Citrix ShareFile : More files per zone

by 1 Comment

Citrix ShareFile Files can be hosted in the Citrix Managed cloud, or a Customer Managed Cloud. For a Customer Managed Cloud a StorageZone Controller needs to be placed within the boundaries of your own datacenter. Up to and including StorageZone Controller version 2.2, Citrix Sharefile stored all the files within one single folder. In very large environments this could lead to some challenges due to the large amount of files within one single folder. Some time ago I wrote a blog “Citrix ShareFile : Lessons learned in real life“, in which I discussed the maximum number of files supported by the storage array.

Up to and including StorageZone Controller 2.2 all zone files were stores in a single folder.

Recently Citrix ShareFile released a new StorageZone Controller version 2.3, which contains some interesting new features:

  • More files per zone
  • File upload latency testing

With this new release, according to the eDocs StorageZone Controller version 2.3 is able to handle more files per zone. Unfortunately the documentation about this new feature is limited. Let me start to explain how ShareFile accomplished this, how to enable and configure this new feature.

By default the feature to support more files per zone is switched off. To enable this new feature you need to update a registry key on all StorageZone Controllers in your zone.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeCitrixStorageCenter]
"PathSelection"="1"

Read More →

Citrix XenMobile with Apple Volume Purchase Program (VPP)

by 1 Comment

To simplify paid content (Apps / Books) Apple introduced the Volume Purchase Program (VPP), which makes it very easy to centrally purchase and distribute content for employees. The Volume Purchase Program was available in America for some time now, but recently Apple added several additional countries, including the Netherlands. For a complete list of supported countries take a look at the VPP Site ! Once enrolled for the Apple Volume Purchase Program you need to configure the Citrix XenMobile Device Manager for VPP. In this article I’ll go into the Citrix XenMobile Device Manager configuration in combination with the Apple Volume Purchase Program (VPP).

VPP Company Token

Start to sign in to the Apple Purchase Program site and select “Account Summary”, to open the detailed account information and display the “Managed Distribution” section.

VPP-Account

Within the account summary page scroll to the section “Managed Distribution” and select Download Token to retrieve your VPP token:

VPP-Token

Read More →

How to Recover files and folders in Citrix ShareFile (Customer Managed StorageZone)

by 2 Comments

ShareFile consist out of two different storage location, the Citrix Managed and the Customer Managed. The first one, the Citrix Managed storage location is hosted by Citrix in their public cloud. The second one, the Customer Managed storage location is hosted by the customer in his own datacenter. In this article I’ll go into the backup and restore procedures for the Customer Managed StorageZone.

Recycle Bin / Retention

Before I’ll go into the backup and restore process, let me clarify how ShareFile processes deleted files and folder. Every file being uploaded to ShareFile is registered in the ShareFile Metadata. In case of a customer managed StorageZone, the ShareFile cloud only contains the metadata, but not the actual files. These files are stored within your datacenter. When a file or folder is deleted from ShareFile it will be kept in the recycle bin for 7 days, within these 7 days its very easy to recover files. After 7 days the deleted files and folder are purged from the recycle bin and permanently deleted from the persistent storage folder. Unfortunately the 7 days recycle bin retention time cannot be changed, it’s hard coded.

The 7 Days Recycle Bin retention time is hardcoded at this time

Read More →

Demystifying the ShareFile StorageZone Controller PassPhrase

by 16 Comments

While setting up the first ShareFile StorageZone Controller you need to enter a Passphrase. The Passphrase will be used to protect your file encryption key (SCKeys.txt) which is located in the CIFS root folder. Without the Passphrase you won’t be able to add additional StorageZone Controllers, reinstall or recover the current StorageZone or create configuration backups. A running StorageZone controller will still work fine, but you can’t make any changes. I can’t stress out the importance of this passphrase!

Be sure to archive the ShareFile Passphrase and encryption key (SCKeys.txt) in a secure location 🙂 !

Of course you will archive the ShareFile Passphrase and encryption key (SCKeys.txt) in a secure location, but in case the ShareFile Passphrase gets lost Citrix won’t be able to help. According to the eDocs and ShareFile support the Storage Zone should be considered as lost.

