/images/android-chrome-192x192.png

Citrix Virtual Desktop Agent Upgrade

Somewhere down the line, Citrix Admins need to upgrade their Citrix Site from one version to another, Example, from XenDesktop 71.5 LTSR to CVAD 1912 LTSR. For Citrix site upgrade, we have to mount the product ISO in Citrix server and run the setup file. But What about VDIs? Based on your company’s VDA usage, you may have hundreds to thousands of VDIs in your company. How do you upgrade VDA agent on all those VDIs?

Install Hugo, Create site and Host on github pages. Finally, Automate with github actions - Part 1

Images by Susanne F, Clker-Free-Vector-Images from Pixabay, and my own customization. I have used a few hosting websites like Hpage, wordpress.com, etc.. for a long time. But I wanted to host my website on something free and fast. I thought of using GitHub pages, but converting my WordPress site to Github pages was a very big task for me. I was looking for easy to use software to generate MD pages.

Auto Deploy new VDI in xendesktop catalog

As part of day to day tasks, one of the major activity for citrix admins is to maintain free VDIs in xendesktop delivery groups. If we dont have registered free VDI machines, and when new users try to connect to VDI, they would get errors like “Cannot start VM”. So, we have to make sure we have enough free VDIs in delivery groups. As a part of this process, I wrote a powershell script that would auto provision new VDIs to a given catalog and add them to delivery group.

Citrix Workspace for Mac Disable Autoupdate

In order to disable citrix workspace for mac software auto update in macbook, run below commands on elevated macbook terminal. 1 2 3 4 5 6 7 8 9 # To view all com folders for citrix sudo launchctl list | grep com.citrix /Library/LaunchDaemons - com.citrix.ctxworkspaceupdater.plist - rename it to _old /library/application support/citrix receiver/ctxworkspaceupdater - rename it to _old /library/application support/citrix receiver/Citrix Workspace Updater - rename it to _old Open citrix workspace and check for updates.

Netscaler Looping Back to Login Page

Issue: Randomly on netscaler 13.1 51.15, 13.0.71.44 to 13.0.85.15 versions, when users open citrix netscaler gateway portal page, enter their credentials and click signin, they are redirected to the citrix netscaler gateway portal page again with username and password prompt instead of logging in and showing the applications/desktops. Solution: Goto your storefront server, select stores to the left, and select “manage receiver for web sites” option to the right. select your receiver for web URL, click configure.

Cannot Complete Your Request

Issue: After logging into netscaler gateway portal, users get “Cannot complete your request” error. Solution: You should be able to ping your storefront base URL from your storefront server. If not, you ll get “there was an error during a resources list request” error in your storefront server. End users will get “Cannot complete your request” error after logging into the netscaler gateway portal. You will have multiple storefront servers for your citrix site.

No Apps Available to You

Issue: When you login to storefront or netscaler gateway, users would end up in “There are no apps or desktops assigned to you at this time” error. Solution: There are multiple solutions to this error. First check if user is added to the delivery group (if restricted groups or users has access on delivery group) Add user to the application If your storefront is configured as https on netscaler session policy, make sure you have certificate installed on the storefront.

CVE-2023-4966 and CVE-2023-4967: How to Protect Yourself from Exploitation

Introduction CVE-2023-4966 and CVE-2023-4967 are critical and high-severity vulnerabilities, respectively, that affect NetScaler ADC and NetScaler Gateway from Citrix. These vulnerabilities can be exploited to disclose sensitive information or cause a denial of service (DoS) condition on affected devices. CVE-2023-4966 is a sensitive information disclosure vulnerability that can be exploited by an attacker to remotely access sensitive information from vulnerable NetScaler ADC and NetScaler Gateway appliances. This information may include usernames, passwords, cookies, and other authentication credentials.

Netscaler STA/Service-monitor Down

Issue After logging into netscaler gateway, we received “Http/1.1 Internal Server Error 43531” error. Upon looking at the configuration, STA server in the netscaler gateway is marked as down. DDC and storefront are installed on same server. Under traffic management/lb vip was also marked as down and the storefront service group in that lb vip was down. All the probes sent to that STA/storefront server were not successful. TCP-default monitor was attached to the storerfront service group.

Netscaler Adc Http/1.1 Internal Server Error 43549

Issue: upgraded netscalers to 13.1 49.13nc version. Post upgrade, when netscaler gateway vip is accessed from browser, it showed “Http/1.1 Internal Server Error 43549” error. Solution: If you are using AAA auth profile, you should have authentication vserver, and advanced authentication policies in it. Check if all the required advanced authentication polices (LDAP, RADIUS etc) are present in authentication vserver. In our troubleshooting, we found that advanced authentication policy was missing in the authentication vserver.