ISO inside of Datastore on VMware vCenter 4.0+ is assumed.
3. Install Ubuntu 12.04LTS Server to your specifications for your template. I am using LVM + 512MB
4. sudo apt-get update && sudo apt-get upgrade
5. sudo mkdir /media/vmware
6. sudo mount /dev/cdrom /media/vmware
7. cp /media/vmware/VMware*tar.gz /tmp | cd /tmp
8. tar xzvf VMware*.gz
9. cd vmware-tools-distrib
10. sudo ./vmware-install.pl
11. Accept all defaults
12. sudo reboot and Enjoy....
Share:

Sunday, April 3, 2011

How to Setup iSCSI on Windows 2008 R2 Server

Configuration: VMware vSphere 4.0, ESX Hosts, EMC AX4-5 Celerra's, 2 HP Proliant DL380G7 Servers for Veeam 5.0.2 Backup and Replication (1 Server for Main Office and 1 for Collocation Datacenter Site), 2 Cisco Switch (Storage Switch) Main/Collocation Site configuration, Qlogic iSCSI HBA Server Card connectivity to SAN's.

Goal: Connect iSCSI HBA Cards to SAN through iSCSI Initiator on Windows 2008 R2 SP1 Servers.

1. Go to the QLogic website (HBA Drivers Website) if it is an OEM choose EMC, NetApp, etc. This tutorial is for a QLogic EMC HBA. (This is tested to work for Dell PowerEdge/HP Proliant Servers)

Driver Download Link

1a. You will also need to download the EMC PowerPath Server Utility for Windows Server x64 (2008 R2). And make sure that you download and install the Navisphere Server Utility (Windows/VMware) - [Just register your server in Navisphere if you have already configured your AX4-5]

2. Install the drivers and you should now see QLogic iSCSI Adapter under Storage Processors in Device Manager.

3. You can use SANSurfer for QLogic to configure the cards (Recommended) or you can change the configurations on the QLogic iSCSI Adapter itself. I had to many problems from the Driver configuration Window, so just download and use SANSurfer. The password is 'config'.

4. Check your settings on the SAN for iSCSI since your configurations of SANSurfer, you must make sure you can ping your SAN IP first before doing anything.


4a. Make sure you can ping your SAN from the Device Manager QLogic iSCSI Adapter. Make sure that the IP is on the same IP Subnet as the SAN. If it is 10.10.1.XX, then your iSCSI card has to be on 10.10.1.XX to communicate. Make sure that the server switch is setup right also! If you can't ping, FIX THIS FIRST!!!



5. Ok. Now you can ping the SAN's IP Port of 10.10.1.11 (or whatever) with your Server iSCSI IP of 10.10.1.50. Great. Now, let's configure Windows Server 2008 R2 SP1 iSCSI Initiator.

5a: Open iSCSI Intiator. 
5b: Click on the Discovery Tab. 
5c. Click on Discover Portal
5d. Enter the IP Address of the SAN (#4 Above) 
5e. Select the Local Adapter (your iSCSI HBA Card) and the iSCSI IP (Troubleshooting Tip: If no IP is showing or it is showing all 0000:0000:000 just pick it anyway. Make sure it is the right HBA by selecting the same from the same Adapter row. So...if it is the 2nd iSCSI Adapter HBA, pick the 2nd Initiator IP option...OK?) 
5f.  If you are using CHAP/Initiator Authentication use your iSCSI Intiator (Make the Initiator the default or be warned of plenty of SAN Configuration Headaches)


 6. Click on Volumes and Devices and click on Auto configure. It will come up with gobbledegoop. This is when you have to go to Disk Management and Configure the SAN Drives as NTFS (Troubleshooting Tip: NTFS 101: If the SAN LUN was/is used for anything else, it will not let you format the drive or Initialize  the disk, so NO you will not be sharing this LUN, it will need to be dedicated to format and use. So do not waist time trying to get it to work.)

6a. (Troubleshooting Tip: I highly recommend naming the HDD properties by the SAN LUN Name for Troubleshooting and problem resolution later.)










Share:

Thursday, February 24, 2011

How to set up Remote Desktop Services on Windows 2008 R2

Ok...Microsoft threw Terminal Server under the bus and named it Remote Desktop Services and completely changed how your register the licenses! Here is the How-To so that it doesn't get on other people's nerves as much as it did me when trying to activate the licensing with Microsoft's Technical Support. Which was absolutely no help at all. Yes, after 4 transfers, I just went ahead and figured it out myself:

1. Open Server Manager. Install the Remote Desktop Services Role
2. Listen...Just follow the pictures below! It is 22 Steps!
3. Next are all of the steps...I am going to save you some Money $$$ on a support call! =)

























Share:

Configure rsyslog on Red Hat Enterprise Linux 6 (RHEL6) for Cisco Switches

One of the problems that you can face during configuration of cisco switches for Red Hat Enterprise Linux 6 is the correct formatting. I had to go through this and make sure it is working for Sonicwall and Cisco Switches so here you go! Also, if I were you, I would add a disclaimer to let someone else know about or not to change the configurations.