Citrix support won’t be able to recover your Passphrase!

Read More →

How to improve the Citrix NetScaler monitor for ShareFile

by Leave a Comment

When designing environments, we always think about the high availability of the different components. Two is one, one is none! So when designing a ShareFile environment I want at least two StorageZone Controllers (SZC) for every StorageZone. Because most Citrix environment already contain a NetScaler it’s my preferred method to also use the NetScaler for load balancing the StorageZone Controllers. Nowadays the Citrix NetScaler has some nice wizards build in to assist you deploying the ShareFile configuration.

Two is one, one is none. Load balance the StorageZone Controllers!

The wizard however will use the “tcp-default” monitor to check the service state. This means the NetScaler appliance establishes a 3-way handshake with the monitor destination, and then closes the connection, to check if the destination is up. Although this is configured by the wizard and a best practice, I believe this is a weak spot in my HA setup. I have seen situations where the SZC server was running, but the ShareFile services were not responding correctly. A simple tcp monitor will not notice this!

The NetScaler ShareFile wizard uses the default tcp monitor

Read More →

Citrix ShareFile : Lessons learned in real life

by 6 Comments

After being involved in several small an midsize Sharefile environments I recently migrated a Enterprise customer to ShareFile. They had a great vision in terms of flexible working, which was really nice, but very challenging from a technical perspective. Beside the number of users, this customer didn’t start with ShareFile as a greenfield environment, but decided to migrate all data into ShareFile. The customer didn’t want to use CIFS or ShareFile connectors, all data had to be placed into on premise Storage Zones.

Data would be accessible only through ShareFile, no other file services would be offered

Clients

Although Citrix ShareFile offers a client for almost every platform, the different clients don’t have the same functionality. For example the Windows and Mac OSX Client are not able to display the ShareFile CIFS connector. We were told Citrix has a different vision/idea about a classic Windows/Mac OSX client, on these clients users are supposed to use a classic drive mapping. From a user perspective I hope ShareFile will add this functionality in a upcoming release of the Windows and MAC OSx clients, one interface for all data across all clients is much simpler and transparent for end users!

The “Sync for Windows” & “Sync for Mac” client don’t support CIFS Share integration

For Mac OSX and mobile devices the client to choose is evident. There is only one choice. For Windows it is a different ball game. Windows has several options available:

In our case we have chosen to use the “Sync for Windows” client on all Windows devices in the environment. An environment which exists of desktops, laptops and a Citrix XenDesktop farm. For desktop and laptops the installation was pretty straight forward and we didn’t need to customize much. With the ShareFile preferences GUI, users are able to determine which folders need to be available for them, after which the selected files are cached offline. For a desktop or laptop I don’t mind the files being cached offline, for my Citrix XenDesktop server however I don’t want all users caching all files locally. Lucky the Sync for Windows client is RDS aware and behaves different, in this case on-demand sync is used! Because of the on-demand sync, we wanted to present all files and folder a user was authorized for. This could easily be achieved by using the ShareFileOn-demand.admx to configure the Sync for Windows client on an RDS server. We added all root RemoteFolderId’s to the On-demandFolderIds part of the policy. Users are presented a full list of files and folders to which they have access and are only synchronized when accessed.

ShareFile On-Demand Sync is designed for integration with hosted desktops and applications running in XenApp and XenDesktop environments. Unfortunately the on-demand sync options is not available on desktops or laptops, in my opinion this would be a nice addition

Read More →

XenMobile : Require Device Manager Enrollment

by 4 Comments

Citrix XenMobile Device Manager (MDM Edition) and the App Controller (App Edition) can be deployed separately or combined to form the Enterprise Edition. In the Enterprise Edition a connections needs to be configured between the Device Manager server and the App Controller so they can communicate with each other. Detailed information to Enabling Connections Between Device Manager and App Controller can be found through eDocs

A user who enrols a new mobile device is asked if Worx Homes needs to secure the device.

Enroll : Worx Home can secure your iPad in addition to your work apps. Do you want to enroll you device?

Enroll

At first I thought pressing “Yes” would be the only correct choice, when enrolling a mobile device, but some time ago I noticed pressing “No”  would also enroll the mobile device. The outcome would be quite different, but in both cases Worx Home worked. Pressing yes enrolled the mobile device within the Device Manager and App Controller, where pressing no only enrolled the  mobile device without the App Controller.

Read More →

Citrix XenMobile : Lessons learned in real life

by 14 Comments

During the implementation of various XenMobile sites I notice several customers run into the same problems. Problems and question which are being asked at the support forums as well. Sharing my “Lessons learned” hopefully helps others while doing deployments of Citrix XenMobile.

Pre-Installation Checklist

In many cases a pre-installation checklist is a nice to have, but not really necessary for installing a product. In case of Citrix XenMobile this is an absolute must have, before starting the project. There are many dependencies, without it you are not able to do a efficient installation.

Make use of the Pre-Installation Checklist Citrix offers !

Test Hardware
Get hold of a test device, it’s not convenient to use your own production device during the test / installation fase. Several XDM deployments use different ROOT CA’s, which are not able to work next to each other. First you have to deleted your current profiles, before you can re-enroll the device to a different environment. Durings configuration and tests I would also like to test the geo-fencing options, including a full-wipe of the device. Not something you would want to test on your own production device.

Get a test device for every platform you need to support

Apple Mac OS X
To manage iOS and Android applications from within the AppController, applications (.ipa/apk) need to be wrapped. For wrapping applications Citrix provides the MDX Toolkit, which unfortunately only runs on Mac OS X. The MDX Toolkit doesn’t work on a virtualized Mac OS X, you need real Apple hardware for this.

The MDX Toolkit requires a Mac Mini, MacBook Air, or other Mac Device

Read More →

Windows 8.1 RT how to and challenges with XenMobile

by 3 Comments

Last week I upgraded our production XenMobile environment to version 8.7, after which I wanted to enroll a Windows 8.1 RT. Unfortunately there is no Worx Home application in the Windows Store, nor does Citrix offer a WorxMail of WorxWeb client. The Windows 8.1 enroll process is slightly different than a iOS of Android device and can be found in the eDocs. Ok, let’s enroll a Windows 8.1 RT and let us see what we can do with it.

Click “Settings”                                                               Click “Change PC Settings”

XD87-016    XD87-017

Read More →

How to load balance the Device Manager in XenMobile

by 1 Comment

Lately, more and more customers are asking for a solution to manage their mobile devices. While discussing the Citrix XenMobile architecture question regarding High Availability (HA) and Load balancing (LB) are crucial for a solid design. How to configure the Citrix AppController for HA & LB is pretty straightforward and well documented. The Citrix Device Manager however is a different ball game and the documentation isn’t very clear. A full architecture with High Availability should look something like this:

Image

The eDocs states:

Configure the Windows servers as a cluster, while the installation instructions tell you to configure a Tomcat cluster

The Citrix Reference Architecture for XenMobile 8.7 doesn’t mentions a Windows Cluster.

can be configured with multiple servers load-balanced behind a NetScaler appliance or another hardware load-balancing solution. The Device Managers work in an active-active configuration. In this environment, ports 80, 443, and 8443 are load-balanced. For SSL connections (ports 443 and 8443), make sure to turn on SSL session persistence in the load balancing rules. XDM requires a shared SQL server and NTP configured on each server.

At first I was a bit confused about all the different parts of information, what information is correct and what information is not? I contacted Citrix hoping to get a straightforward answer. Citrix came up with the following high level guidelines:

  1. Install for example two standalone XDM server (No MS Clustering)
  2. Place a network load balancer in front of the XDM server. In my case this will be a Netscaler (NS).
  3. Install/Configure the first XDM server and LB on the NS with only one XDM server active
  4. Test if the setup works as a expected
  5. Install/Configure the second XDM server and cluster (Yes, a Tomcat cluster) the two XDM servers as described in the installation guide (forget the part about the MS clustering).
  6. Configure the NS LB to support both XDM servers (Don’t forget session persistence)
  7. Retest if the setup still works as expected

Following this guidelines I was able create a fully working load balanced configuration for the XDM servers. For information about scaling a XenMobile environment take a look at this Citrix Blog!