1. create your file under /var/log/
2. [username@servername log] touch cisco-example
3. Next you have to Edit rsyslog
4. [username@servername log] vi /etc/rsyslog.conf


#### RULES ####

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  /var/log/maillog

# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 *

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log

# Cisco Switch Logging
:fromhost-ip, isequal, "192.xxx.xxx.xxx""    /var/log/cisco-example1
& ~
# Cisco Switch Logging
:fromhost-ip, isequal, "192.xxx.xxx.xxx""    /var/log/cisco-example2
& ~
# Cisco Switch Logging
:fromhost-ip, isequal, "192.xxx.xxx.xxx"    /var/log/cisco-example3
& ~
# Cisco Switch Logging
:fromhost-ip, isequal, "192.xxx.xxx.xxx"   /var/log/cisco-example4
& ~
# Sonicwall Firewall Logging
:fromhost-ip, isequal, "192.xxx.xxx.xxx"      /var/log/sonicwall
& ~

5. Make sure your UDP Port is open in /etc/sysconfig/iptables
6. Add the following lines to your /etc/sysconfig/iptables
7. [username@servername log] vi /etc/sysconfig/iptables
# Port for Syslog Communciations on UDP Port 514
-A INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT

8. service iptables restart
9. service rsyslog restart
10. tail -f /var/log/cisco-example or whatever you are logging to make sure it is writing to your logs.
11. Install Splunk on a VM or another server and start generating some super reports from the logs for your management so that they will love you!

NOTE: If you can't tell what "&" is, it is the ampersan symbol above #7 on the keyboard. =)

Red Hat Reference Article: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/ch-Viewing_and_Managing_Log_Files.html
Share:

Wednesday, February 23, 2011

Configure Debian Rsyslog for Cisco Switches and Routers


Quite often Network Administrators are obligated to keep logs from their cisco devices, either for troubleshooting or due to be compliant with IT Security Policy. In this article I will describe fast and easy way to setup saving logs from your Cisco devices to rsyslog server on Debian Linux.

The first step is to edit rsyslog configuration file. Open /etc/rsyslogd.conf and add following line
# # Logging for Cisco router 192.168.1.1 # local7.* /var/log/cisco
local7 is the default name under which cisco devices logs their messages. /var/log/cisco specifies the file to which messages will be written. You also have to uncomment / add below lines which will enable rsyslogd to listen on UDP port 514.
# provides UDP syslog reception $ModLoad imudp $UDPServerRun 514
The last change you have to make to rsyslog.conf is to allow your cisco device to write to it, that is done using below entry in rsyslog.conf
$AllowedSender UDP, 127.0.0.1, 192.168.1.1
Then we create the log file by utilizing the touch command
linq:/etc# cd /var/log linq:/var/log# touch cisco
After we made all changes we just have to restart rsyslogd service to implement them.
linq:/var/log# /etc/init.d/rsyslog restart Stopping enhanced syslogd: rsyslogd. Starting enhanced syslogd: rsyslogd.
To start writing messages from our router to syslog server we need to configure logging. First we configure our syslog server ip by using logging host command. We can filter the number of messages being logged by using logging trap command. All available options are summarized in the table below.
Login to the router: z-acte#conf t Enter configuration commands, one per line. End with CNTL/Z. z-acte(config)#logging host 192.168.1.19 sequence-num-session z-acte(config)#logging trap 7
logging trap 7 will set logging to debug level
Sometimes we may additionally need to log all nat translations, which can be enabled by using the ip nat log translations command.
z-acte(config)#ip nat log translations syslog
Table with logging levels
LevelKeywordDescription
0emergenciesSystem is unusable.
1alertsImmediate action is needed.
2criticalCritical conditions exist.
3errorsError conditions exist.
4warningsWarning conditions exist.
5notificationNormal, but significant, conditions exist.
6informationalInformational messages.
7debuggingDebugging messages.
To check that everything works correctly issue below commands
z-acte#debug ip packet
In your log on Linux you should see entry similar to the below one:
Feb 24 03:40:45 192.168.1.1 187368786: [syslog@9 s_sn="186126345"]: 188251944: *Feb 24 03:34:30.023 PCTime: IP: tableid=0, s=192.168.1.1 (local), d=192.168.1.19 (Vlan1), routed via FIB
To disable packet debugging use below commad
z-acte#no debug ip packet
To check that NAT translations are being logged correctly issue ping command from any host on your network to a remote host, which should generate entry similar to below
Feb 24 03:43:16 192.168.1.1 187368860: [syslog@9 s_sn="186126419"]: 188252014: *Feb 24 03:36:59.631 PCTime: %IPNAT-6-CREATED: icmp 192.168.1.2:4 62.89.67.179:4 212.77.100.101:4 212.77.100.101:4
The last step is to save our router configuration.
z-acte#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK]
Share: